Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.mft
File:                     IMZhH8hUYvC8yscvPfTFNRvlEN4.mft (raw, json)
Hash identifier:          awy2uJddNS1A3B4ynDTDCRDMgnoEVNJhiBbyXb4pYXQ=
Subject key identifier:   91:19:13:42:DE:F2:C3:E6:4F:72:F7:73:A0:D2:11:94:A5:4A:E4:CA
Authority key identifier: 20:C6:61:1F:C8:54:62:F0:BC:CA:C7:2F:3D:F4:C5:35:1B:E5:10:DE
Certificate issuer:       /CN=20c6611fc85462f0bccac72f3df4c5351be510de
Certificate serial:       0198D5F1C58D83EC65FA2895375EB2FCAD2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IMZhH8hUYvC8yscvPfTFNRvlEN4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.mft
Manifest number:          29
Signing time:             Sat 23 Aug 2025 08:00:48 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:48 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:48 +0000
Files and hashes:         1: IMZhH8hUYvC8yscvPfTFNRvlEN4.crl (hash: eL9PaQxNhAvNeMyYkKpPzxzfaXq4tWOm6IPbiBZC3JQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IMZhH8hUYvC8yscvPfTFNRvlEN4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:c5:8d:83:ec:65:fa:28:95:37:5e:b2:fc:ad:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20c6611fc85462f0bccac72f3df4c5351be510de
        Validity
            Not Before: Aug 23 08:00:48 2025 GMT
            Not After : Aug 24 08:00:48 2025 GMT
        Subject: CN=91191342def2c3e64f72f773a0d21194a54ae4ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:8e:32:43:4e:33:76:b5:f1:33:2e:4c:52:14:
                    89:94:ad:08:3c:da:ef:ad:ad:5a:98:74:91:81:95:
                    fa:f1:ae:a7:18:c4:33:92:ad:48:dc:69:bd:08:03:
                    e6:3e:42:1b:e1:37:b6:40:d4:80:a9:7c:69:7f:b6:
                    98:44:68:0f:84:03:f0:48:9d:f1:7e:50:37:5f:0c:
                    95:a8:7c:a1:44:91:e7:5b:cf:d4:c4:2e:39:96:fe:
                    f2:bc:19:21:95:02:f9:9c:eb:ca:83:30:df:f8:68:
                    75:59:15:a6:81:92:77:f0:65:c5:a7:6c:ef:76:f0:
                    53:94:61:1d:f7:dd:d1:af:b8:c5:16:d9:c7:7f:1a:
                    54:e6:a2:6a:37:d0:6f:e1:e8:10:cb:33:11:69:c2:
                    3c:47:af:55:4c:f9:d8:bd:c3:6d:aa:8a:80:27:1e:
                    f0:72:de:bb:e0:09:cf:e7:c9:cb:27:45:62:d9:6f:
                    6d:39:80:7b:96:8a:52:a6:c6:e9:d7:d0:e6:95:02:
                    9d:5a:d3:4a:a4:d5:2e:88:8b:4a:7c:f3:ec:e5:c3:
                    de:a1:55:14:cd:db:d8:64:18:2c:e7:87:fe:5c:c1:
                    dc:d5:1e:87:b0:2d:24:0d:ba:55:21:2c:11:09:b7:
                    be:ca:9c:c6:67:09:f9:18:d5:a3:f3:94:f0:be:c6:
                    74:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:19:13:42:DE:F2:C3:E6:4F:72:F7:73:A0:D2:11:94:A5:4A:E4:CA
            X509v3 Authority Key Identifier:
