Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
File:                     IOsM1NM69OKLeobbIS2VkaC-YuM.mft (raw, json)
Hash identifier:          3aWBAF3njmux/7IZycCYqGKBfpfGq68C96NfFh295a8=
Subject key identifier:   96:62:F8:AE:2D:55:AA:36:13:EE:C9:30:9C:3A:3A:2C:51:1C:BA:B9
Authority key identifier: 20:EB:0C:D4:D3:3A:F4:E2:8B:7A:86:DB:21:2D:95:91:A0:BE:62:E3
Certificate issuer:       /CN=20eb0cd4d33af4e28b7a86db212d9591a0be62e3
Certificate serial:       019873E3CB1ACF3EAC94BCDBE225907BEA1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
Manifest number:          123B
Signing time:             Mon 04 Aug 2025 07:02:45 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:45 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:45 +0000
Files and hashes:         1: IOsM1NM69OKLeobbIS2VkaC-YuM.crl (hash: 6rzu3lVl1qdOnqoTl5GzVxQsUGQ8WnFhxNo+43TFwME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:cb:1a:cf:3e:ac:94:bc:db:e2:25:90:7b:ea:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20eb0cd4d33af4e28b7a86db212d9591a0be62e3
        Validity
            Not Before: Aug  4 07:02:45 2025 GMT
            Not After : Aug  5 07:02:45 2025 GMT
        Subject: CN=9662f8ae2d55aa3613eec9309c3a3a2c511cbab9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:56:45:43:29:08:0e:a5:4a:ff:d2:ce:75:ac:
                    e4:be:df:48:fd:46:a2:06:18:6b:cb:58:ec:f3:7e:
                    96:d2:98:28:84:30:82:1b:10:6b:84:fd:b3:2b:8e:
                    b5:ba:3a:d7:0a:23:d1:45:b0:a6:82:f3:41:f0:08:
                    d5:23:30:82:cb:e4:13:40:e0:cd:d9:11:3e:5c:a7:
                    05:b5:4c:a4:6e:c4:e3:66:72:7f:9a:7e:f4:a6:c3:
                    48:6e:18:30:c5:04:a1:10:58:1d:e7:a9:b6:ac:e3:
                    21:1a:37:6b:78:ef:1b:ed:2e:ca:b3:a9:f6:4d:97:
                    b0:1b:08:d8:63:65:95:67:62:99:d6:8b:9e:02:fa:
                    19:d4:e6:5a:c7:e2:43:b2:87:d2:43:e1:5b:c1:8c:
                    41:7e:90:e7:46:4d:94:d8:67:ea:e5:bc:ad:c6:1b:
                    c8:8d:53:38:46:eb:d4:f2:4d:8c:08:06:6c:72:63:
                    32:80:ea:68:47:7d:06:36:70:d5:61:32:4c:b0:9b:
                    90:0a:74:fb:c4:f7:4c:3d:5b:9f:cb:98:c7:ba:c9:
                    59:66:37:40:33:c5:9a:f0:ca:64:ca:fd:34:57:8f:
                    7f:d3:89:05:fb:b0:47:b3:9e:45:48:75:dc:de:80:
                    b7:86:52:e4:14:d1:88:18:07:a3:d9:7c:4f:58:ff:
                    03:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:62:F8:AE:2D:55:AA:36:13:EE:C9:30:9C:3A:3A:2C:51:1C:BA:B9
