Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
File:                     IhQgnik48W3KWTVwH6aG2Q_De54.mft (raw, json)
Hash identifier:          qKlydkyag2Qn6yOucsLMhq+a2c1oqqg3I3x63f/dkRo=
Subject key identifier:   15:96:6E:6E:09:1B:54:37:A2:77:3B:D6:F3:6E:12:DF:DE:40:F5:DF
Authority key identifier: 22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E
Certificate issuer:       /CN=2214209e2938f16dca5935701fa686d90fc37b9e
Certificate serial:       0198D65F24109F27C09DF05414A6D774D3FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
Manifest number:          04D6
Signing time:             Sat 23 Aug 2025 10:00:15 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:15 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:15 +0000
Files and hashes:         1: IhQgnik48W3KWTVwH6aG2Q_De54.crl (hash: E9d5HuIfykdqU4hIj6vj+zo8Q4sU6ubkl1o+lpq2qjQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:24:10:9f:27:c0:9d:f0:54:14:a6:d7:74:d3:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2214209e2938f16dca5935701fa686d90fc37b9e
        Validity
            Not Before: Aug 23 10:00:15 2025 GMT
            Not After : Aug 24 10:00:15 2025 GMT
        Subject: CN=15966e6e091b5437a2773bd6f36e12dfde40f5df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:9b:8a:39:cd:d4:12:4e:b4:e9:20:b1:04:56:
                    63:c4:85:7c:4b:16:64:91:38:ba:d5:20:16:ba:f2:
                    a7:1f:c3:25:3a:18:44:18:28:b7:f2:89:a0:f3:f9:
                    4a:eb:8f:41:6a:30:dd:7d:71:6f:42:5a:74:71:d3:
                    d6:a9:81:c9:eb:67:e4:1f:d4:af:0c:d7:91:97:cd:
                    8f:de:81:be:aa:d2:5a:5c:b0:3d:02:28:01:e5:a5:
                    8b:e4:b5:d3:c3:9a:4e:cd:d9:d9:7f:58:5f:ca:f5:
                    64:9b:3e:cc:a7:27:1e:c6:3f:cb:a0:93:a5:86:c8:
                    71:f7:37:85:03:27:9b:ee:54:31:48:52:49:59:14:
                    60:7a:70:1e:5d:b0:77:1f:c8:b0:9f:05:a3:11:da:
                    85:51:f5:f9:8e:d7:22:57:4a:da:d0:44:2f:0b:ee:
                    a7:1d:57:dd:82:79:b9:34:c5:b7:70:20:9b:99:0d:
                    fc:b2:39:b7:12:95:a9:86:20:39:af:a7:b7:60:d1:
                    db:52:53:b1:09:8a:51:33:7a:d3:b0:53:55:78:04:
                    e7:51:f0:35:19:55:39:d0:0f:99:e0:81:9f:38:d5:
                    e3:4b:20:2b:2e:ef:18:c5:82:18:6e:61:76:73:85:
                    cf:a5:23:81:60:eb:9e:1a:9f:ac:73:73:80:49:73:
                    b6:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:96:6E:6E:09:1B:54:37:A2:77:3B:D6:F3:6E:12:DF:DE:40:F5:DF
            X509v3 Authority Key Identifier:
                keyid:22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:76:58:3b:4a:e2:ff:9a:68:d2:a5:76:62:1f:41:fd:29:26:
         14:eb:68:76:c0:f1:43:a4:19:b0:1b:1c:2d:ea:d9:12:33:e2:
         b2:47:4f:fd:14:5a:7b:4f:e5:6c:ed:1c:8a:05:ca:4d:f3:22:
         51:5e:36:6e:a2:ed:c4:ae:85:2a:6e:c0:25:56:0f:9e:07:46:
         5d:60:52:bf:15:08:fd:06:f8:e0:d0:29:79:63:3b:55:73:5e:
         eb:a2:ac:e7:f5:b8:dd:a2:04:b5:fa:2f:0d:f2:1c:35:0e:c4:
         ad:db:c1:48:4b:a2:0f:47:5c:07:e6:41:30:cf:04:6a:4a:a4:
         87:5b:45:b8:cb:ff:e9:79:26:1d:a2:13:58:a0:67:12:8a:4e:
         8c:9d:29:a0:57:0a:d8:83:33:bf:09:d8:00:aa:a9:2a:dc:2c:
         35:a4:a6:36:b2:40:06:a6:03:86:44:52:75:60:5f:87:b9:ed:
         2a:ea:12:ea:e9:e8:ee:96:00:56:86:d1:c1:ff:29:51:c2:7b:
         37:77:b1:65:fd:fe:ee:d4:ec:29:81:8a:bb:5d:84:41:81:bc:
         89:38:cf:f7:4a:29:75:16:4a:a8:61:7d:a2:37:01:2d:af:2a:
         ad:50:be:5a:09:7a:65:f7:d7:3a:c4:93:44:cb:e3:cd:8f:b0:
         1f:69:f1:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXyQQnyfAnfBUFKbXdNP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTQyMDllMjkzOGYxNmRjYTU5MzU3MDFmYTY4NmQ5MGZj
MzdiOWUwHhcNMjUwODIzMTAwMDE1WhcNMjUwODI0MTAwMDE1WjAzMTEwLwYDVQQD
EygxNTk2NmU2ZTA5MWI1NDM3YTI3NzNiZDZmMzZlMTJkZmRlNDBmNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5uKOc3UEk606SCxBFZjxIV8SxZk
kTi61SAWuvKnH8MlOhhEGCi38omg8/lK649BajDdfXFvQlp0cdPWqYHJ62fkH9Sv
DNeRl82P3oG+qtJaXLA9AigB5aWL5LXTw5pOzdnZf1hfyvVkmz7Mpycexj/LoJOl
hshx9zeFAyeb7lQxSFJJWRRgenAeXbB3H8iwnwWjEdqFUfX5jtciV0ra0EQvC+6n
HVfdgnm5NMW3cCCbmQ38sjm3EpWphiA5r6e3YNHbUlOxCYpRM3rTsFNVeATnUfA1
GVU50A+Z4IGfONXjSyArLu8YxYIYbmF2c4XPpSOBYOueGp+sc3OASXO2jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWWbm4JG1Q3onc71vNuEt/eQPXfMB8GA1UdIwQY
MBaAFCIUIJ4pOPFtylk1cB+mhtkPw3ueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQt
NGFkZDM5M2E3MjNlLzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQtNGFkZDM5M2E3MjNl
LzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANHZYO0ri
/5po0qV2Yh9B/SkmFOtodsDxQ6QZsBscLerZEjPiskdP/RRae0/lbO0cigXKTfMi
UV42bqLtxK6FKm7AJVYPngdGXWBSvxUI/Qb44NApeWM7VXNe66Ks5/W43aIEtfov
DfIcNQ7ErdvBSEuiD0dcB+ZBMM8Eakqkh1tFuMv/6XkmHaITWKBnEopOjJ0poFcK
2IMzvwnYAKqpKtwsNaSmNrJABqYDhkRSdWBfh7ntKuoS6uno7pYAVobRwf8pUcJ7
N3exZf3+7tTsKYGKu12EQYG8iTjP90opdRZKqGF9ojcBLa8qrVC+Wgl6ZffXOsST
RMvjzY+wH2nxEw==
-----END CERTIFICATE-----