Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
File:                     IEBQzFlTby2UB2koI4kMzdqFRQg.mft (raw, json)
Hash identifier:          T3r+DC94U7wKENh9MYqS7UWHmZvJJPTVFPLVBtrmA1E=
Subject key identifier:   A8:A9:67:E7:D7:CE:7C:13:DE:8E:1F:5F:CF:C8:A5:23:85:3F:86:BD
Authority key identifier: 20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
Certificate issuer:       /CN=204050cc59536f2d9407692823890ccdda854508
Certificate serial:       019923D63F175813C294671CE0332C53BCAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
Manifest number:          0481
Signing time:             Sun 07 Sep 2025 11:01:07 +0000
Manifest this update:     Sun 07 Sep 2025 11:01:07 +0000
Manifest next update:     Mon 08 Sep 2025 11:01:07 +0000
Files and hashes:         1: IEBQzFlTby2UB2koI4kMzdqFRQg.crl (hash: eDAnMIpBcAgyqa7x6GaJqL4496UAR3HZlYGv2LVanTw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:d6:3f:17:58:13:c2:94:67:1c:e0:33:2c:53:bc:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=204050cc59536f2d9407692823890ccdda854508
        Validity
            Not Before: Sep  7 11:01:07 2025 GMT
            Not After : Sep  8 11:01:07 2025 GMT
        Subject: CN=a8a967e7d7ce7c13de8e1f5fcfc8a523853f86bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:33:a6:54:7e:fb:93:76:d6:94:cd:1e:c9:90:
                    9d:3f:48:f0:05:46:05:9d:8a:c2:fc:b5:95:2c:65:
                    63:11:fa:86:4d:c2:7a:db:4f:14:97:1d:18:b5:3d:
                    13:00:7b:1a:ed:48:0e:16:b0:5a:7b:2a:2e:3a:a3:
                    c7:c9:95:92:f8:e8:3c:55:12:bc:bf:2c:74:28:8d:
                    d7:ab:1f:05:a0:70:aa:2c:c6:b1:70:d0:fe:c5:a6:
                    4c:6a:f3:5a:81:b7:9a:ec:b1:f2:f2:c0:9b:ad:70:
                    02:96:e2:09:2d:73:fb:bc:c4:90:f9:ae:91:b7:e8:
                    d8:7a:03:a2:2f:b3:83:d1:e0:ce:43:cb:5e:17:3b:
                    13:03:31:b7:0a:a8:e6:72:6d:e4:c5:5a:c7:a6:cc:
                    98:aa:61:51:95:66:a1:b1:1e:3a:61:07:e1:a7:43:
                    21:9b:2f:e1:8d:d5:8d:ef:93:84:dd:79:41:3b:8d:
                    e8:4e:15:3c:d6:8f:f1:37:01:ad:13:26:01:b7:c5:
                    9c:af:fe:14:6c:c7:f5:18:58:da:35:d3:35:80:08:
                    e6:d3:6f:d1:79:14:40:f8:73:53:d3:e9:32:26:09:
                    7d:74:a4:f5:5b:67:1f:4b:b0:0e:ae:39:5b:af:2f:
                    80:6a:47:0e:05:41:d0:28:4c:72:7c:f2:81:ac:d9:
                    1c:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:A9:67:E7:D7:CE:7C:13:DE:8E:1F:5F:CF:C8:A5:23:85:3F:86:BD
            X509v3 Authority Key Identifier:
                keyid:20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:05:54:28:20:df:27:ac:4d:b3:0d:b9:0e:95:9d:5e:8b:77:
         78:f9:ad:08:67:5d:fe:4f:ba:67:b5:bb:b2:bf:32:96:d9:9e:
         24:4f:15:89:7a:d4:08:aa:9c:d7:2a:39:62:6e:18:75:2b:57:
         1d:92:3c:af:b6:66:d2:21:04:59:1f:ee:bc:6d:13:b8:33:79:
         bd:d0:61:e7:49:c8:b8:d5:81:15:ba:12:a2:70:62:15:8b:e2:
         1d:85:44:ef:16:1d:47:d9:cb:4d:17:9c:0a:d7:3f:ed:20:e2:
         43:8e:5a:bc:af:e4:1a:cd:7b:f8:65:e4:ef:da:94:91:42:25:
         95:d6:c7:1d:5f:84:ad:34:41:c2:6e:1d:13:7f:0e:e3:94:d2:
         69:20:0b:74:b2:c3:ea:c7:9a:19:35:ba:eb:d7:5a:2a:f7:94:
         5c:bf:25:1c:40:d8:db:b3:15:86:e4:fb:8f:69:66:84:42:83:
         8b:fb:ae:fb:b0:9b:99:43:4e:5c:ad:e1:ae:82:40:b4:45:7c:
         91:b7:e9:4a:05:26:47:43:22:6a:26:00:9a:c1:78:f3:e1:7b:
         a7:d3:04:8a:7f:e3:8f:e8:34:b9:65:8b:00:30:a9:c9:3c:2f:
         26:11:a8:38:71:33:9a:0f:57:13:71:7e:4d:51:1c:ce:15:26:
         96:28:90:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkj1j8XWBPClGcc4DMsU7yuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNDA1MGNjNTk1MzZmMmQ5NDA3NjkyODIzODkwY2NkZGE4
NTQ1MDgwHhcNMjUwOTA3MTEwMTA3WhcNMjUwOTA4MTEwMTA3WjAzMTEwLwYDVQQD
EyhhOGE5NjdlN2Q3Y2U3YzEzZGU4ZTFmNWZjZmM4YTUyMzg1M2Y4NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5jOmVH77k3bWlM0eyZCdP0jwBUYF
nYrC/LWVLGVjEfqGTcJ6208Ulx0YtT0TAHsa7UgOFrBaeyouOqPHyZWS+Og8VRK8
vyx0KI3Xqx8FoHCqLMaxcND+xaZMavNagbea7LHy8sCbrXACluIJLXP7vMSQ+a6R
t+jYegOiL7OD0eDOQ8teFzsTAzG3Cqjmcm3kxVrHpsyYqmFRlWahsR46YQfhp0Mh
my/hjdWN75OE3XlBO43oThU81o/xNwGtEyYBt8Wcr/4UbMf1GFjaNdM1gAjm02/R
eRRA+HNT0+kyJgl9dKT1W2cfS7AOrjlbry+AakcOBUHQKExyfPKBrNkcTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKipZ+fXznwT3o4fX8/IpSOFP4a9MB8GA1UdIwQY
MBaAFCBAUMxZU28tlAdpKCOJDM3ahUUIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTkt
OWI0MzdkYmZkMzUzLzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTktOWI0MzdkYmZkMzUz
LzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALgVUKCDf
J6xNsw25DpWdXot3ePmtCGdd/k+6Z7W7sr8yltmeJE8ViXrUCKqc1yo5Ym4YdStX
HZI8r7Zm0iEEWR/uvG0TuDN5vdBh50nIuNWBFboSonBiFYviHYVE7xYdR9nLTRec
Ctc/7SDiQ45avK/kGs17+GXk79qUkUIlldbHHV+ErTRBwm4dE38O45TSaSALdLLD
6seaGTW669daKveUXL8lHEDY27MVhuT7j2lmhEKDi/uu+7CbmUNOXK3hroJAtEV8
kbfpSgUmR0MiaiYAmsF48+F7p9MEin/jj+g0uWWLADCpyTwvJhGoOHEzmg9XE3F+
TVEczhUmliiQ4A==
-----END CERTIFICATE-----