                keyid:20:C6:61:1F:C8:54:62:F0:BC:CA:C7:2F:3D:F4:C5:35:1B:E5:10:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMZhH8hUYvC8yscvPfTFNRvlEN4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3841fe-dc49-4b9c-af9d-daa23ffb4cbf/1/IMZhH8hUYvC8yscvPfTFNRvlEN4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:cb:df:43:89:96:dd:0c:1d:1a:eb:af:09:fd:51:68:56:79:
         ed:68:5a:17:29:37:1c:ee:6e:71:2f:9f:d0:a4:da:68:c6:14:
         f3:fc:47:69:4a:df:18:e2:10:d8:b5:64:63:19:2c:4a:96:be:
         48:9e:cf:44:b9:43:3d:c4:73:2d:8a:ca:a1:a6:40:13:4e:48:
         75:eb:25:f1:82:1e:81:7c:3e:a7:a6:01:d6:3c:52:98:de:90:
         aa:98:3f:c3:18:46:5b:bb:05:a2:7a:a4:a4:2e:2e:e1:b1:9e:
         e4:4f:cf:3c:9c:94:85:2c:44:86:35:73:d7:c2:1c:e3:b2:eb:
         ec:86:e5:0b:ac:e7:2c:c0:39:e1:6a:b4:6a:e8:7a:59:37:77:
         95:68:2d:db:fc:c7:6d:fa:85:46:1e:56:c8:86:d0:41:7d:e7:
         01:ba:73:de:db:0a:82:7d:fe:5f:76:10:86:6e:8a:72:22:d3:
         d3:12:a4:e3:ce:75:da:b2:30:b1:0d:cd:3e:60:26:a2:54:4c:
         68:d7:f3:a8:3d:4e:c6:0d:8c:b2:32:2d:9a:bb:ab:f8:46:75:
         ce:78:8e:ab:43:16:26:56:a9:33:34:ef:bf:af:8f:62:84:db:
         83:c6:78:3b:e9:c3:f4:37:3d:a2:70:89:57:e5:50:22:00:f9:
         65:4c:9b:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8cWNg+xl+iiVN16y/K0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYzY2MTFmYzg1NDYyZjBiY2NhYzcyZjNkZjRjNTM1MWJl
NTEwZGUwHhcNMjUwODIzMDgwMDQ4WhcNMjUwODI0MDgwMDQ4WjAzMTEwLwYDVQQD
Eyg5MTE5MTM0MmRlZjJjM2U2NGY3MmY3NzNhMGQyMTE5NGE1NGFlNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI4yQ04zdrXxMy5MUhSJlK0IPNrv
ra1amHSRgZX68a6nGMQzkq1I3Gm9CAPmPkIb4Te2QNSAqXxpf7aYRGgPhAPwSJ3x
flA3XwyVqHyhRJHnW8/UxC45lv7yvBkhlQL5nOvKgzDf+Gh1WRWmgZJ38GXFp2zv
dvBTlGEd993Rr7jFFtnHfxpU5qJqN9Bv4egQyzMRacI8R69VTPnYvcNtqoqAJx7w
ct674AnP58nLJ0Vi2W9tOYB7lopSpsbp19DmlQKdWtNKpNUuiItKfPPs5cPeoVUU
zdvYZBgs54f+XMHc1R6HsC0kDbpVISwRCbe+ypzGZwn5GNWj85TwvsZ0RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEZE0Le8sPmT3L3c6DSEZSlSuTKMB8GA1UdIwQY
MBaAFCDGYR/IVGLwvMrHLz30xTUb5RDeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1aaEg4aFVZdkM4eXNjdlBmVEZOUnZsRU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zODQxZmUtZGM0OS00YjljLWFmOWQt
ZGFhMjNmZmI0Y2JmLzEvSU1aaEg4aFVZdkM4eXNjdlBmVEZOUnZsRU40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zODQxZmUtZGM0OS00YjljLWFmOWQtZGFhMjNmZmI0Y2Jm
LzEvSU1aaEg4aFVZdkM4eXNjdlBmVEZOUnZsRU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkMvfQ4mW
3QwdGuuvCf1RaFZ57WhaFyk3HO5ucS+f0KTaaMYU8/xHaUrfGOIQ2LVkYxksSpa+
SJ7PRLlDPcRzLYrKoaZAE05Idesl8YIegXw+p6YB1jxSmN6Qqpg/wxhGW7sFonqk
pC4u4bGe5E/PPJyUhSxEhjVz18Ic47Lr7IblC6znLMA54Wq0auh6WTd3lWgt2/zH
bfqFRh5WyIbQQX3nAbpz3tsKgn3+X3YQhm6KciLT0xKk48512rIwsQ3NPmAmolRM
aNfzqD1Oxg2MsjItmrur+EZ1zniOq0MWJlapMzTvv6+PYoTbg8Z4O+nD9Dc9onCJ
V+VQIgD5ZUybeg==
-----END CERTIFICATE-----