Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          ZE6r0FOxFU5Fs5JknhTSBW/k/gz4JzxbDqnhhIBW/XQ=
Subject key identifier:   91:61:94:2A:22:C7:FB:0E:C9:E4:19:D1:CB:83:7A:38:11:7E:24:07
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       0199FCFD7D2BE2BE1B50B9C0DBCB1053211F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          0674
Signing time:             Sun 19 Oct 2025 15:01:35 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:35 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:35 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: OudHbxyMEbdjXkggcQcRK+li9zoEyFoOpSep9Y4EP/4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:7d:2b:e2:be:1b:50:b9:c0:db:cb:10:53:21:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Oct 19 15:01:35 2025 GMT
            Not After : Oct 20 15:01:35 2025 GMT
        Subject: CN=9161942a22c7fb0ec9e419d1cb837a38117e2407
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a3:b0:11:c1:0c:59:20:e7:2e:d2:fd:34:a1:
                    01:56:c5:7f:51:4d:8d:89:2f:59:96:6b:56:de:9c:
                    62:8e:36:70:b9:11:56:bb:cf:2a:a3:45:2b:2b:3b:
                    98:6e:9a:7a:3a:68:3f:5f:f5:da:11:f9:ae:c8:80:
                    cf:a1:4d:b0:6e:c3:c8:b5:73:3a:fa:4a:96:92:dd:
                    48:f2:8e:c2:39:a2:60:d1:8c:a0:94:3a:6f:79:f5:
                    bc:4b:ea:43:77:77:40:73:9d:f9:f3:ce:c9:a2:b7:
                    da:34:d0:f1:5e:1c:d8:e6:c4:3f:a6:8e:30:6a:87:
                    4b:af:9d:d0:f5:2e:8f:87:cd:cc:e5:79:d6:9e:00:
                    e4:a7:ef:2e:13:bc:4b:13:d9:66:b1:12:ae:f1:1e:
                    d3:1f:ea:62:a4:20:c3:cf:15:6b:02:e0:20:dc:ab:
                    99:d1:a6:8b:06:f6:c2:a1:37:d9:8a:82:83:1b:07:
                    8d:fa:cc:d4:47:67:f8:df:fc:e2:d9:79:c8:f5:36:
                    8d:18:1d:41:4f:28:45:12:14:93:98:44:68:49:bd:
                    d7:20:98:35:fd:04:8d:7f:1e:2c:33:aa:65:41:c4:
                    fe:6c:98:bb:82:4a:82:da:db:81:7b:72:41:58:df:
                    1d:96:7a:81:ef:bc:52:b7:f5:7b:d7:77:1d:a5:92:
                    3f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:61:94:2A:22:C7:FB:0E:C9:E4:19:D1:CB:83:7A:38:11:7E:24:07
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:51:7b:30:93:66:f1:bb:a1:cc:02:9b:e9:8e:db:30:3e:40:
         04:7c:1f:80:40:fb:f8:15:65:dd:70:1d:d2:e6:f1:c7:c2:e8:
         9c:b4:a5:bc:8d:5c:61:47:ba:3c:58:fa:1c:2f:93:a4:76:99:
         ee:6d:8c:38:cd:6b:39:d9:ea:29:b8:7f:1b:92:ba:0c:83:9c:
         3b:b1:36:03:c4:d5:48:15:ee:d7:06:50:be:9c:21:80:1e:c0:
         ea:1f:12:d5:31:b2:7e:50:63:77:ba:57:a3:13:76:54:41:61:
         ad:f0:a6:43:70:61:04:76:17:f6:98:3f:82:4c:84:fa:11:66:
         81:3a:12:2f:88:0d:b5:a1:ab:72:0f:7a:35:ed:d6:d7:55:02:
         25:70:90:79:4c:a3:2b:6d:75:50:46:20:26:f6:aa:2b:37:fb:
         b0:1e:ec:b0:31:a4:22:f8:97:ac:71:49:62:4e:80:44:4a:9c:
         b8:fe:62:bf:75:4f:9f:19:eb:d5:06:3c:d5:2f:03:ee:40:85:
         61:8f:5d:fa:a5:60:a2:5d:0a:df:e3:d4:59:5d:95:fe:2f:98:
         3a:57:e2:e8:eb:76:a2:e2:84:85:cf:52:cc:e3:dd:93:78:cd:
         bd:11:2c:16:9b:f6:68:4e:2e:f7:43:75:89:f3:ab:57:13:08:
         80:30:34:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/X0r4r4bULnA28sQUyEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjUxMDE5MTUwMTM1WhcNMjUxMDIwMTUwMTM1WjAzMTEwLwYDVQQD
Eyg5MTYxOTQyYTIyYzdmYjBlYzllNDE5ZDFjYjgzN2EzODExN2UyNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKOwEcEMWSDnLtL9NKEBVsV/UU2N
iS9ZlmtW3pxijjZwuRFWu88qo0UrKzuYbpp6Omg/X/XaEfmuyIDPoU2wbsPItXM6
+kqWkt1I8o7COaJg0YyglDpvefW8S+pDd3dAc535887JorfaNNDxXhzY5sQ/po4w
aodLr53Q9S6Ph83M5XnWngDkp+8uE7xLE9lmsRKu8R7TH+pipCDDzxVrAuAg3KuZ
0aaLBvbCoTfZioKDGweN+szUR2f43/zi2XnI9TaNGB1BTyhFEhSTmERoSb3XIJg1
/QSNfx4sM6plQcT+bJi7gkqC2tuBe3JBWN8dlnqB77xSt/V713cdpZI/7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJFhlCoix/sOyeQZ0cuDejgRfiQHMB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwlF7MJNm
8buhzAKb6Y7bMD5ABHwfgED7+BVl3XAd0ubxx8LonLSlvI1cYUe6PFj6HC+TpHaZ
7m2MOM1rOdnqKbh/G5K6DIOcO7E2A8TVSBXu1wZQvpwhgB7A6h8S1TGyflBjd7pX
oxN2VEFhrfCmQ3BhBHYX9pg/gkyE+hFmgToSL4gNtaGrcg96Ne3W11UCJXCQeUyj
K211UEYgJvaqKzf7sB7ssDGkIviXrHFJYk6AREqcuP5iv3VPnxnr1QY81S8D7kCF
YY9d+qVgol0K3+PUWV2V/i+YOlfi6Ot2ouKEhc9SzOPdk3jNvREsFpv2aE4u90N1
ifOrVxMIgDA0uA==
-----END CERTIFICATE-----