Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          IJRHyZdzhyHyxlU8AqW/nERSdZwtFtJIyflPkzxqtG8=
Subject key identifier:   48:DF:FA:3D:35:B3:B3:22:F5:25:DD:1A:DE:6E:72:54:3D:3C:22:96
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       019A71B7BEFDB0247577239B90E24046FB87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          0743
Signing time:             Tue 11 Nov 2025 07:00:58 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:58 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:58 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: VIOiwhPq6dLEPWEazjuF8pg/ZG/Blv2xLoCz8Tveck0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:be:fd:b0:24:75:77:23:9b:90:e2:40:46:fb:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: Nov 11 07:00:58 2025 GMT
            Not After : Nov 12 07:00:58 2025 GMT
        Subject: CN=48dffa3d35b3b322f525dd1ade6e72543d3c2296
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:26:cb:2c:38:8b:64:39:90:0f:d6:9d:40:6f:
                    61:15:50:85:12:34:f4:0e:d7:98:7c:51:2f:cd:3b:
                    95:07:f9:ed:d5:c5:90:ed:6a:e0:c5:57:97:c9:5c:
                    30:99:d7:1f:6a:5d:fa:d6:6d:3c:c9:58:6f:e6:f5:
                    81:79:3e:9d:0a:aa:64:57:5a:0c:c0:89:2c:ca:ab:
                    6b:61:c9:fe:50:67:8c:9f:bb:33:78:ab:cc:71:c3:
                    9b:1f:f4:f3:79:99:81:9e:b9:1d:f0:60:93:c6:56:
                    9d:e5:fa:72:47:a1:e1:0d:01:ec:40:3a:b1:aa:61:
                    62:0b:bb:51:0f:26:ff:c3:80:ce:8a:88:d4:36:e2:
                    26:53:0d:5f:51:51:49:45:9c:fa:af:6f:27:bd:1c:
                    26:80:6a:de:2f:3d:68:f7:3c:e9:4b:ae:28:cc:5a:
                    00:e1:06:75:ed:c2:4e:4a:d2:b4:11:aa:76:53:77:
                    67:77:63:7c:cc:1a:6d:3c:84:67:88:b7:d5:51:16:
                    47:a8:e2:ad:ee:a7:8f:58:cc:6e:39:aa:15:b7:85:
                    d8:20:4b:a3:d4:a8:41:69:4c:a8:a6:a7:7b:66:a2:
                    ba:b6:3e:8c:7d:cb:bf:8f:a3:ec:53:37:9a:27:06:
                    2f:dd:66:23:2a:2e:a8:66:12:d7:73:a0:d4:79:21:
                    99:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:DF:FA:3D:35:B3:B3:22:F5:25:DD:1A:DE:6E:72:54:3D:3C:22:96
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:c4:7f:ad:22:11:53:5f:5c:63:76:e6:37:4f:c9:d8:e8:85:
         d1:01:ee:ad:e6:84:79:7b:e1:41:d5:75:50:fd:ba:10:90:33:
         cd:43:34:0f:eb:42:72:43:6d:36:02:30:51:06:5b:f8:2a:1f:
         ae:d9:f7:2a:5b:82:cf:50:df:c3:fa:bf:83:01:96:6f:44:a1:
         1c:f5:7b:95:4e:f1:88:34:ff:f7:54:92:0c:be:56:98:8b:68:
         ea:3f:77:80:15:4d:ee:8f:12:7f:fc:77:f7:a1:9e:c3:34:e8:
         85:43:23:98:9f:cd:43:31:bb:0d:b3:09:7c:25:9c:08:c9:e1:
         4e:db:53:de:fe:5d:b4:6f:a1:d7:68:f3:ca:2a:be:56:86:fc:
         d2:c9:6d:ed:66:a5:30:3b:0f:ef:71:65:bd:02:9d:2d:d6:17:
         da:01:23:1d:61:ea:90:47:b6:df:43:85:48:97:fe:14:3e:14:
         3f:fb:f0:81:fd:52:1a:46:74:9e:4e:54:85:be:c7:21:63:60:
         41:92:97:fb:a6:95:0c:ce:d1:cb:52:dd:d3:96:e1:c4:f7:17:
         bf:f8:d2:f5:fb:de:55:fa:81:2a:e4:b0:d3:be:86:dc:0b:e6:
         cb:f4:a3:39:de:8f:eb:26:65:46:17:29:77:83:a5:0c:3d:26:
         78:e5:75:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt779sCR1dyObkOJARvuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjUxMTExMDcwMDU4WhcNMjUxMTEyMDcwMDU4WjAzMTEwLwYDVQQD
Eyg0OGRmZmEzZDM1YjNiMzIyZjUyNWRkMWFkZTZlNzI1NDNkM2MyMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmibLLDiLZDmQD9adQG9hFVCFEjT0
DteYfFEvzTuVB/nt1cWQ7WrgxVeXyVwwmdcfal361m08yVhv5vWBeT6dCqpkV1oM
wIksyqtrYcn+UGeMn7szeKvMccObH/TzeZmBnrkd8GCTxlad5fpyR6HhDQHsQDqx
qmFiC7tRDyb/w4DOiojUNuImUw1fUVFJRZz6r28nvRwmgGreLz1o9zzpS64ozFoA
4QZ17cJOStK0Eap2U3dnd2N8zBptPIRniLfVURZHqOKt7qePWMxuOaoVt4XYIEuj
1KhBaUyopqd7ZqK6tj6Mfcu/j6PsUzeaJwYv3WYjKi6oZhLXc6DUeSGZlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjf+j01s7Mi9SXdGt5uclQ9PCKWMB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO8R/rSIR
U19cY3bmN0/J2OiF0QHureaEeXvhQdV1UP26EJAzzUM0D+tCckNtNgIwUQZb+Cof
rtn3KluCz1Dfw/q/gwGWb0ShHPV7lU7xiDT/91SSDL5WmIto6j93gBVN7o8Sf/x3
96GewzTohUMjmJ/NQzG7DbMJfCWcCMnhTttT3v5dtG+h12jzyiq+Vob80slt7Wal
MDsP73FlvQKdLdYX2gEjHWHqkEe230OFSJf+FD4UP/vwgf1SGkZ0nk5Uhb7HIWNg
QZKX+6aVDM7Ry1Ld05bhxPcXv/jS9fveVfqBKuSw076G3Avmy/SjOd6P6yZlRhcp
d4OlDD0meOV1DQ==
-----END CERTIFICATE-----