Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          mJJa/74VOYE+I1/qlQUYebdFaeflF1hJIbMjFXYNPXA=
Subject key identifier:   E3:E8:AE:DE:B6:6D:9B:43:3C:D1:2F:C9:CD:C6:D7:92:7B:96:DF:97
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       019A4E18FB5D99032BFB9702AF376755C3C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          069E
Signing time:             Tue 04 Nov 2025 09:00:51 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:51 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:51 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: m4yW2yln05sfm/uIJKxFetlYSfJJMlRG95CMmmBpF50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:18:fb:5d:99:03:2b:fb:97:02:af:37:67:55:c3:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Nov  4 09:00:51 2025 GMT
            Not After : Nov  5 09:00:51 2025 GMT
        Subject: CN=e3e8aedeb66d9b433cd12fc9cdc6d7927b96df97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a9:2a:11:3d:fa:fa:0f:ce:96:b7:55:9c:e9:
                    8f:06:e8:b7:4a:62:dd:c0:71:4f:db:3a:e8:48:9e:
                    52:b2:5e:7c:39:6e:61:91:18:06:7e:0f:45:ac:ee:
                    76:b2:d7:c3:28:73:2d:b3:58:c0:89:a3:21:e9:d9:
                    bc:5f:5f:47:96:91:7e:48:1f:24:3c:ba:da:0f:cd:
                    b9:98:bd:4c:54:b9:27:e2:f0:66:6a:7e:d0:4d:d4:
                    d4:e5:92:53:42:9b:cf:36:46:d5:37:aa:eb:3a:44:
                    b8:8f:76:26:e4:88:8e:7e:c4:4c:c5:7d:01:aa:87:
                    bf:d4:b5:6b:dc:7b:d2:da:74:e7:8d:2c:6d:0d:d4:
                    03:d7:14:37:5e:74:e9:9b:14:76:f1:0d:b8:76:7b:
                    4c:bb:df:0d:b4:69:a1:41:a5:7b:3f:3c:5b:4d:5f:
                    6c:49:be:fe:20:47:a3:71:19:ff:c4:8a:58:f0:f0:
                    f3:02:b7:ae:f3:54:80:f1:4c:96:96:2b:08:80:a7:
                    ba:fb:92:ce:6c:7a:84:2b:d7:f7:e9:fb:e8:65:db:
                    ed:8c:24:5b:82:a7:0d:bc:89:17:8e:da:8c:2e:40:
                    68:77:7a:49:c5:99:82:54:b3:96:03:55:43:b6:8f:
                    06:28:3a:71:ae:00:4d:dc:f5:e6:6d:b5:b1:e5:8a:
                    cd:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:E8:AE:DE:B6:6D:9B:43:3C:D1:2F:C9:CD:C6:D7:92:7B:96:DF:97
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:de:df:50:b2:8d:36:f6:de:8c:ab:03:c6:7f:f6:fd:51:dc:
         c5:0a:6d:ae:af:14:c4:7d:09:c2:20:6d:fd:79:18:0c:ef:97:
         1e:34:5f:9d:45:78:2b:31:ad:df:cb:9c:2a:e2:6e:95:43:dc:
         b3:71:36:b2:02:aa:2d:cc:1a:8d:60:9c:4b:37:2f:79:d8:33:
         d3:ea:f1:a7:53:99:cb:99:4e:e0:4e:03:51:a8:24:15:b6:b6:
         7b:92:30:2e:a5:85:e0:9e:64:35:b2:ee:6a:d5:d3:29:23:45:
         57:f8:1e:c7:9c:a8:e2:6f:d9:6d:0d:e9:b1:ce:f6:05:bd:37:
         78:4a:48:a2:2b:3f:b2:65:b6:e5:0e:27:f3:d5:22:7a:e4:36:
         f3:fe:33:26:1d:58:00:12:e9:35:ed:22:3b:dd:8a:82:8c:7f:
         b0:4c:c2:60:1c:04:d0:b6:e4:39:bf:e8:b3:23:d2:3f:f9:7a:
         57:0b:36:48:a9:17:7c:70:9a:02:86:f7:b6:9a:0f:f9:50:7d:
         7e:12:9a:ab:39:5c:92:24:42:64:df:15:a1:17:b7:6f:44:e0:
         df:52:0f:c1:f6:84:bb:3f:1d:a5:79:d8:54:dc:f2:c7:2e:ec:
         8b:1b:3d:db:51:5c:fd:38:cd:3b:cb:41:29:9e:87:9f:6d:5a:
         5b:a7:28:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGPtdmQMr+5cCrzdnVcPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjUxMTA0MDkwMDUxWhcNMjUxMTA1MDkwMDUxWjAzMTEwLwYDVQQD
EyhlM2U4YWVkZWI2NmQ5YjQzM2NkMTJmYzljZGM2ZDc5MjdiOTZkZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqkqET36+g/OlrdVnOmPBui3SmLd
wHFP2zroSJ5Ssl58OW5hkRgGfg9FrO52stfDKHMts1jAiaMh6dm8X19HlpF+SB8k
PLraD825mL1MVLkn4vBman7QTdTU5ZJTQpvPNkbVN6rrOkS4j3Ym5IiOfsRMxX0B
qoe/1LVr3HvS2nTnjSxtDdQD1xQ3XnTpmxR28Q24dntMu98NtGmhQaV7PzxbTV9s
Sb7+IEejcRn/xIpY8PDzAreu81SA8UyWlisIgKe6+5LObHqEK9f36fvoZdvtjCRb
gqcNvIkXjtqMLkBod3pJxZmCVLOWA1VDto8GKDpxrgBN3PXmbbWx5YrN/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOPort62bZtDPNEvyc3G15J7lt+XMB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAod7fULKN
NvbejKsDxn/2/VHcxQptrq8UxH0JwiBt/XkYDO+XHjRfnUV4KzGt38ucKuJulUPc
s3E2sgKqLcwajWCcSzcvedgz0+rxp1OZy5lO4E4DUagkFba2e5IwLqWF4J5kNbLu
atXTKSNFV/gex5yo4m/ZbQ3psc72Bb03eEpIois/smW25Q4n89UieuQ28/4zJh1Y
ABLpNe0iO92Kgox/sEzCYBwE0LbkOb/osyPSP/l6Vws2SKkXfHCaAob3tpoP+VB9
fhKaqzlckiRCZN8VoRe3b0Tg31IPwfaEuz8dpXnYVNzyxy7sixs921Fc/TjNO8tB
KZ6Hn21aW6coEg==
-----END CERTIFICATE-----