Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          oIPQTcL+9OeuJs914ZV1DYulrTYvRhLSvKMWi4N3jok=
Subject key identifier:   73:BD:5E:85:5F:A8:56:0C:04:AB:21:31:4A:3E:F1:0F:88:51:62:B1
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       0196545C2E4C875784D48D51ECBF00F6DF36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          048F
Signing time:             Sun 20 Apr 2025 18:00:49 +0000
Manifest this update:     Sun 20 Apr 2025 18:00:49 +0000
Manifest next update:     Mon 21 Apr 2025 18:00:49 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: YHDEp+VvnRxjg+EynXvOgcZjAOxic1tdQ+ja8MGJy+Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:5c:2e:4c:87:57:84:d4:8d:51:ec:bf:00:f6:df:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Apr 20 18:00:49 2025 GMT
            Not After : Apr 21 18:00:49 2025 GMT
        Subject: CN=73bd5e855fa8560c04ab21314a3ef10f885162b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:6d:cd:1e:23:79:82:38:df:35:98:96:09:a9:
                    4d:1c:29:0a:86:99:b3:eb:05:e8:f0:1a:bd:7b:9e:
                    6a:f3:75:42:63:2d:86:9c:db:a3:63:13:c0:68:02:
                    19:53:88:23:20:3e:36:ad:0a:6a:78:c8:d8:76:13:
                    7c:c5:19:19:40:17:27:1f:7e:3d:3f:a3:fd:83:fd:
                    bd:bb:cf:53:d5:f5:2b:b8:4f:fc:e2:96:29:25:cb:
                    4f:5d:de:1f:6f:4e:89:3c:04:12:78:55:de:09:0c:
                    47:95:1b:a1:0e:af:59:00:b4:10:5b:e5:11:ab:85:
                    c5:73:95:9e:16:bd:72:98:ea:2d:c4:a3:cd:36:8b:
                    35:71:78:7f:7d:64:1c:7c:20:37:0b:b0:93:06:d7:
                    5e:2f:5b:12:77:ba:83:ce:c2:54:c4:10:a7:04:a0:
                    86:c3:83:c9:65:e3:c6:2c:1a:94:01:3b:a4:97:25:
                    01:ab:2f:c4:9c:af:67:21:a1:8c:af:68:c6:7e:72:
                    1b:c4:97:93:62:ae:f6:c8:63:08:33:40:c9:9c:f1:
                    2e:9a:f0:d6:c8:9d:9f:66:ed:09:4d:44:06:14:c9:
                    66:cf:9c:86:f3:d2:8f:92:8e:3d:5b:64:0f:fc:3e:
                    a9:8b:6d:ff:92:b9:17:cd:05:b5:75:8d:60:2e:5e:
                    80:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:BD:5E:85:5F:A8:56:0C:04:AB:21:31:4A:3E:F1:0F:88:51:62:B1
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:fe:ff:3e:45:54:40:d2:ea:df:a9:e2:be:0b:e3:b1:4b:81:
         05:1c:8a:4c:89:d2:44:30:54:96:7b:43:46:87:42:9b:6b:b2:
         b2:87:b9:0b:21:eb:bc:af:bb:b5:23:27:28:a9:fc:79:ac:85:
         1b:49:1c:15:c0:e8:f7:b9:83:51:03:05:4f:63:78:5a:10:e9:
         43:29:69:7e:03:5d:9c:73:91:ee:f2:f2:fa:5d:4d:96:12:84:
         49:bc:bc:00:9f:bf:55:db:ee:7b:39:45:d4:ad:3c:b1:45:6b:
         64:66:57:57:b3:c2:6b:ce:7e:f7:00:a7:93:21:87:d7:3f:3e:
         40:41:b5:b2:ba:40:03:98:36:2d:12:b6:98:ca:c5:55:43:1e:
         58:0f:5e:15:5e:72:70:30:37:8b:81:f1:20:89:81:5d:e9:8c:
         f1:b1:c1:a0:b2:b1:36:54:38:88:8a:57:7a:f5:b4:f2:bb:92:
         78:f9:61:86:8c:d8:97:29:d7:7c:2b:f3:d8:ec:60:d3:fd:7b:
         ed:08:32:d0:34:24:26:c4:ca:c2:94:84:6c:a3:96:74:77:8c:
         29:b6:d0:ee:14:76:c6:44:28:2c:02:23:1e:21:1c:5b:d5:d8:
         61:01:f7:e2:92:ea:74:09:cf:aa:dd:c5:70:2a:30:e7:80:98:
         b1:59:e1:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUXC5Mh1eE1I1R7L8A9t82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjUwNDIwMTgwMDQ5WhcNMjUwNDIxMTgwMDQ5WjAzMTEwLwYDVQQD
Eyg3M2JkNWU4NTVmYTg1NjBjMDRhYjIxMzE0YTNlZjEwZjg4NTE2MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG3NHiN5gjjfNZiWCalNHCkKhpmz
6wXo8Bq9e55q83VCYy2GnNujYxPAaAIZU4gjID42rQpqeMjYdhN8xRkZQBcnH349
P6P9g/29u89T1fUruE/84pYpJctPXd4fb06JPAQSeFXeCQxHlRuhDq9ZALQQW+UR
q4XFc5WeFr1ymOotxKPNNos1cXh/fWQcfCA3C7CTBtdeL1sSd7qDzsJUxBCnBKCG
w4PJZePGLBqUATuklyUBqy/EnK9nIaGMr2jGfnIbxJeTYq72yGMIM0DJnPEumvDW
yJ2fZu0JTUQGFMlmz5yG89KPko49W2QP/D6pi23/krkXzQW1dY1gLl6AgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHO9XoVfqFYMBKshMUo+8Q+IUWKxMB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT/7/PkVU
QNLq36nivgvjsUuBBRyKTInSRDBUlntDRodCm2uysoe5CyHrvK+7tSMnKKn8eayF
G0kcFcDo97mDUQMFT2N4WhDpQylpfgNdnHOR7vLy+l1NlhKESby8AJ+/VdvuezlF
1K08sUVrZGZXV7PCa85+9wCnkyGH1z8+QEG1srpAA5g2LRK2mMrFVUMeWA9eFV5y
cDA3i4HxIImBXemM8bHBoLKxNlQ4iIpXevW08ruSePlhhozYlynXfCvz2Oxg0/17
7Qgy0DQkJsTKwpSEbKOWdHeMKbbQ7hR2xkQoLAIjHiEcW9XYYQH34pLqdAnPqt3F
cCow54CYsVnhvQ==
-----END CERTIFICATE-----