Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          RUksDVF+CmcyNO38sqKoxIhmOw/vDdOVITDFTRHhdts=
Subject key identifier:   45:96:4E:09:41:32:A1:73:A6:7B:DB:7F:53:D1:87:43:77:6C:34:92
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       019923A0203F056E054367839C268FE90F37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          0696
Signing time:             Sun 07 Sep 2025 10:02:00 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:00 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:00 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: KyWMHcom2OAe/iDisldg2NCiQnq4VFQXocAY/A6hBz0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:20:3f:05:6e:05:43:67:83:9c:26:8f:e9:0f:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: Sep  7 10:02:00 2025 GMT
            Not After : Sep  8 10:02:00 2025 GMT
        Subject: CN=45964e094132a173a67bdb7f53d18743776c3492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:7e:22:ef:73:74:3a:6d:a3:ab:12:9d:36:36:
                    59:0c:df:82:30:a1:bd:19:40:e5:53:49:79:12:a7:
                    0b:94:14:11:46:8c:12:0e:69:77:50:cd:c0:47:81:
                    a9:a3:c4:d5:8e:66:c6:65:03:59:99:92:03:59:a2:
                    82:81:7b:d6:5b:4b:fa:ef:f7:92:99:e0:ee:1e:17:
                    39:42:97:2e:39:b9:7d:45:f9:07:2c:c9:46:46:bc:
                    13:4a:8f:17:f2:45:ce:b7:98:59:b2:56:bf:67:01:
                    13:0f:6f:19:fd:e2:05:cb:39:97:d1:cb:e5:53:d8:
                    16:5f:06:1a:34:4f:15:15:cb:0a:6d:b8:d1:11:71:
                    ed:f9:b6:e4:a7:f5:f4:06:c3:5c:1e:09:67:6d:22:
                    48:fb:bf:b6:1e:c9:59:07:0a:95:79:09:d8:e1:36:
                    ca:0f:5c:0e:e6:5d:ac:20:26:c2:de:46:7c:c9:32:
                    9e:83:ce:f6:e6:9c:e8:92:31:28:3a:7d:b1:c1:cf:
                    c3:6e:e0:05:4b:27:53:bc:ed:31:07:87:78:ad:fd:
                    0b:48:9e:43:3a:0c:25:c8:c0:40:fb:1e:0d:25:0e:
                    74:18:17:0c:91:f4:7a:9e:12:cc:68:a7:fa:25:00:
                    f4:25:27:61:f6:f8:08:5e:0a:7c:d9:05:04:97:c0:
                    b6:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:96:4E:09:41:32:A1:73:A6:7B:DB:7F:53:D1:87:43:77:6C:34:92
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:d1:60:d1:f8:1a:1b:a8:98:92:29:7e:9a:38:c0:78:81:08:
         bb:14:58:01:49:56:6f:e3:df:5a:21:27:a5:5f:5d:d9:59:26:
         f3:5c:69:c7:f0:19:50:e0:17:b9:e0:b7:4f:be:01:05:18:e6:
         11:17:03:ec:32:20:90:80:2e:60:22:44:78:89:b8:d3:59:75:
         10:1b:da:51:a5:c0:f1:78:bb:28:68:72:f9:12:47:52:8b:c3:
         9e:30:cd:81:cc:3c:e7:f7:e0:ca:c5:6c:30:fc:cb:8d:13:ee:
         c6:42:5a:d1:34:8d:4d:eb:e0:c0:cf:fa:8b:8e:4a:51:7c:45:
         1d:4d:f8:38:76:a8:79:21:f0:46:de:9c:6c:82:3a:f6:49:eb:
         36:90:c6:4b:60:65:6a:d6:65:f2:bd:78:ac:8e:9d:a9:75:7d:
         9e:09:0c:d6:e3:ff:de:1a:c0:a6:d6:b7:c3:e2:52:39:8f:96:
         83:fb:9b:46:68:67:28:25:ce:3b:cf:09:7b:87:34:b5:53:21:
         99:58:2f:3e:9b:cb:33:ea:af:b0:a5:9b:66:77:43:28:6d:7b:
         f7:8f:e7:f1:a5:ff:c3:2e:28:dd:7e:c3:e8:39:d4:d1:fb:75:
         53:5b:18:0a:7b:c6:72:5d:69:53:cc:57:cc:35:8b:00:95:fc:
         5b:5e:2e:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoCA/BW4FQ2eDnCaP6Q83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjUwOTA3MTAwMjAwWhcNMjUwOTA4MTAwMjAwWjAzMTEwLwYDVQQD
Eyg0NTk2NGUwOTQxMzJhMTczYTY3YmRiN2Y1M2QxODc0Mzc3NmMzNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1X4i73N0Om2jqxKdNjZZDN+CMKG9
GUDlU0l5EqcLlBQRRowSDml3UM3AR4Gpo8TVjmbGZQNZmZIDWaKCgXvWW0v67/eS
meDuHhc5QpcuObl9RfkHLMlGRrwTSo8X8kXOt5hZsla/ZwETD28Z/eIFyzmX0cvl
U9gWXwYaNE8VFcsKbbjREXHt+bbkp/X0BsNcHglnbSJI+7+2HslZBwqVeQnY4TbK
D1wO5l2sICbC3kZ8yTKeg8725pzokjEoOn2xwc/DbuAFSydTvO0xB4d4rf0LSJ5D
OgwlyMBA+x4NJQ50GBcMkfR6nhLMaKf6JQD0JSdh9vgIXgp82QUEl8C2CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWWTglBMqFzpnvbf1PRh0N3bDSSMB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbdFg0fga
G6iYkil+mjjAeIEIuxRYAUlWb+PfWiEnpV9d2Vkm81xpx/AZUOAXueC3T74BBRjm
ERcD7DIgkIAuYCJEeIm401l1EBvaUaXA8Xi7KGhy+RJHUovDnjDNgcw85/fgysVs
MPzLjRPuxkJa0TSNTevgwM/6i45KUXxFHU34OHaoeSHwRt6cbII69knrNpDGS2Bl
atZl8r14rI6dqXV9ngkM1uP/3hrApta3w+JSOY+Wg/ubRmhnKCXOO88Je4c0tVMh
mVgvPpvLM+qvsKWbZndDKG1794/n8aX/wy4o3X7D6DnU0ft1U1sYCnvGcl1pU8xX
zDWLAJX8W14uJw==
-----END CERTIFICATE-----