Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
File:                     IOsM1NM69OKLeobbIS2VkaC-YuM.mft (raw, json)
Hash identifier:          YqujskRcgCDnm3FCPYoc6Ft9x2hobdsd11702+i3c/o=
Subject key identifier:   02:9C:8F:C2:5D:CA:38:22:6D:DD:30:8D:49:A1:9B:BC:D4:1E:17:7D
Authority key identifier: 20:EB:0C:D4:D3:3A:F4:E2:8B:7A:86:DB:21:2D:95:91:A0:BE:62:E3
Certificate issuer:       /CN=20eb0cd4d33af4e28b7a86db212d9591a0be62e3
Certificate serial:       019A4EF4F3F8AB0650C12248E47ED93C2B6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
Manifest number:          1331
Signing time:             Tue 04 Nov 2025 13:01:07 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:07 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:07 +0000
Files and hashes:         1: IOsM1NM69OKLeobbIS2VkaC-YuM.crl (hash: aThGnGmmWSilrFsxnBD/OGrLf8LFKoIu6ZmdbZPkgug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:f3:f8:ab:06:50:c1:22:48:e4:7e:d9:3c:2b:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20eb0cd4d33af4e28b7a86db212d9591a0be62e3
        Validity
            Not Before: Nov  4 13:01:07 2025 GMT
            Not After : Nov  5 13:01:07 2025 GMT
        Subject: CN=029c8fc25dca38226ddd308d49a19bbcd41e177d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a7:59:96:c6:10:d8:7f:f7:1d:45:ba:a0:f2:
                    36:e8:fb:27:f5:40:7d:99:bc:26:38:0d:4d:db:5c:
                    28:bd:15:2b:65:01:59:e1:81:c6:a6:31:8a:96:df:
                    45:91:96:cd:b0:39:ce:93:af:b8:17:0c:ad:8f:cc:
                    d2:3f:f6:d2:48:80:ea:f0:7b:b4:7b:5e:26:df:7b:
                    8c:f4:75:31:27:8d:61:4c:b7:99:9d:ac:ad:3e:05:
                    f1:59:72:4d:61:83:e9:d2:f2:a4:74:60:02:ae:a6:
                    97:15:82:f8:7b:35:d6:57:5c:cd:f2:f9:9d:3b:aa:
                    dd:71:7b:11:86:26:64:3f:8d:b0:21:ee:97:b1:4b:
                    d9:e9:da:61:e1:74:c0:7d:dd:dd:6d:0f:83:11:19:
                    d9:14:85:43:87:e7:dc:2e:b4:4b:b4:eb:50:c2:5c:
                    05:d1:60:a6:72:61:86:5c:41:63:52:74:60:b9:39:
                    18:af:1e:3a:e8:26:20:fb:53:16:f7:17:07:e2:8a:
                    0d:93:40:0d:84:ea:16:6d:54:a4:97:a1:75:37:cd:
                    c9:40:ca:9e:cf:e9:3a:1f:cd:dc:a4:d0:ca:87:f1:
                    15:b2:d9:0b:2d:a0:2e:05:f7:93:9a:cb:d7:a4:20:
                    89:8d:6d:53:7d:a1:9c:db:12:59:86:f0:4f:7f:2c:
                    1d:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:9C:8F:C2:5D:CA:38:22:6D:DD:30:8D:49:A1:9B:BC:D4:1E:17:7D
