Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          w2p3rXuAb/c6Th12LKx0aas772d3F8teWQF11oNtoRE=
Subject key identifier:   D3:E7:A5:F1:E8:94:5C:77:20:DF:02:81:5A:CB:EE:9B:01:81:34:AC
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       01987C782079528E13022D345D171414E38D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          0F18
Signing time:             Tue 05 Aug 2025 23:01:44 +0000
Manifest this update:     Tue 05 Aug 2025 23:01:44 +0000
Manifest next update:     Wed 06 Aug 2025 23:01:44 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: +E9EkvVJIWMstiaEY6PjztJk2aZ9Fe0mcZYy2raPT30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 17:44:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:78:20:79:52:8e:13:02:2d:34:5d:17:14:14:e3:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: Aug  5 23:01:44 2025 GMT
            Not After : Aug  6 23:01:44 2025 GMT
        Subject: CN=d3e7a5f1e8945c7720df02815acbee9b018134ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:e0:cf:c6:37:ac:95:75:28:e0:45:55:7f:bc:
                    13:a1:ee:4c:4b:df:e4:d4:29:f1:00:d7:80:ce:1e:
                    81:26:fd:60:0e:04:a0:c1:ac:c3:c6:05:b3:8f:5f:
                    38:1e:58:2b:6a:e9:91:c5:1c:63:51:84:db:72:04:
                    c1:cb:6a:93:15:6d:76:d8:1c:a4:ad:4e:7f:a6:5c:
                    f3:79:7b:4f:bf:00:1c:7d:7f:16:63:c5:ba:58:c3:
                    e1:42:41:93:e0:75:94:a7:1e:be:95:6e:cb:0f:b2:
                    3e:ad:f2:ef:93:7f:60:f4:db:09:e2:df:64:34:d0:
                    fa:39:89:8f:bd:1f:87:29:06:2e:3d:e3:4a:a8:59:
                    b2:c9:9b:a1:e6:ef:c6:38:18:f8:f9:a3:b8:cb:39:
                    03:8c:52:28:76:2b:1d:80:2d:17:35:9d:34:d3:36:
                    f6:e5:c3:42:4b:5c:c3:a3:a4:69:c1:4e:6f:a6:5e:
                    aa:ba:e0:69:19:38:41:db:34:11:05:ee:57:56:0b:
                    ee:12:c2:b1:3a:c9:e5:20:04:37:05:e0:76:7b:59:
                    9b:52:e0:c9:1a:d0:a9:17:89:28:df:b1:73:c3:7d:
                    6f:51:a6:e1:3e:b9:ad:48:08:42:19:f6:b9:1f:61:
                    f8:ce:fc:ad:05:a1:55:6d:e9:67:17:58:52:03:c8:
                    d5:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:E7:A5:F1:E8:94:5C:77:20:DF:02:81:5A:CB:EE:9B:01:81:34:AC
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:3e:af:4a:42:9c:c8:fe:13:53:f1:4d:cb:ec:01:10:a4:40:
         f8:83:66:c1:94:bc:13:21:72:f3:d8:64:95:9a:70:dd:e1:b3:
         60:07:1c:74:9f:90:b1:e8:66:8b:22:50:22:ad:64:cd:3a:11:
         11:da:a8:87:5a:e6:ce:dc:59:ab:5a:4a:da:66:a0:c2:38:80:
         1e:fb:8c:17:fe:19:4f:46:5f:de:e8:48:2e:3f:52:b1:29:29:
         65:ff:c1:53:fd:3d:e1:ef:41:36:8c:9a:c1:09:c5:3a:4b:8f:
         91:55:94:63:7e:2f:7d:92:15:17:7d:62:5c:cd:c3:ff:27:c1:
         a0:0f:b0:af:0c:3c:41:f3:bd:6b:91:02:e0:37:2d:87:2a:29:
         7c:a1:8e:54:ed:5b:29:77:12:b6:7e:5d:f7:b8:75:bf:ba:01:
         db:d9:65:8f:aa:71:ed:ec:a5:b4:32:01:39:cc:38:12:26:d5:
         00:da:a0:f6:4e:1d:ad:80:61:a8:c0:1d:15:2a:60:9d:0a:45:
         cd:9c:0a:e7:19:d1:e6:bc:02:f7:d1:a6:c7:f4:54:3f:86:73:
         e2:d6:4e:cf:2d:46:cf:45:20:cb:dc:36:92:e2:fb:69:b1:5e:
         b3:0f:cc:8c:38:32:d2:e5:e4:40:34:78:3c:fc:a4:9d:eb:94:
         a5:ff:8e:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8eCB5Uo4TAi00XRcUFOONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjUwODA1MjMwMTQ0WhcNMjUwODA2MjMwMTQ0WjAzMTEwLwYDVQQD
EyhkM2U3YTVmMWU4OTQ1Yzc3MjBkZjAyODE1YWNiZWU5YjAxODEzNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguDPxjeslXUo4EVVf7wToe5MS9/k
1CnxANeAzh6BJv1gDgSgwazDxgWzj184HlgraumRxRxjUYTbcgTBy2qTFW122Byk
rU5/plzzeXtPvwAcfX8WY8W6WMPhQkGT4HWUpx6+lW7LD7I+rfLvk39g9NsJ4t9k
NND6OYmPvR+HKQYuPeNKqFmyyZuh5u/GOBj4+aO4yzkDjFIodisdgC0XNZ000zb2
5cNCS1zDo6RpwU5vpl6quuBpGThB2zQRBe5XVgvuEsKxOsnlIAQ3BeB2e1mbUuDJ
GtCpF4ko37Fzw31vUabhPrmtSAhCGfa5H2H4zvytBaFVbelnF1hSA8jVPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPnpfHolFx3IN8CgVrL7psBgTSsMB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQT6vSkKc
yP4TU/FNy+wBEKRA+INmwZS8EyFy89hklZpw3eGzYAccdJ+QsehmiyJQIq1kzToR
Edqoh1rmztxZq1pK2magwjiAHvuMF/4ZT0Zf3uhILj9SsSkpZf/BU/094e9BNoya
wQnFOkuPkVWUY34vfZIVF31iXM3D/yfBoA+wrww8QfO9a5EC4DcthyopfKGOVO1b
KXcStn5d97h1v7oB29llj6px7eyltDIBOcw4EibVANqg9k4drYBhqMAdFSpgnQpF
zZwK5xnR5rwC99Gmx/RUP4Zz4tZOzy1Gz0Ugy9w2kuL7abFesw/MjDgy0uXkQDR4
PPykneuUpf+OHA==
-----END CERTIFICATE-----