Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          5esEM+YXaz/OTs4LIhmsaf6bH3yxV5ah9c0xi3quKWU=
Subject key identifier:   7B:60:A3:93:83:41:8F:7A:41:46:7D:62:4F:C2:9D:73:89:73:4A:64
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       01988EEB6B1D3D3C43D64D61708ED6E236DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          0649
Signing time:             Sat 09 Aug 2025 13:00:49 +0000
Manifest this update:     Sat 09 Aug 2025 13:00:49 +0000
Manifest next update:     Sun 10 Aug 2025 13:00:49 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: wVA11Q5g9joBIu0QSpJhd3ly8E+9u0WxRnucY92ypdg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 13:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8e:eb:6b:1d:3d:3c:43:d6:4d:61:70:8e:d6:e2:36:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: Aug  9 13:00:49 2025 GMT
            Not After : Aug 10 13:00:49 2025 GMT
        Subject: CN=7b60a39383418f7a41467d624fc29d7389734a64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:33:14:d0:10:0d:8b:f8:1f:b7:d7:00:b2:72:
                    e3:60:f1:05:65:2c:ac:26:11:90:4f:59:e2:2b:2a:
                    e8:eb:31:0e:d0:10:c1:ca:5d:c6:70:49:5c:09:47:
                    f8:9d:2e:e4:09:00:be:17:e6:c6:58:af:9c:2f:5d:
                    d2:fe:3e:5a:e3:91:53:fc:04:0b:54:71:1d:8f:0e:
                    8c:d2:59:f0:21:62:af:f4:7d:0d:c3:c2:a4:4a:44:
                    bb:c2:c9:9d:6a:f2:2b:86:06:eb:3a:cb:0d:a3:33:
                    59:d0:b2:db:db:1b:3f:db:4e:f2:fb:f9:0f:cd:54:
                    07:eb:d5:a4:b8:b9:a3:d1:e8:0d:dd:69:75:e4:96:
                    a1:9d:91:d0:e3:03:6c:3c:8e:32:da:61:3a:1b:71:
                    9d:e6:6e:03:51:10:52:0b:b4:ec:03:67:95:c5:0d:
                    d2:d4:c6:49:0f:24:62:80:f6:89:bd:ed:24:4e:57:
                    13:67:ca:17:11:29:23:05:64:40:8c:de:66:f2:78:
                    3d:bf:38:34:4c:cf:73:39:b4:65:d8:5b:8f:bd:b3:
                    ec:97:e8:b4:33:89:da:6c:ca:24:f2:e5:d4:ab:67:
                    13:76:be:a5:0d:62:ef:b5:29:2a:d1:08:15:c1:c1:
                    e3:96:60:53:40:47:47:17:e3:c3:b1:1a:7a:73:a7:
                    24:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:60:A3:93:83:41:8F:7A:41:46:7D:62:4F:C2:9D:73:89:73:4A:64
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:87:7f:2f:3e:2a:6f:29:9c:e7:ab:1c:23:ce:3a:e1:0a:c9:
         b9:15:ab:4e:f6:f5:3b:c0:ba:6e:52:21:aa:0e:2b:23:dd:ce:
         0f:32:22:f9:8b:3a:96:46:86:8c:0a:f4:27:4d:cf:51:7d:38:
         9b:0a:81:2e:31:4b:c4:78:fe:ae:58:91:2d:f5:2f:7b:87:a9:
         a0:92:cb:b4:28:92:43:f3:e4:53:2c:e4:25:b3:1b:14:ab:f5:
         9c:ac:90:35:f4:3b:bd:14:3c:4d:9b:54:e4:77:58:f4:d0:53:
         c6:ba:5b:33:a4:f5:06:4f:7f:25:51:18:94:35:00:d1:2c:bd:
         d8:19:2b:26:58:c8:5d:ed:7a:48:0b:54:bf:11:a9:8a:67:ab:
         39:95:60:0d:cd:fa:ee:df:0d:67:6a:52:f3:5a:c7:2e:52:89:
         69:98:e4:76:8b:41:ad:3c:9b:fb:ee:14:bf:72:61:80:34:9b:
         d2:d4:fa:7c:0c:6e:53:fd:ca:6e:1e:38:4c:6a:57:0f:d3:7f:
         82:a5:15:35:38:2a:4a:90:f5:c5:67:11:c2:fc:72:04:7f:d6:
         64:e6:29:65:b6:fb:28:ba:6b:d4:a1:4b:d3:50:68:0a:36:52:
         ae:dd:36:40:4b:71:05:2f:63:d8:a4:da:92:29:e5:e2:ef:ef:
         da:57:51:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiO62sdPTxD1k1hcI7W4jbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjUwODA5MTMwMDQ5WhcNMjUwODEwMTMwMDQ5WjAzMTEwLwYDVQQD
Eyg3YjYwYTM5MzgzNDE4ZjdhNDE0NjdkNjI0ZmMyOWQ3Mzg5NzM0YTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzMU0BANi/gft9cAsnLjYPEFZSys
JhGQT1niKyro6zEO0BDByl3GcElcCUf4nS7kCQC+F+bGWK+cL13S/j5a45FT/AQL
VHEdjw6M0lnwIWKv9H0Nw8KkSkS7wsmdavIrhgbrOssNozNZ0LLb2xs/207y+/kP
zVQH69WkuLmj0egN3Wl15JahnZHQ4wNsPI4y2mE6G3Gd5m4DURBSC7TsA2eVxQ3S
1MZJDyRigPaJve0kTlcTZ8oXESkjBWRAjN5m8ng9vzg0TM9zObRl2FuPvbPsl+i0
M4nabMok8uXUq2cTdr6lDWLvtSkq0QgVwcHjlmBTQEdHF+PDsRp6c6ckwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtgo5ODQY96QUZ9Yk/CnXOJc0pkMB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALId/Lz4q
bymc56scI8464QrJuRWrTvb1O8C6blIhqg4rI93ODzIi+Ys6lkaGjAr0J03PUX04
mwqBLjFLxHj+rliRLfUve4epoJLLtCiSQ/PkUyzkJbMbFKv1nKyQNfQ7vRQ8TZtU
5HdY9NBTxrpbM6T1Bk9/JVEYlDUA0Sy92BkrJljIXe16SAtUvxGpimerOZVgDc36
7t8NZ2pS81rHLlKJaZjkdotBrTyb++4Uv3JhgDSb0tT6fAxuU/3Kbh44TGpXD9N/
gqUVNTgqSpD1xWcRwvxyBH/WZOYpZbb7KLpr1KFL01BoCjZSrt02QEtxBS9j2KTa
kinl4u/v2ldREQ==
-----END CERTIFICATE-----