Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          yXAwFARKTR608FhwMpLE9jObkA2e90lnpMsPSSzfVrI=
Subject key identifier:   51:E1:7E:6E:CE:A9:1F:C4:DF:C2:6D:95:56:41:13:9D:B9:20:7D:71
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       0197B7B2F91A034F88A2E7570A4896BFF2D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          0547
Signing time:             Sat 28 Jun 2025 18:00:48 +0000
Manifest this update:     Sat 28 Jun 2025 18:00:48 +0000
Manifest next update:     Sun 29 Jun 2025 18:00:48 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: kvGR6o/IMjolpJ+yGDg7CEcEc72a/PX/erAYhWky+x8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b2:f9:1a:03:4f:88:a2:e7:57:0a:48:96:bf:f2:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Jun 28 18:00:48 2025 GMT
            Not After : Jun 29 18:00:48 2025 GMT
        Subject: CN=51e17e6ecea91fc4dfc26d955641139db9207d71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:3c:fd:5b:fc:ed:3d:fc:75:36:1a:3e:02:7e:
                    7c:90:30:38:d6:2d:a4:e6:29:5d:c7:83:5e:49:48:
                    f0:f1:35:b9:dd:32:75:bd:68:14:98:90:4d:cd:07:
                    c4:bc:23:1b:ed:4b:d7:03:57:a7:28:13:8d:a7:8d:
                    24:f7:ed:24:d7:8c:6f:09:87:36:07:80:93:08:b4:
                    d8:94:98:f4:0c:e4:e3:20:4d:bf:60:c4:ad:0c:33:
                    c8:46:fd:4f:fc:85:86:99:a7:f6:53:4f:22:bf:29:
                    56:55:58:1e:1c:10:2a:b0:49:d3:9b:c7:dc:fc:37:
                    33:c5:49:95:ae:e2:80:aa:dd:92:38:c5:a4:05:50:
                    85:f7:b9:e2:66:70:f2:e7:b3:28:84:05:74:a8:3a:
                    0a:5a:d7:87:2d:4c:16:cd:75:28:21:19:72:56:e5:
                    2f:0c:fd:f9:7f:d2:4b:b3:72:3f:d4:19:8c:a1:08:
                    f8:5c:e6:32:d9:91:32:eb:78:16:89:9a:20:e6:a3:
                    75:58:cd:5d:51:5d:49:3a:8c:a1:cd:06:2b:fc:be:
                    8a:9a:b6:6a:2a:39:cd:55:87:53:ee:a8:e4:34:5c:
                    15:03:26:6d:4f:c7:f4:99:0a:db:4d:af:50:22:50:
                    b8:78:df:5c:df:7b:dd:c8:2d:bf:c8:2a:c7:45:0d:
                    a3:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:E1:7E:6E:CE:A9:1F:C4:DF:C2:6D:95:56:41:13:9D:B9:20:7D:71
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:d6:85:31:26:47:0e:12:6c:70:1f:7b:f8:99:13:57:99:a9:
         3d:d3:b0:df:c7:1d:8e:67:de:ca:5d:b9:5c:d9:3e:bf:73:13:
         23:08:58:b1:d9:d6:d6:de:87:7b:aa:12:c0:b4:d8:f5:5c:d9:
         7c:1b:84:1e:3c:a9:d6:0d:da:f5:07:d3:98:7c:53:f1:fd:5a:
         bb:83:e9:a7:fd:4b:f7:6f:da:98:84:6e:48:f8:21:2d:36:bb:
         62:ad:1b:df:9b:0b:5e:38:b2:5a:b9:19:32:8c:ee:47:89:a9:
         af:96:a4:42:8b:8d:dc:95:eb:cd:49:bb:1d:23:4f:a4:da:e0:
         41:2c:9b:46:c2:fd:72:cd:27:58:1b:bf:eb:40:b1:5f:20:f8:
         1f:26:b2:91:7c:66:d2:81:77:3b:bc:d9:23:ee:73:ba:23:d2:
         2c:d2:b6:27:93:27:15:3d:04:62:c7:4a:51:3c:3d:f7:f5:93:
         fb:76:be:6f:29:32:41:32:7c:48:2d:37:ce:c3:b1:c6:43:42:
         99:08:71:e3:fb:aa:76:c4:99:d4:67:31:0f:a7:98:4b:59:58:
         c3:60:38:77:60:c6:80:df:f7:9a:32:f4:d8:62:6e:f4:ec:6d:
         61:f4:db:27:5e:e3:15:d5:80:8d:3f:86:71:43:1b:00:b9:b5:
         10:dd:f0:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3svkaA0+IoudXCkiWv/LZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjUwNjI4MTgwMDQ4WhcNMjUwNjI5MTgwMDQ4WjAzMTEwLwYDVQQD
Eyg1MWUxN2U2ZWNlYTkxZmM0ZGZjMjZkOTU1NjQxMTM5ZGI5MjA3ZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTz9W/ztPfx1Nho+An58kDA41i2k
5ildx4NeSUjw8TW53TJ1vWgUmJBNzQfEvCMb7UvXA1enKBONp40k9+0k14xvCYc2
B4CTCLTYlJj0DOTjIE2/YMStDDPIRv1P/IWGmaf2U08ivylWVVgeHBAqsEnTm8fc
/DczxUmVruKAqt2SOMWkBVCF97niZnDy57MohAV0qDoKWteHLUwWzXUoIRlyVuUv
DP35f9JLs3I/1BmMoQj4XOYy2ZEy63gWiZog5qN1WM1dUV1JOoyhzQYr/L6KmrZq
KjnNVYdT7qjkNFwVAyZtT8f0mQrbTa9QIlC4eN9c33vdyC2/yCrHRQ2juQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHhfm7OqR/E38JtlVZBE525IH1xMB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAdaFMSZH
DhJscB97+JkTV5mpPdOw38cdjmfeyl25XNk+v3MTIwhYsdnW1t6He6oSwLTY9VzZ
fBuEHjyp1g3a9QfTmHxT8f1au4Ppp/1L92/amIRuSPghLTa7Yq0b35sLXjiyWrkZ
MozuR4mpr5akQouN3JXrzUm7HSNPpNrgQSybRsL9cs0nWBu/60CxXyD4HyaykXxm
0oF3O7zZI+5zuiPSLNK2J5MnFT0EYsdKUTw99/WT+3a+bykyQTJ8SC03zsOxxkNC
mQhx4/uqdsSZ1GcxD6eYS1lYw2A4d2DGgN/3mjL02GJu9OxtYfTbJ17jFdWAjT+G
cUMbALm1EN3wqg==
-----END CERTIFICATE-----