            X509v3 Authority Key Identifier:
                keyid:20:EB:0C:D4:D3:3A:F4:E2:8B:7A:86:DB:21:2D:95:91:A0:BE:62:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:cd:3e:d8:dd:18:2e:7a:4b:79:dc:ea:8a:17:ba:28:63:97:
         5f:78:e3:aa:93:9f:6b:bf:2c:f1:d5:5e:23:30:0b:d9:e0:5a:
         11:5c:ed:0c:8c:c0:dd:d2:e3:45:1b:db:05:26:79:ab:92:4c:
         72:89:e6:a5:01:77:fb:24:de:db:7f:e5:07:2f:7e:23:cc:02:
         0a:24:1d:03:d7:17:16:a6:69:94:a2:14:da:6f:38:d9:7d:4b:
         8e:ce:53:50:eb:38:e3:c1:fc:67:e1:6a:58:d6:3f:87:aa:3b:
         33:06:93:f2:9a:4b:96:05:ed:24:cf:9a:71:f7:49:9d:b6:f3:
         cb:ac:14:52:b1:4c:24:6e:e4:e5:07:ec:ba:18:fd:dd:26:dc:
         79:50:2c:de:27:d3:e3:66:1c:85:cd:80:d5:91:b4:c6:9e:e6:
         7d:81:18:3f:ae:e8:90:d3:b3:89:f5:cf:a6:ef:91:80:aa:7c:
         ec:b2:46:9a:80:0d:21:fd:a9:a1:78:99:b7:b3:c2:0e:5a:14:
         6c:1b:52:66:fb:ac:08:f1:07:7b:ad:e2:b7:0a:8b:e1:3d:0a:
         28:6a:5e:ec:dd:9f:25:4d:f2:4a:bf:f3:66:3c:13:55:19:d4:
         1c:9e:87:19:7e:c1:f9:82:3e:81:72:7d:01:3f:00:78:97:b8:
         77:29:5c:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9PP4qwZQwSJI5H7ZPCttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZWIwY2Q0ZDMzYWY0ZTI4YjdhODZkYjIxMmQ5NTkxYTBi
ZTYyZTMwHhcNMjUxMTA0MTMwMTA3WhcNMjUxMTA1MTMwMTA3WjAzMTEwLwYDVQQD
EygwMjljOGZjMjVkY2EzODIyNmRkZDMwOGQ0OWExOWJiY2Q0MWUxNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqdZlsYQ2H/3HUW6oPI26Psn9UB9
mbwmOA1N21wovRUrZQFZ4YHGpjGKlt9FkZbNsDnOk6+4Fwytj8zSP/bSSIDq8Hu0
e14m33uM9HUxJ41hTLeZnaytPgXxWXJNYYPp0vKkdGACrqaXFYL4ezXWV1zN8vmd
O6rdcXsRhiZkP42wIe6XsUvZ6dph4XTAfd3dbQ+DERnZFIVDh+fcLrRLtOtQwlwF
0WCmcmGGXEFjUnRguTkYrx466CYg+1MW9xcH4ooNk0ANhOoWbVSkl6F1N83JQMqe
z+k6H83cpNDKh/EVstkLLaAuBfeTmsvXpCCJjW1TfaGc2xJZhvBPfywdjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKcj8Jdyjgibd0wjUmhm7zUHhd9MB8GA1UdIwQY
MBaAFCDrDNTTOvTii3qG2yEtlZGgvmLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xNDQ0OTQtOWI0Ni00MGFjLTlmZTUt
NDU5ZDFlNmQwZWU5LzEvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xNDQ0OTQtOWI0Ni00MGFjLTlmZTUtNDU5ZDFlNmQwZWU5
LzEvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACc0+2N0Y
LnpLedzqihe6KGOXX3jjqpOfa78s8dVeIzAL2eBaEVztDIzA3dLjRRvbBSZ5q5JM
conmpQF3+yTe23/lBy9+I8wCCiQdA9cXFqZplKIU2m842X1Ljs5TUOs448H8Z+Fq
WNY/h6o7MwaT8ppLlgXtJM+acfdJnbbzy6wUUrFMJG7k5Qfsuhj93SbceVAs3ifT
42Ychc2A1ZG0xp7mfYEYP67okNOzifXPpu+RgKp87LJGmoANIf2poXiZt7PCDloU
bBtSZvusCPEHe63itwqL4T0KKGpe7N2fJU3ySr/zZjwTVRnUHJ6HGX7B+YI+gXJ9
AT8AeJe4dylcXA==
-----END CERTIFICATE-----