            X509v3 Authority Key Identifier:
                keyid:20:EB:0C:D4:D3:3A:F4:E2:8B:7A:86:DB:21:2D:95:91:A0:BE:62:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:a3:b6:09:e4:ac:65:a6:8d:e5:f9:6f:e3:48:4a:63:cb:2b:
         92:87:86:a5:ab:e1:78:0d:79:90:34:8b:dd:5f:45:14:8c:94:
         ad:ff:8b:74:e7:9d:2f:23:df:c8:75:d0:34:d3:53:8a:c4:75:
         cd:31:0a:f9:a2:a2:fe:8d:14:7e:cf:31:c9:27:03:5d:39:40:
         db:a1:23:30:61:05:0a:c3:d7:18:c8:62:fd:f0:68:0e:d3:15:
         99:21:de:a3:15:95:49:53:0f:dd:65:49:09:22:8a:37:e9:73:
         6b:5a:6c:93:cb:c9:01:9e:9b:cb:3d:d7:56:7d:87:ed:40:f1:
         a1:7a:66:4e:3c:1e:64:07:7b:d4:f2:6f:03:04:1d:59:68:fd:
         49:68:4d:fe:b8:70:5c:81:db:ac:a5:ea:10:71:4e:a9:4e:db:
         3a:42:47:d8:88:18:43:34:62:41:4f:d8:56:5e:19:e1:5c:69:
         9f:76:96:54:e3:cc:12:96:74:d9:c5:8f:9f:1e:35:a3:06:cf:
         92:18:ec:39:58:e6:2d:bd:86:a3:49:b3:19:90:f3:e2:13:ad:
         9d:cf:aa:44:9e:0e:93:09:00:14:1c:4d:3a:70:4b:9e:98:c3:
         fb:18:06:a2:b4:49:e3:89:52:da:fa:d3:68:a1:95:3a:ca:63:
         e1:a9:da:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz48sazz6slLzb4iWQe+oaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZWIwY2Q0ZDMzYWY0ZTI4YjdhODZkYjIxMmQ5NTkxYTBi
ZTYyZTMwHhcNMjUwODA0MDcwMjQ1WhcNMjUwODA1MDcwMjQ1WjAzMTEwLwYDVQQD
Eyg5NjYyZjhhZTJkNTVhYTM2MTNlZWM5MzA5YzNhM2EyYzUxMWNiYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlZFQykIDqVK/9LOdazkvt9I/Uai
Bhhry1js836W0pgohDCCGxBrhP2zK461ujrXCiPRRbCmgvNB8AjVIzCCy+QTQODN
2RE+XKcFtUykbsTjZnJ/mn70psNIbhgwxQShEFgd56m2rOMhGjdreO8b7S7Ks6n2
TZewGwjYY2WVZ2KZ1oueAvoZ1OZax+JDsofSQ+FbwYxBfpDnRk2U2Gfq5bytxhvI
jVM4RuvU8k2MCAZscmMygOpoR30GNnDVYTJMsJuQCnT7xPdMPVufy5jHuslZZjdA
M8Wa8Mpkyv00V49/04kF+7BHs55FSHXc3oC3hlLkFNGIGAej2XxPWP8DMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZi+K4tVao2E+7JMJw6OixRHLq5MB8GA1UdIwQY
MBaAFCDrDNTTOvTii3qG2yEtlZGgvmLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xNDQ0OTQtOWI0Ni00MGFjLTlmZTUt
NDU5ZDFlNmQwZWU5LzEvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xNDQ0OTQtOWI0Ni00MGFjLTlmZTUtNDU5ZDFlNmQwZWU5
LzEvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAqO2CeSs
ZaaN5flv40hKY8srkoeGpavheA15kDSL3V9FFIyUrf+LdOedLyPfyHXQNNNTisR1
zTEK+aKi/o0Ufs8xyScDXTlA26EjMGEFCsPXGMhi/fBoDtMVmSHeoxWVSVMP3WVJ
CSKKN+lza1psk8vJAZ6byz3XVn2H7UDxoXpmTjweZAd71PJvAwQdWWj9SWhN/rhw
XIHbrKXqEHFOqU7bOkJH2IgYQzRiQU/YVl4Z4Vxpn3aWVOPMEpZ02cWPnx41owbP
khjsOVjmLb2Go0mzGZDz4hOtnc+qRJ4OkwkAFBxNOnBLnpjD+xgGorRJ44lS2vrT
aKGVOspj4anaPw==
-----END CERTIFICATE-----