Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          1InZP0XIBVahVZUzD/MA4IDNUJiULRoG/xEf7/9La0U=
Subject key identifier:   9E:98:FE:24:11:78:DE:32:59:74:E4:21:DB:BC:01:00:FF:75:F2:66
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       019A4DE21F78C5CDAF838B68513C418A3D60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          1009
Signing time:             Tue 04 Nov 2025 08:00:56 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:56 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:56 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: xJmq7WEuyq2/lAxksrTUZApUD8j3UgqCj47Q5zkNZA0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e2:1f:78:c5:cd:af:83:8b:68:51:3c:41:8a:3d:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: Nov  4 08:00:56 2025 GMT
            Not After : Nov  5 08:00:56 2025 GMT
        Subject: CN=9e98fe241178de325974e421dbbc0100ff75f266
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:68:70:2f:46:f6:95:59:7e:de:50:d9:2a:ca:
                    31:05:dd:eb:f7:fe:08:34:a5:82:0e:a0:f1:b9:92:
                    ea:ae:d2:ca:3d:23:ba:05:41:6c:06:b3:ba:26:9e:
                    de:68:a7:3a:a5:5b:58:d4:54:ea:ac:52:43:b4:33:
                    9b:3f:8c:75:5c:28:ed:5a:ca:7e:b6:ce:40:ca:e4:
                    ef:ac:42:47:dd:db:d1:24:cb:dd:ad:7c:9d:22:e7:
                    80:94:ac:ec:4b:fa:24:6c:41:0c:99:42:56:2d:42:
                    09:10:1d:63:59:39:49:5c:19:c0:ec:93:c6:08:c7:
                    dd:a7:eb:73:e4:43:cc:55:02:ad:b3:25:63:f7:d1:
                    c3:2d:53:bd:f6:0b:24:f5:5a:ba:ff:a2:e8:a7:73:
                    28:23:a6:05:31:3a:21:1e:5a:99:2d:98:d2:77:be:
                    26:0c:21:ff:39:40:69:6e:47:0c:8e:8c:92:92:07:
                    a0:94:4e:86:0f:d3:9c:07:11:23:6e:29:21:93:3f:
                    a5:6d:f0:09:29:68:58:55:b6:d8:36:fa:50:04:f0:
                    58:cf:57:b3:2a:45:9b:82:fd:3d:69:60:dd:c3:f0:
                    8c:a0:9e:4a:14:43:4a:5d:6f:b5:10:b1:56:e7:23:
                    5f:a3:cf:90:2c:a7:95:35:66:91:bf:14:b8:01:94:
                    e2:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:98:FE:24:11:78:DE:32:59:74:E4:21:DB:BC:01:00:FF:75:F2:66
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:2e:f8:78:65:e6:30:5d:02:dc:86:9d:bf:cf:3f:c9:19:40:
         ab:05:6a:29:3e:eb:e7:90:50:c7:05:6d:87:2c:4f:5d:23:25:
         74:0f:b3:bb:f8:61:de:9d:87:fc:1b:08:27:75:0a:34:35:73:
         3b:5c:48:7c:25:60:88:38:39:bb:e0:4e:3c:9e:5f:47:25:ca:
         3a:9f:00:ca:dc:e7:f8:e8:94:be:0f:23:8b:5d:aa:01:6f:2b:
         f4:57:e3:b4:7b:46:4e:1d:d6:14:7f:0d:23:d5:c2:86:f3:cb:
         49:96:5e:d6:a2:7f:9b:3f:e8:de:8e:38:d0:a1:df:91:ce:1b:
         15:e6:c3:85:18:21:9d:f6:88:7c:cf:83:68:d0:87:77:c3:17:
         61:94:a2:c1:54:7b:f0:5c:84:ce:bc:9c:2a:2b:57:f4:d8:c5:
         97:8e:bd:bc:51:13:a1:0c:08:41:69:90:f9:39:bb:03:22:9f:
         f4:59:bf:0b:18:44:f8:c2:f9:8b:c3:f5:f2:7f:f3:30:c1:c1:
         29:f7:0f:bc:69:a5:55:76:f7:cb:f2:bf:a3:d6:25:4b:fa:15:
         3a:40:a1:ef:86:a2:fa:f4:14:a1:6c:71:19:92:5b:01:83:d6:
         31:c4:b0:1d:1e:25:d4:48:36:2f:50:d7:02:3f:5a:5a:e0:da:
         e1:da:1e:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4h94xc2vg4toUTxBij1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjUxMTA0MDgwMDU2WhcNMjUxMTA1MDgwMDU2WjAzMTEwLwYDVQQD
Eyg5ZTk4ZmUyNDExNzhkZTMyNTk3NGU0MjFkYmJjMDEwMGZmNzVmMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GhwL0b2lVl+3lDZKsoxBd3r9/4I
NKWCDqDxuZLqrtLKPSO6BUFsBrO6Jp7eaKc6pVtY1FTqrFJDtDObP4x1XCjtWsp+
ts5AyuTvrEJH3dvRJMvdrXydIueAlKzsS/okbEEMmUJWLUIJEB1jWTlJXBnA7JPG
CMfdp+tz5EPMVQKtsyVj99HDLVO99gsk9Vq6/6Lop3MoI6YFMTohHlqZLZjSd74m
DCH/OUBpbkcMjoySkgeglE6GD9OcBxEjbikhkz+lbfAJKWhYVbbYNvpQBPBYz1ez
KkWbgv09aWDdw/CMoJ5KFENKXW+1ELFW5yNfo8+QLKeVNWaRvxS4AZTi4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ6Y/iQReN4yWXTkIdu8AQD/dfJmMB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASC74eGXm
MF0C3Iadv88/yRlAqwVqKT7r55BQxwVthyxPXSMldA+zu/hh3p2H/BsIJ3UKNDVz
O1xIfCVgiDg5u+BOPJ5fRyXKOp8Aytzn+OiUvg8ji12qAW8r9FfjtHtGTh3WFH8N
I9XChvPLSZZe1qJ/mz/o3o440KHfkc4bFebDhRghnfaIfM+DaNCHd8MXYZSiwVR7
8FyEzrycKitX9NjFl469vFEToQwIQWmQ+Tm7AyKf9Fm/CxhE+ML5i8P18n/zMMHB
KfcPvGmlVXb3y/K/o9YlS/oVOkCh74ai+vQUoWxxGZJbAYPWMcSwHR4l1Eg2L1DX
Aj9aWuDa4doeCA==
-----END CERTIFICATE-----