Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          mb83DpftEiAtLojAYw8Fmynn5laUFkrqWwzenwLlHZw=
Subject key identifier:   05:3B:B1:F0:12:6D:E6:78:21:BF:4C:1F:24:3C:5F:64:6B:64:D7:B7
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       0198D583AF2EB21F797D4795EC12B2E2EFAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          05DB
Signing time:             Sat 23 Aug 2025 06:00:33 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:33 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:33 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: YZJBbqyDzPpQx1wUur2nJJMjLmdXAE0yI9L5IUC1/HM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:af:2e:b2:1f:79:7d:47:95:ec:12:b2:e2:ef:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Aug 23 06:00:33 2025 GMT
            Not After : Aug 24 06:00:33 2025 GMT
        Subject: CN=053bb1f0126de67821bf4c1f243c5f646b64d7b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:37:89:c4:67:38:6a:41:04:33:f5:38:07:9a:
                    0b:1f:e9:65:7b:b3:d4:95:59:10:76:80:71:54:25:
                    cb:fb:f3:c5:63:88:a4:03:dd:d0:9a:82:ef:13:5d:
                    0f:75:e4:d0:de:21:14:25:5a:6c:59:58:69:eb:f3:
                    0d:c1:a4:a1:ea:61:9a:d7:fd:18:76:38:ec:71:02:
                    d0:c9:e4:d8:57:e4:49:00:e6:10:39:96:32:5b:c6:
                    c5:4f:61:1c:4f:e7:5a:a0:7f:e0:30:71:1a:3a:26:
                    5c:89:9b:b4:b5:3b:7e:c3:f0:d6:06:f5:12:a9:58:
                    3b:af:57:1a:25:c2:11:22:4d:d7:03:1c:13:f1:d8:
                    eb:c2:6e:1a:4e:88:bd:71:1c:d2:24:a1:e0:02:28:
                    f7:95:58:85:da:9f:46:04:b9:c9:24:d5:14:48:d0:
                    9d:68:31:dc:ca:af:67:ae:ed:1f:67:d6:4e:2e:91:
                    7c:02:3a:a7:16:58:53:00:46:5f:0e:7a:64:81:4a:
                    2b:e4:cd:ca:b8:a7:e9:1f:44:3d:5d:77:e9:6a:c2:
                    46:ad:25:da:c4:6a:6b:e9:69:15:19:5a:01:a1:c7:
                    7d:f6:d7:62:ee:c7:de:a8:94:f0:98:31:89:71:03:
                    60:a7:87:23:38:ca:5c:f7:d0:48:85:6d:59:77:32:
                    5b:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:3B:B1:F0:12:6D:E6:78:21:BF:4C:1F:24:3C:5F:64:6B:64:D7:B7
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:c9:b6:4f:0e:d8:9f:49:dc:b8:3d:1f:ce:54:a9:b5:14:6e:
         8b:c4:6b:d7:70:74:7e:32:1a:db:1a:e9:91:f0:66:66:df:b4:
         eb:f7:51:58:71:aa:87:4f:7f:94:2b:75:78:f8:ef:4f:01:9e:
         f8:5a:ec:33:b6:e1:5e:ed:a4:0e:f1:5d:c5:8a:b6:00:e1:91:
         b0:07:84:82:f3:de:ee:6b:75:ee:5a:51:4e:ea:2e:69:44:74:
         f6:cf:ec:b3:2d:59:d4:65:8e:e8:86:66:7f:9b:47:9a:dc:16:
         23:72:5c:b7:6e:e1:45:c0:01:80:59:eb:b9:02:d6:8a:88:e3:
         c1:d0:97:e2:78:ec:7e:e6:4d:50:9d:40:59:8b:04:01:a8:2d:
         27:7a:4b:e2:4a:43:0d:d6:11:d7:49:05:d2:2c:18:40:8d:ff:
         fa:ba:d1:56:90:47:2a:dd:0f:31:77:62:c4:b5:e8:b1:2f:32:
         f3:65:6e:63:68:4e:15:b8:3a:a0:bf:4c:7f:d6:de:56:39:10:
         32:23:05:39:92:1c:05:5d:d7:72:65:e9:ab:1b:0d:9d:dd:82:
         aa:d1:b4:ac:17:b1:ac:84:e3:cc:15:aa:b6:cd:aa:fd:54:03:
         98:e6:38:7d:e1:03:2e:b9:99:cb:78:cd:cd:10:17:3f:89:88:
         3f:73:e4:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg68ush95fUeV7BKy4u+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjUwODIzMDYwMDMzWhcNMjUwODI0MDYwMDMzWjAzMTEwLwYDVQQD
EygwNTNiYjFmMDEyNmRlNjc4MjFiZjRjMWYyNDNjNWY2NDZiNjRkN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijeJxGc4akEEM/U4B5oLH+lle7PU
lVkQdoBxVCXL+/PFY4ikA93QmoLvE10PdeTQ3iEUJVpsWVhp6/MNwaSh6mGa1/0Y
djjscQLQyeTYV+RJAOYQOZYyW8bFT2EcT+daoH/gMHEaOiZciZu0tTt+w/DWBvUS
qVg7r1caJcIRIk3XAxwT8djrwm4aToi9cRzSJKHgAij3lViF2p9GBLnJJNUUSNCd
aDHcyq9nru0fZ9ZOLpF8AjqnFlhTAEZfDnpkgUor5M3KuKfpH0Q9XXfpasJGrSXa
xGpr6WkVGVoBocd99tdi7sfeqJTwmDGJcQNgp4cjOMpc99BIhW1ZdzJb2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAU7sfASbeZ4Ib9MHyQ8X2RrZNe3MB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfsm2Tw7Y
n0ncuD0fzlSptRRui8Rr13B0fjIa2xrpkfBmZt+06/dRWHGqh09/lCt1ePjvTwGe
+FrsM7bhXu2kDvFdxYq2AOGRsAeEgvPe7mt17lpRTuouaUR09s/ssy1Z1GWO6IZm
f5tHmtwWI3Jct27hRcABgFnruQLWiojjwdCX4njsfuZNUJ1AWYsEAagtJ3pL4kpD
DdYR10kF0iwYQI3/+rrRVpBHKt0PMXdixLXosS8y82VuY2hOFbg6oL9Mf9beVjkQ
MiMFOZIcBV3XcmXpqxsNnd2CqtG0rBexrITjzBWqts2q/VQDmOY4feEDLrmZy3jN
zRAXP4mIP3PkHQ==
-----END CERTIFICATE-----