Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          V2bu8dWUCufxkjzPQ3785dCQrT4ufk2uJR6No3L+tdY=
Subject key identifier:   BB:C7:A3:1C:DF:BF:A9:7B:C7:A6:8A:95:31:27:29:54:33:66:CE:2F
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       019893DAF6711D931ACDF1D62C0266A25697
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          05B9
Signing time:             Sun 10 Aug 2025 12:00:57 +0000
Manifest this update:     Sun 10 Aug 2025 12:00:57 +0000
Manifest next update:     Mon 11 Aug 2025 12:00:57 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: LHBmtqN6rEWc9xWcc3jdwdYM855Bayqz12MAGjLylnc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 12:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:da:f6:71:1d:93:1a:cd:f1:d6:2c:02:66:a2:56:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Aug 10 12:00:57 2025 GMT
            Not After : Aug 11 12:00:57 2025 GMT
        Subject: CN=bbc7a31cdfbfa97bc7a68a95312729543366ce2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:5d:60:a1:65:d3:62:dc:7a:73:f4:34:21:e4:
                    dc:dc:fa:71:48:ac:92:ca:92:aa:eb:a1:6f:a3:46:
                    3f:ca:83:a7:db:1f:17:b2:55:8c:4d:87:bd:48:19:
                    85:fd:59:50:1f:0c:66:1a:86:a5:da:c9:46:02:a0:
                    9d:ad:2e:6f:0e:6b:10:ce:91:39:3d:c6:fe:fc:cb:
                    02:c6:c4:90:82:2e:71:f3:97:50:3f:08:56:4a:79:
                    5f:5a:c9:74:d5:67:15:be:c6:55:a0:c0:81:80:77:
                    be:a4:33:56:54:e6:26:a8:99:d5:b1:79:5c:b0:73:
                    c1:70:d6:fd:62:f7:19:4e:3c:70:e3:f2:e6:43:1b:
                    58:b9:87:14:71:a7:4c:a5:e5:68:2a:1e:c0:2a:f2:
                    0b:9e:0e:69:2b:6a:34:4d:6a:9f:d1:c5:e3:91:17:
                    80:de:98:92:05:c3:79:a7:ef:29:98:fb:f1:39:09:
                    77:7a:8e:9b:f4:a7:12:a7:91:63:79:c9:b4:f2:ba:
                    c7:ef:61:03:c9:4a:d6:01:6b:aa:fd:47:ff:c8:2a:
                    17:76:dd:52:37:ee:bc:fc:ab:30:f6:da:14:f0:84:
                    0a:d8:85:70:21:01:76:b6:4d:42:36:99:f8:6a:b6:
                    9e:ed:50:d7:4d:d9:54:b6:cd:08:c9:5a:5e:a2:38:
                    69:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:C7:A3:1C:DF:BF:A9:7B:C7:A6:8A:95:31:27:29:54:33:66:CE:2F
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:59:33:8e:8e:d0:ab:fd:e8:1b:8f:f6:dd:87:10:13:bf:93:
         ab:86:14:4c:24:c4:f1:68:43:0a:20:90:a0:4b:d7:d2:c2:2f:
         b5:7e:86:24:16:ba:cd:06:e7:98:8b:38:57:c2:ac:e3:fe:b5:
         cb:9d:7d:36:35:58:1c:f7:8e:53:33:d4:0f:36:5e:d0:1d:54:
         d8:1a:88:87:0a:5d:7b:c4:b6:88:48:b7:35:ca:8e:4c:1f:f9:
         5c:6a:9b:e7:b0:06:45:5a:3a:10:1d:f5:c5:93:fd:48:c5:d8:
         f3:4b:ac:f2:e0:7c:28:d5:86:3a:e3:bd:74:26:fd:97:8c:08:
         2c:05:06:b6:df:88:ab:a8:19:55:dd:89:65:f2:e6:61:f0:67:
         5f:dc:48:0c:35:cf:1a:68:a6:bd:e5:dd:d0:d1:0b:e7:18:a7:
         58:39:ee:45:e9:62:88:2d:8e:09:ba:2f:37:9c:f5:e8:f9:0a:
         06:cd:49:ba:5e:4d:7a:c2:e0:08:e9:ee:02:9e:b6:9f:53:37:
         ab:7b:e0:16:0e:05:a1:e2:3a:fb:8b:81:10:5f:59:b3:59:f6:
         b5:2e:1e:ae:4e:48:ea:c0:f3:bb:67:d0:3c:ce:54:09:d1:48:
         b0:d8:70:13:7c:23:1f:b0:85:d0:cd:33:42:42:57:ab:27:69:
         17:ae:1a:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiT2vZxHZMazfHWLAJmolaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjUwODEwMTIwMDU3WhcNMjUwODExMTIwMDU3WjAzMTEwLwYDVQQD
EyhiYmM3YTMxY2RmYmZhOTdiYzdhNjhhOTUzMTI3Mjk1NDMzNjZjZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1V1goWXTYtx6c/Q0IeTc3PpxSKyS
ypKq66Fvo0Y/yoOn2x8XslWMTYe9SBmF/VlQHwxmGoal2slGAqCdrS5vDmsQzpE5
Pcb+/MsCxsSQgi5x85dQPwhWSnlfWsl01WcVvsZVoMCBgHe+pDNWVOYmqJnVsXlc
sHPBcNb9YvcZTjxw4/LmQxtYuYcUcadMpeVoKh7AKvILng5pK2o0TWqf0cXjkReA
3piSBcN5p+8pmPvxOQl3eo6b9KcSp5Fjecm08rrH72EDyUrWAWuq/Uf/yCoXdt1S
N+68/Ksw9toU8IQK2IVwIQF2tk1CNpn4arae7VDXTdlUts0IyVpeojhpXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvHoxzfv6l7x6aKlTEnKVQzZs4vMB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMFkzjo7Q
q/3oG4/23YcQE7+Tq4YUTCTE8WhDCiCQoEvX0sIvtX6GJBa6zQbnmIs4V8Ks4/61
y519NjVYHPeOUzPUDzZe0B1U2BqIhwpde8S2iEi3NcqOTB/5XGqb57AGRVo6EB31
xZP9SMXY80us8uB8KNWGOuO9dCb9l4wILAUGtt+Iq6gZVd2JZfLmYfBnX9xIDDXP
GmimveXd0NEL5xinWDnuReliiC2OCbovN5z16PkKBs1Jul5NesLgCOnuAp62n1M3
q3vgFg4FoeI6+4uBEF9Zs1n2tS4erk5I6sDzu2fQPM5UCdFIsNhwE3wjH7CF0M0z
QkJXqydpF64aUg==
-----END CERTIFICATE-----