Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          QIYZqz6djXwXEtnRss0RSsou1h7zCy1JSx6oB+/KIuc=
Subject key identifier:   78:10:76:EE:85:DB:D4:6A:FA:F1:B2:90:48:43:DC:CB:55:02:6F:DD
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       0198D8BD00227BF3060B8CB05946C1A2916E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 21:02:01 +0000
Manifest this update:     Sat 23 Aug 2025 21:02:01 +0000
Manifest next update:     Sun 24 Aug 2025 21:02:01 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: VAyULHTERgYyCXzAtDIdy450a67rKWjPK8v6XX9dOtg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:bd:00:22:7b:f3:06:0b:8c:b0:59:46:c1:a2:91:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Aug 23 21:02:01 2025 GMT
            Not After : Aug 24 21:02:01 2025 GMT
        Subject: CN=781076ee85dbd46afaf1b2904843dccb55026fdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:b5:18:4b:dc:f5:a5:c8:17:c4:dd:c1:d3:84:
                    43:d1:74:72:63:1f:3e:3e:32:48:6a:e0:9d:06:d9:
                    04:52:7d:01:ef:3d:0c:3a:e1:86:33:33:53:c3:d6:
                    6f:0b:c2:b8:4b:49:c4:7e:c5:d4:7d:79:6f:18:08:
                    a4:07:77:a2:08:de:e9:af:eb:75:f4:1f:11:a5:4a:
                    49:0f:1a:83:45:dc:fe:9f:f2:e5:b7:f6:f2:76:2e:
                    f5:f0:4e:1e:0b:3f:c6:ad:47:95:a1:c8:7f:6c:33:
                    37:cc:14:1d:f3:00:05:64:44:1d:ed:2c:26:8b:6b:
                    0d:49:ff:93:61:ae:96:c3:af:92:c2:2c:04:66:0e:
                    cd:e3:90:8f:78:43:b2:68:d3:de:49:8f:4a:5e:b5:
                    42:e2:c8:2d:99:29:5a:f9:f3:0c:7f:56:f0:ae:9d:
                    36:ea:36:f6:3a:60:62:c6:57:1c:a4:01:67:ee:a8:
                    28:2d:fe:10:63:8f:8b:12:71:b6:00:c8:85:0d:f1:
                    1f:91:50:3f:8c:cc:ac:0a:1f:b0:ba:43:1d:bb:c9:
                    c7:54:4b:09:3e:5b:f6:e0:23:cd:ae:49:0d:06:e3:
                    ab:cd:2e:28:0d:a4:47:ee:d4:dd:46:fa:80:41:a0:
                    9d:02:dd:99:7e:0f:c1:91:93:7a:ba:de:aa:68:fa:
                    9a:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:10:76:EE:85:DB:D4:6A:FA:F1:B2:90:48:43:DC:CB:55:02:6F:DD
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:7d:07:50:fe:3c:0f:0e:cc:7d:cb:64:86:90:bb:c3:ee:ff:
         38:ce:90:89:1c:78:36:bf:04:b9:c7:b2:8c:b7:95:ae:fd:e7:
         f0:3b:c8:09:4b:98:bd:f0:b1:56:15:64:75:7f:e5:bd:f3:08:
         64:24:7b:14:d1:b2:2c:13:ba:e3:ff:78:70:7d:1b:5c:6e:f3:
         53:0c:b6:65:f0:d8:5d:1f:00:55:e6:f4:00:04:75:b3:1d:dd:
         da:a0:32:1e:ba:be:d3:77:b5:57:07:91:30:b0:b1:00:c9:ad:
         ff:4e:cf:8d:20:7b:1a:f7:45:df:8e:e6:5b:34:40:98:6b:80:
         da:05:01:87:00:7c:71:33:bf:42:6d:17:0f:f1:fe:96:c4:d7:
         ca:53:aa:92:99:af:53:bd:f3:0f:ad:97:a1:b2:3b:b6:14:51:
         bd:9d:0e:0a:ee:f5:4e:94:1f:a4:dc:81:9b:57:7a:76:d7:7b:
         81:84:88:c2:94:fd:74:5c:ab:74:19:46:2d:00:7a:36:3a:3a:
         24:f6:2d:cc:b6:c5:f0:c0:45:b6:74:21:af:af:94:9a:d7:ab:
         26:88:a2:a0:0c:e9:15:12:96:fb:03:41:fb:f5:c5:d1:ca:f1:
         a8:af:08:56:f0:9d:13:42:fd:fd:a1:5d:94:ce:30:5e:ce:d0:
         14:a2:c5:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYvQAie/MGC4ywWUbBopFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjUwODIzMjEwMjAxWhcNMjUwODI0MjEwMjAxWjAzMTEwLwYDVQQD
Eyg3ODEwNzZlZTg1ZGJkNDZhZmFmMWIyOTA0ODQzZGNjYjU1MDI2ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37UYS9z1pcgXxN3B04RD0XRyYx8+
PjJIauCdBtkEUn0B7z0MOuGGMzNTw9ZvC8K4S0nEfsXUfXlvGAikB3eiCN7pr+t1
9B8RpUpJDxqDRdz+n/Llt/bydi718E4eCz/GrUeVoch/bDM3zBQd8wAFZEQd7Swm
i2sNSf+TYa6Ww6+SwiwEZg7N45CPeEOyaNPeSY9KXrVC4sgtmSla+fMMf1bwrp02
6jb2OmBixlccpAFn7qgoLf4QY4+LEnG2AMiFDfEfkVA/jMysCh+wukMdu8nHVEsJ
Plv24CPNrkkNBuOrzS4oDaRH7tTdRvqAQaCdAt2Zfg/BkZN6ut6qaPqadwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgQdu6F29Rq+vGykEhD3MtVAm/dMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmH0HUP48
Dw7MfctkhpC7w+7/OM6QiRx4Nr8EuceyjLeVrv3n8DvICUuYvfCxVhVkdX/lvfMI
ZCR7FNGyLBO64/94cH0bXG7zUwy2ZfDYXR8AVeb0AAR1sx3d2qAyHrq+03e1VweR
MLCxAMmt/07PjSB7GvdF347mWzRAmGuA2gUBhwB8cTO/Qm0XD/H+lsTXylOqkpmv
U73zD62XobI7thRRvZ0OCu71TpQfpNyBm1d6dtd7gYSIwpT9dFyrdBlGLQB6Njo6
JPYtzLbF8MBFtnQhr6+UmterJoiioAzpFRKW+wNB+/XF0crxqK8IVvCdE0L9/aFd
lM4wXs7QFKLFWg==
-----END CERTIFICATE-----