Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          JEyMIEKfWVdf/LctnzyohlmsApnlV/UIjA4thp5AENQ=
Subject key identifier:   C6:A9:47:B3:FE:50:A7:60:D0:D3:C9:0F:96:14:06:36:36:3C:CB:FB
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       0196A954EBB2F5B5CAFE0461CE35B9A34185
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          04BB
Signing time:             Wed 07 May 2025 06:00:36 +0000
Manifest this update:     Wed 07 May 2025 06:00:36 +0000
Manifest next update:     Thu 08 May 2025 06:00:36 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: SJSX08aEa6x8jMLk2P38LmXxBo0biZ1smI2ymmZPMN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 06:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a9:54:eb:b2:f5:b5:ca:fe:04:61:ce:35:b9:a3:41:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: May  7 06:00:36 2025 GMT
            Not After : May  8 06:00:36 2025 GMT
        Subject: CN=c6a947b3fe50a760d0d3c90f96140636363ccbfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:dc:19:d3:5d:93:2a:3f:1b:d3:1c:8e:93:c2:
                    68:1f:cc:ab:e0:21:c4:c5:91:6d:ab:0b:58:0f:f1:
                    ac:84:7b:39:9e:ec:8b:a8:40:eb:27:e1:eb:97:01:
                    f2:15:86:e5:18:b8:9f:35:25:da:df:8d:de:6c:87:
                    89:63:da:87:6b:43:09:c1:f2:9f:06:be:f6:c6:6d:
                    33:b6:b8:72:e0:bf:23:3e:c2:5c:04:cf:64:17:e7:
                    cc:07:a3:d5:72:9a:ff:b3:ed:7d:c9:c5:9a:e7:b4:
                    29:e1:de:67:4c:c5:d6:99:b3:7d:43:e6:11:40:2b:
                    17:6b:ac:a2:97:c5:b9:b6:18:74:36:46:46:04:b5:
                    6b:db:69:64:c9:a0:9f:5a:c9:9a:ef:78:b2:05:86:
                    00:98:ef:59:8c:23:a4:c8:41:de:26:02:39:31:1e:
                    33:26:e4:17:96:83:08:e9:65:4f:c4:44:b5:69:d6:
                    10:38:b4:d4:38:b7:c0:a0:62:7e:72:27:09:31:92:
                    b4:a3:8e:61:43:47:93:01:cd:a5:01:84:17:44:4a:
                    de:b1:b5:98:82:df:38:b5:08:18:01:20:a1:11:7c:
                    ea:7d:49:ef:3b:c0:69:ee:6b:47:a9:1e:95:44:75:
                    8e:3a:0d:bb:29:63:89:a5:4a:3d:80:b4:1c:b0:d7:
                    fa:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:A9:47:B3:FE:50:A7:60:D0:D3:C9:0F:96:14:06:36:36:3C:CB:FB
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:45:c2:60:0a:ed:f1:03:c4:e4:e4:60:b0:2e:b8:67:26:c8:
         68:4b:d7:f6:2d:60:23:43:c0:5b:65:88:4c:34:c9:61:d2:be:
         91:b7:8c:4d:2e:e4:a4:50:f1:87:54:41:4c:98:de:77:d9:34:
         2f:56:8d:34:ce:0b:f4:a2:35:97:90:92:60:a3:89:14:54:a4:
         18:28:09:f0:26:8f:4c:97:92:49:c8:ce:0e:bd:28:f4:90:73:
         3e:83:79:b4:9d:31:06:2c:41:cf:a8:f8:7e:ee:48:b9:3b:50:
         81:a4:c3:03:4f:aa:54:ab:fa:3d:dc:7f:5d:ec:52:39:85:f0:
         ef:f3:06:87:12:c9:79:a3:80:d3:4d:bd:24:89:e5:cf:b5:48:
         30:ce:58:d3:53:51:b8:87:39:91:ed:49:c1:87:cf:5b:74:41:
         ec:29:d8:f5:2e:e4:86:83:cd:4b:3c:3f:1a:d6:65:6c:43:c8:
         6a:1b:d8:19:ed:bc:22:88:ec:3b:8c:ce:5a:fb:b8:3d:2e:c5:
         64:f2:d6:f5:69:73:34:3e:10:3c:91:e3:5d:56:8c:be:c5:2d:
         21:57:36:0c:87:28:7b:11:93:92:3e:f1:e6:e5:62:67:54:54:
         88:f3:df:69:4d:66:3a:f1:54:95:b9:20:16:22:ff:42:56:dd:
         87:ec:64:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZapVOuy9bXK/gRhzjW5o0GFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjUwNTA3MDYwMDM2WhcNMjUwNTA4MDYwMDM2WjAzMTEwLwYDVQQD
EyhjNmE5NDdiM2ZlNTBhNzYwZDBkM2M5MGY5NjE0MDYzNjM2M2NjYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNwZ012TKj8b0xyOk8JoH8yr4CHE
xZFtqwtYD/GshHs5nuyLqEDrJ+HrlwHyFYblGLifNSXa343ebIeJY9qHa0MJwfKf
Br72xm0ztrhy4L8jPsJcBM9kF+fMB6PVcpr/s+19ycWa57Qp4d5nTMXWmbN9Q+YR
QCsXa6yil8W5thh0NkZGBLVr22lkyaCfWsma73iyBYYAmO9ZjCOkyEHeJgI5MR4z
JuQXloMI6WVPxES1adYQOLTUOLfAoGJ+cicJMZK0o45hQ0eTAc2lAYQXREresbWY
gt84tQgYASChEXzqfUnvO8Bp7mtHqR6VRHWOOg27KWOJpUo9gLQcsNf6ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMapR7P+UKdg0NPJD5YUBjY2PMv7MB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaUXCYArt
8QPE5ORgsC64ZybIaEvX9i1gI0PAW2WITDTJYdK+kbeMTS7kpFDxh1RBTJjed9k0
L1aNNM4L9KI1l5CSYKOJFFSkGCgJ8CaPTJeSScjODr0o9JBzPoN5tJ0xBixBz6j4
fu5IuTtQgaTDA0+qVKv6Pdx/XexSOYXw7/MGhxLJeaOA0029JInlz7VIMM5Y01NR
uIc5ke1JwYfPW3RB7CnY9S7khoPNSzw/GtZlbEPIahvYGe28IojsO4zOWvu4PS7F
ZPLW9WlzND4QPJHjXVaMvsUtIVc2DIcoexGTkj7x5uViZ1RUiPPfaU1mOvFUlbkg
FiL/Qlbdh+xkwA==
-----END CERTIFICATE-----