Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
File:                     IhQgnik48W3KWTVwH6aG2Q_De54.mft (raw, json)
Hash identifier:          jdfBMkEx1G2aZLOMEWLpfas4v3CnXc7jGC6LnM+qg4Q=
Subject key identifier:   0E:15:CB:1F:CD:80:12:30:26:D2:E2:8C:CC:F2:32:29:69:14:14:84
Authority key identifier: 22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E
Certificate issuer:       /CN=2214209e2938f16dca5935701fa686d90fc37b9e
Certificate serial:       0199FBEAD280447810203C9C6AEF65022227
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
Manifest number:          056E
Signing time:             Sun 19 Oct 2025 10:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:34 +0000
Files and hashes:         1: IhQgnik48W3KWTVwH6aG2Q_De54.crl (hash: 6hXUxtE+py9ZyeEa5ZVroTu1DXVxSRhOz6R8cfFICHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:d2:80:44:78:10:20:3c:9c:6a:ef:65:02:22:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2214209e2938f16dca5935701fa686d90fc37b9e
        Validity
            Not Before: Oct 19 10:01:34 2025 GMT
            Not After : Oct 20 10:01:34 2025 GMT
        Subject: CN=0e15cb1fcd80123026d2e28cccf2322969141484
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:01:2f:99:8c:d2:6f:11:ba:f6:fe:89:62:62:
                    0e:ba:09:d7:a2:e7:26:16:3d:1d:e9:c8:12:dc:ca:
                    c9:92:ff:64:2f:59:b1:3f:00:83:d6:96:9a:38:d4:
                    c8:42:d6:45:5c:5a:f4:65:41:b5:27:86:0d:b3:d9:
                    54:6c:b5:31:d0:d9:92:0e:33:3b:99:7e:51:f3:17:
                    c4:9e:a8:14:f6:3b:96:3c:9e:a1:a2:37:27:da:cb:
                    ce:50:19:18:c7:fa:c7:22:e8:3a:1f:a0:2f:ca:de:
                    19:46:22:1a:aa:33:7c:f0:a2:ba:ad:0f:e5:c9:6d:
                    39:a5:16:37:af:3c:b7:c7:33:20:9b:e7:94:1d:ca:
                    5d:6d:d5:6f:00:19:dc:42:14:44:ec:95:ee:76:c0:
                    5f:d0:7f:99:24:65:58:b1:a5:61:f6:3c:f8:15:c6:
                    a1:34:66:a5:a4:5e:56:4c:97:76:66:d6:cd:dd:e7:
                    1e:b8:9b:08:05:ea:1e:fb:a2:be:e1:ad:0e:34:79:
                    d5:2f:c9:97:70:93:b9:e2:51:23:53:ea:d7:14:f6:
                    9a:b7:29:6d:fb:6a:4a:bf:74:e0:9c:b7:38:7a:7c:
                    c9:79:14:85:e9:4c:bd:b2:2c:70:0b:b9:c6:3a:8e:
                    fd:c9:51:52:24:5b:d3:a9:6e:07:21:46:27:fc:a1:
                    6d:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:15:CB:1F:CD:80:12:30:26:D2:E2:8C:CC:F2:32:29:69:14:14:84
            X509v3 Authority Key Identifier:
                keyid:22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:80:f4:08:36:08:be:38:f1:fb:b5:49:fc:1b:0f:bc:88:c7:
         87:7b:af:a6:7c:39:57:7e:7c:84:0f:c9:93:cd:75:4a:c3:b5:
         0b:69:8a:95:a2:34:bc:c3:ff:17:29:ba:db:c6:4b:0b:47:3d:
         fb:af:81:0b:0e:86:90:71:3f:43:a5:64:f7:d9:7c:63:ce:47:
         e1:fe:22:9c:26:78:60:a7:0b:63:8d:2e:a0:a0:f2:b3:52:f8:
         8d:88:08:e0:c2:49:c1:b3:f6:20:59:19:74:12:7c:53:b8:be:
         4e:75:a1:a5:90:eb:f1:c1:aa:28:de:fa:f1:03:22:b9:6f:c9:
         87:47:72:61:c3:dc:55:c7:90:0d:d8:c6:a7:b7:67:8e:c7:49:
         9c:91:44:e1:79:13:f7:3d:6e:4d:b1:3b:f7:62:a7:ed:bc:f8:
         b6:b6:c9:11:01:51:db:fc:50:3a:dc:e7:f1:a8:52:9e:ce:4e:
         7c:94:2a:71:fb:4f:35:4a:8e:29:2e:08:ee:35:f8:d0:e5:28:
         5a:8d:cb:6e:94:9e:16:27:93:35:d9:2a:6f:17:85:36:90:72:
         ec:0e:94:5f:5c:e0:85:67:6b:10:81:77:16:37:6e:bf:76:ce:
         89:79:7a:3f:39:6a:6e:94:33:99:2b:6d:0a:4e:c4:70:13:da:
         b6:83:28:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76tKARHgQIDycau9lAiInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTQyMDllMjkzOGYxNmRjYTU5MzU3MDFmYTY4NmQ5MGZj
MzdiOWUwHhcNMjUxMDE5MTAwMTM0WhcNMjUxMDIwMTAwMTM0WjAzMTEwLwYDVQQD
EygwZTE1Y2IxZmNkODAxMjMwMjZkMmUyOGNjY2YyMzIyOTY5MTQxNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQEvmYzSbxG69v6JYmIOugnXoucm
Fj0d6cgS3MrJkv9kL1mxPwCD1paaONTIQtZFXFr0ZUG1J4YNs9lUbLUx0NmSDjM7
mX5R8xfEnqgU9juWPJ6hojcn2svOUBkYx/rHIug6H6Avyt4ZRiIaqjN88KK6rQ/l
yW05pRY3rzy3xzMgm+eUHcpdbdVvABncQhRE7JXudsBf0H+ZJGVYsaVh9jz4Fcah
NGalpF5WTJd2ZtbN3eceuJsIBeoe+6K+4a0ONHnVL8mXcJO54lEjU+rXFPaatylt
+2pKv3TgnLc4enzJeRSF6Uy9sixwC7nGOo79yVFSJFvTqW4HIUYn/KFtVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4Vyx/NgBIwJtLijMzyMilpFBSEMB8GA1UdIwQY
MBaAFCIUIJ4pOPFtylk1cB+mhtkPw3ueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQt
NGFkZDM5M2E3MjNlLzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQtNGFkZDM5M2E3MjNl
LzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnYD0CDYI
vjjx+7VJ/BsPvIjHh3uvpnw5V358hA/Jk811SsO1C2mKlaI0vMP/Fym628ZLC0c9
+6+BCw6GkHE/Q6Vk99l8Y85H4f4inCZ4YKcLY40uoKDys1L4jYgI4MJJwbP2IFkZ
dBJ8U7i+TnWhpZDr8cGqKN768QMiuW/Jh0dyYcPcVceQDdjGp7dnjsdJnJFE4XkT
9z1uTbE792Kn7bz4trbJEQFR2/xQOtzn8ahSns5OfJQqcftPNUqOKS4I7jX40OUo
Wo3LbpSeFieTNdkqbxeFNpBy7A6UX1zghWdrEIF3Fjduv3bOiXl6PzlqbpQzmStt
Ck7EcBPatoMoCw==
-----END CERTIFICATE-----