Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
File:                     IPdQab1W78UXA4PtMcrSJGT98DA.mft (raw, json)
Hash identifier:          /EqSnAtd0XiBeizaAZSPR9ft66eMomOgH11kxT+m3QM=
Subject key identifier:   09:58:C9:FC:65:97:77:C1:C8:77:95:62:95:07:A5:45:A3:F5:B1:D8
Authority key identifier: 20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30
Certificate issuer:       /CN=20f75069bd56efc5170383ed31cad22464fdf030
Certificate serial:       0198820B83D78B2EA50910BD4BAFF3C15F61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
Manifest number:          03CD
Signing time:             Thu 07 Aug 2025 01:00:49 +0000
Manifest this update:     Thu 07 Aug 2025 01:00:49 +0000
Manifest next update:     Fri 08 Aug 2025 01:00:49 +0000
Files and hashes:         1: IPdQab1W78UXA4PtMcrSJGT98DA.crl (hash: 7LOGPQqAr6gfm3ToVEXB9hOdJocrawVu1d4YPevyDTA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:82:0b:83:d7:8b:2e:a5:09:10:bd:4b:af:f3:c1:5f:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20f75069bd56efc5170383ed31cad22464fdf030
        Validity
            Not Before: Aug  7 01:00:49 2025 GMT
            Not After : Aug  8 01:00:49 2025 GMT
        Subject: CN=0958c9fc659777c1c87795629507a545a3f5b1d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e5:02:55:16:b0:cd:cd:d6:11:4c:3e:72:6d:
                    5b:0d:81:9e:75:de:d2:82:6a:32:c0:84:e0:91:8e:
                    d9:e7:c2:53:1e:f3:c6:86:5d:87:76:40:88:f8:26:
                    66:e7:d6:be:6b:aa:d6:09:cb:56:1c:68:7a:60:40:
                    81:d0:ce:4c:3d:bd:ed:21:15:8e:0c:a6:cb:aa:61:
                    36:98:8f:a3:eb:3d:5d:ab:3e:f3:b9:6d:81:3a:d0:
                    1c:c2:de:8d:49:47:db:4c:14:45:6d:69:97:6e:35:
                    62:1d:17:ea:98:33:69:ce:af:33:39:1a:09:a3:8a:
                    b0:27:cd:11:ab:fc:3a:3b:01:16:70:a3:1d:de:5b:
                    97:4e:56:18:70:12:ca:36:8c:ff:cd:06:d8:ea:c9:
                    29:65:6a:d0:2d:86:2c:59:ac:8d:32:73:9a:31:c2:
                    6f:dd:90:9a:a3:6c:8c:ed:6f:6e:08:9f:b4:8e:78:
                    56:1c:f6:81:12:4c:d6:81:25:fd:9f:00:dd:7f:f1:
                    70:17:bc:e5:39:3d:ea:be:27:a5:08:df:dc:0c:bd:
                    ed:44:36:1e:19:ee:f2:e4:99:c1:9c:26:61:4e:20:
                    eb:fb:c3:2b:59:a6:8b:4c:5b:6c:38:75:92:8c:40:
                    07:c3:73:7a:0f:ab:1d:c2:fe:bf:9a:62:ce:fa:98:
                    ee:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:58:C9:FC:65:97:77:C1:C8:77:95:62:95:07:A5:45:A3:F5:B1:D8
            X509v3 Authority Key Identifier:
                keyid:20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:0e:e7:cb:ed:3b:e0:b7:f4:13:55:09:c6:7e:ae:06:bd:e7:
         ad:13:1b:ce:c4:e3:f0:e0:79:aa:21:69:c5:e8:25:01:39:e9:
         69:78:fb:f0:19:38:ae:9b:52:ac:f6:bd:c9:ed:09:bd:3c:fb:
         88:59:cd:90:11:4c:08:e4:24:43:17:1e:27:79:d1:87:92:4d:
         21:ce:1c:3f:6b:39:06:db:49:87:83:95:3d:51:23:ac:d2:1a:
         be:af:82:57:05:38:bc:84:0a:60:99:8c:81:0b:a2:a6:60:df:
         24:11:23:fe:79:7d:52:a8:dc:91:f3:cd:8e:21:ea:8b:8d:df:
         ac:c4:70:98:71:18:aa:28:0c:81:a1:52:ac:14:37:e9:18:b0:
         cc:9b:75:00:6d:b6:9e:cf:84:61:51:6b:c5:13:d2:d2:0d:5e:
         f7:88:aa:e8:25:a3:83:ae:e5:f1:1b:f9:57:7a:25:eb:03:51:
         75:5e:5a:1f:7b:c1:7d:a4:e8:2f:30:08:a3:d2:bd:2f:de:30:
         1a:f3:39:b2:45:9a:8b:c2:cc:4f:d0:d2:7b:97:fa:9f:e5:b5:
         12:d6:ef:5f:b9:ca:50:39:d0:40:05:de:25:b6:ca:84:d9:07:
         1d:fa:14:fd:dd:74:84:20:37:98:ba:ba:7c:2f:0c:12:02:e4:
         56:92:80:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiCC4PXiy6lCRC9S6/zwV9hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjc1MDY5YmQ1NmVmYzUxNzAzODNlZDMxY2FkMjI0NjRm
ZGYwMzAwHhcNMjUwODA3MDEwMDQ5WhcNMjUwODA4MDEwMDQ5WjAzMTEwLwYDVQQD
EygwOTU4YzlmYzY1OTc3N2MxYzg3Nzk1NjI5NTA3YTU0NWEzZjViMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOUCVRawzc3WEUw+cm1bDYGedd7S
gmoywITgkY7Z58JTHvPGhl2HdkCI+CZm59a+a6rWCctWHGh6YECB0M5MPb3tIRWO
DKbLqmE2mI+j6z1dqz7zuW2BOtAcwt6NSUfbTBRFbWmXbjViHRfqmDNpzq8zORoJ
o4qwJ80Rq/w6OwEWcKMd3luXTlYYcBLKNoz/zQbY6skpZWrQLYYsWayNMnOaMcJv
3ZCao2yM7W9uCJ+0jnhWHPaBEkzWgSX9nwDdf/FwF7zlOT3qvielCN/cDL3tRDYe
Ge7y5JnBnCZhTiDr+8MrWaaLTFtsOHWSjEAHw3N6D6sdwv6/mmLO+pjuVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAlYyfxll3fByHeVYpUHpUWj9bHYMB8GA1UdIwQY
MBaAFCD3UGm9Vu/FFwOD7THK0iRk/fAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYt
Yjk3MDVkN2QzNTc5LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYtYjk3MDVkN2QzNTc5
LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhw7ny+07
4Lf0E1UJxn6uBr3nrRMbzsTj8OB5qiFpxeglATnpaXj78Bk4rptSrPa9ye0JvTz7
iFnNkBFMCOQkQxceJ3nRh5JNIc4cP2s5BttJh4OVPVEjrNIavq+CVwU4vIQKYJmM
gQuipmDfJBEj/nl9UqjckfPNjiHqi43frMRwmHEYqigMgaFSrBQ36RiwzJt1AG22
ns+EYVFrxRPS0g1e94iq6CWjg67l8Rv5V3ol6wNRdV5aH3vBfaToLzAIo9K9L94w
GvM5skWai8LMT9DSe5f6n+W1EtbvX7nKUDnQQAXeJbbKhNkHHfoU/d10hCA3mLq6
fC8MEgLkVpKATQ==
-----END CERTIFICATE-----