Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          kUKaQ4XV3exJtI4pm8XKuP+JS1scmmUmiAsfGru4aCY=
Subject key identifier:   5E:9F:85:E5:86:45:75:BC:55:2F:82:51:4C:F3:29:5B:79:F8:F7:3F
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       0197700799828BC8D661D61C054A92B7448C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          0E8D
Signing time:             Sat 14 Jun 2025 20:00:35 +0000
Manifest this update:     Sat 14 Jun 2025 20:00:35 +0000
Manifest next update:     Sun 15 Jun 2025 20:00:35 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: 1fn+b5Wn969VhcBiU86lgR1zX9Ps9/8N4YbAlIvg5MY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:07:99:82:8b:c8:d6:61:d6:1c:05:4a:92:b7:44:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: Jun 14 20:00:35 2025 GMT
            Not After : Jun 15 20:00:35 2025 GMT
        Subject: CN=5e9f85e5864575bc552f82514cf3295b79f8f73f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e5:c7:aa:4d:07:6a:f3:09:ac:91:2a:b7:9d:
                    3c:0d:8d:dd:d8:fd:1a:8b:fb:7c:7c:94:62:e9:08:
                    87:a4:a9:9e:1e:53:cc:07:3a:cf:b1:6b:6a:9d:74:
                    0c:bc:bb:51:90:1e:b2:6f:1c:4c:a0:12:92:a3:cc:
                    ac:e8:2e:ee:44:ce:01:99:92:4e:25:03:f8:f1:b1:
                    72:54:c9:2f:5f:09:53:3d:99:08:33:b7:73:5b:0b:
                    ec:81:b1:5c:da:f6:09:32:c5:1f:75:c4:9e:74:09:
                    57:52:a8:3b:fc:f6:ab:b9:bf:2b:09:5e:08:d9:bf:
                    65:ce:91:77:70:af:bf:ac:46:40:79:aa:fc:d1:1d:
                    ef:93:11:e8:3e:c5:0f:83:10:6d:0c:d7:39:8b:9b:
                    3b:f0:d1:1c:7d:94:9f:d1:01:f0:8d:af:6e:f1:63:
                    d1:b7:c8:7c:d5:ae:1a:90:12:56:c1:4b:47:0b:c6:
                    3e:88:7f:a4:09:1d:60:ca:b1:2a:62:21:f1:8b:fe:
                    4c:a8:34:7f:d0:59:93:e8:04:50:2f:4d:3f:e1:21:
                    0b:65:97:15:8f:56:17:5f:d7:19:05:71:af:98:ac:
                    cb:39:fd:cd:4d:55:4e:2c:9f:62:7f:fc:06:df:3b:
                    d1:9e:aa:3e:80:36:8c:71:e9:ac:38:10:d7:21:21:
                    b5:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:9F:85:E5:86:45:75:BC:55:2F:82:51:4C:F3:29:5B:79:F8:F7:3F
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:ee:f1:7d:9a:05:3b:de:6b:8f:fe:9d:75:7c:db:38:9c:c7:
         3d:42:24:2b:87:fe:99:54:ff:fe:bb:35:71:68:f4:1c:94:e2:
         ba:2d:82:b2:9c:73:f1:89:10:45:b2:91:59:fc:be:ae:f5:b5:
         bc:d6:d1:c5:ac:52:42:6d:ec:67:6d:da:59:a2:49:e5:54:d9:
         6d:0e:60:1f:d4:1c:7e:79:bd:b1:52:ab:0a:82:df:87:60:04:
         ed:25:34:03:92:59:95:6f:b0:8c:cb:04:81:46:01:df:74:07:
         f9:c6:a4:4f:4f:fa:30:6f:f0:c1:6e:48:28:dc:9b:4e:dd:c0:
         08:dc:9b:a3:d1:f3:07:90:15:27:80:ba:fa:da:08:11:76:6e:
         ac:d9:f0:af:99:c0:b9:6c:a1:a7:f7:a7:22:22:4c:b9:aa:ff:
         70:4c:f5:48:5c:66:fc:b2:62:cb:4b:e7:ae:c1:70:05:0f:c9:
         fd:e2:4d:72:0d:e1:43:27:8c:23:eb:c0:b2:56:82:2e:53:43:
         d4:af:e3:10:6e:c8:c7:3b:ca:b7:7f:aa:b4:13:99:4c:88:fc:
         d7:2f:be:8f:e9:3d:04:a1:c1:df:31:ed:bc:10:ad:f0:5b:1b:
         e9:df:88:c5:37:4a:74:f6:c3:45:a0:46:90:10:32:d1:52:2e:
         b1:c4:5d:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwB5mCi8jWYdYcBUqSt0SMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjUwNjE0MjAwMDM1WhcNMjUwNjE1MjAwMDM1WjAzMTEwLwYDVQQD
Eyg1ZTlmODVlNTg2NDU3NWJjNTUyZjgyNTE0Y2YzMjk1Yjc5ZjhmNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseXHqk0HavMJrJEqt508DY3d2P0a
i/t8fJRi6QiHpKmeHlPMBzrPsWtqnXQMvLtRkB6ybxxMoBKSo8ys6C7uRM4BmZJO
JQP48bFyVMkvXwlTPZkIM7dzWwvsgbFc2vYJMsUfdcSedAlXUqg7/Parub8rCV4I
2b9lzpF3cK+/rEZAear80R3vkxHoPsUPgxBtDNc5i5s78NEcfZSf0QHwja9u8WPR
t8h81a4akBJWwUtHC8Y+iH+kCR1gyrEqYiHxi/5MqDR/0FmT6ARQL00/4SELZZcV
j1YXX9cZBXGvmKzLOf3NTVVOLJ9if/wG3zvRnqo+gDaMcemsOBDXISG1MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6fheWGRXW8VS+CUUzzKVt5+Pc/MB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFe7xfZoF
O95rj/6ddXzbOJzHPUIkK4f+mVT//rs1cWj0HJTiui2Cspxz8YkQRbKRWfy+rvW1
vNbRxaxSQm3sZ23aWaJJ5VTZbQ5gH9Qcfnm9sVKrCoLfh2AE7SU0A5JZlW+wjMsE
gUYB33QH+cakT0/6MG/wwW5IKNybTt3ACNybo9HzB5AVJ4C6+toIEXZurNnwr5nA
uWyhp/enIiJMuar/cEz1SFxm/LJiy0vnrsFwBQ/J/eJNcg3hQyeMI+vAslaCLlND
1K/jEG7IxzvKt3+qtBOZTIj81y++j+k9BKHB3zHtvBCt8Fsb6d+IxTdKdPbDRaBG
kBAy0VIuscRdvA==
-----END CERTIFICATE-----