Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          QwFYuevASzugDbpxEeyPQd5I6SqbnYE/4HANFLfcHus=
Subject key identifier:   3C:2B:BE:49:11:B0:F8:F1:56:C6:7F:D8:95:90:4A:04:14:3F:97:7C
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       019A70DC783431AECFE9D18097C25D8F2577
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          06B0
Signing time:             Tue 11 Nov 2025 03:01:28 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:28 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:28 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: Jl4kzJzQqGVo8vEasCOxr1XsBC3UOwEfwthHOfXHc4o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:78:34:31:ae:cf:e9:d1:80:97:c2:5d:8f:25:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Nov 11 03:01:28 2025 GMT
            Not After : Nov 12 03:01:28 2025 GMT
        Subject: CN=3c2bbe4911b0f8f156c67fd895904a04143f977c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:3b:2d:71:01:02:71:a0:25:a2:1a:12:cb:86:
                    32:30:1c:eb:d6:02:cd:93:a1:08:b3:94:f0:53:12:
                    46:d0:62:7a:79:5c:e5:fb:37:be:ee:2e:49:7e:5f:
                    58:38:1d:72:56:5e:0b:d9:50:02:1a:e2:03:85:1d:
                    2a:6e:7b:d1:41:1d:4e:0f:fb:71:4d:3c:a9:ce:b4:
                    20:75:eb:51:94:85:3a:45:72:35:6d:ee:00:46:cb:
                    01:0c:33:2a:ae:1a:74:6e:86:eb:e1:29:e5:9e:fe:
                    e7:cf:50:23:67:67:8a:e2:5c:f7:d8:4e:7e:57:2c:
                    c5:37:00:ec:31:ee:d7:e2:cf:00:c4:9d:e6:47:d3:
                    70:81:10:18:fd:28:0f:b7:af:0a:bf:97:f2:b9:0b:
                    a4:29:5d:22:a4:05:59:d0:f6:23:0c:16:92:85:b3:
                    e9:0d:0f:42:fa:35:99:f0:78:c2:b7:ae:1e:26:7b:
                    a8:3b:87:e0:97:e0:2c:2b:65:9a:d4:a0:f1:92:cb:
                    81:6a:c3:44:33:51:3c:8a:d1:4a:3d:ff:09:24:d5:
                    62:37:6f:eb:f3:68:05:36:be:37:38:36:f8:5d:a5:
                    fc:54:f9:3e:97:42:7f:cc:5c:d2:ff:c3:c7:73:54:
                    3e:10:ce:30:0e:c9:70:bd:28:e2:ac:58:da:f9:ee:
                    ec:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:2B:BE:49:11:B0:F8:F1:56:C6:7F:D8:95:90:4A:04:14:3F:97:7C
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:ad:f5:48:e5:2c:df:a2:f7:87:d7:8a:bc:3f:ff:02:e4:77:
         00:90:82:c6:f4:ce:ee:35:9a:d8:7b:fc:0e:e1:57:5c:16:6c:
         06:b5:1a:6c:72:01:bb:5e:e1:b7:a1:35:2f:97:10:f2:a9:36:
         b7:52:cd:cf:e4:01:21:77:38:06:1d:73:99:1b:49:4d:7e:35:
         91:7e:94:60:58:26:72:0f:6e:18:1e:c8:97:cb:8d:69:cf:fa:
         55:e3:8a:60:2a:7e:e9:ff:c2:ca:61:dd:45:2f:c8:40:75:ca:
         92:8e:8d:b3:6f:d3:ea:3f:9c:54:ce:92:1f:e5:a0:85:55:cf:
         de:17:92:e7:55:71:0d:3b:79:6d:b3:74:be:33:e3:38:9c:d1:
         a7:d4:0f:5e:c6:16:10:bc:cb:1c:ff:5d:2a:d2:f1:d0:52:ff:
         e0:2d:47:c6:1e:d0:d0:65:c4:fc:e4:bc:03:13:6a:16:63:95:
         78:67:4e:0b:97:5d:f4:47:2f:c0:76:d3:45:f4:0e:11:b6:1e:
         d3:0b:06:34:87:7a:90:9d:33:32:bb:e5:71:1c:56:44:5f:51:
         2e:1e:4b:91:a9:37:0f:8d:66:f4:22:35:c4:4e:41:c2:9e:f2:
         59:9d:86:5f:56:ad:c5:e7:b4:2f:6f:c4:e8:78:36:8f:d7:38:
         0e:83:0d:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3Hg0Ma7P6dGAl8JdjyV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjUxMTExMDMwMTI4WhcNMjUxMTEyMDMwMTI4WjAzMTEwLwYDVQQD
EygzYzJiYmU0OTExYjBmOGYxNTZjNjdmZDg5NTkwNGEwNDE0M2Y5NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDstcQECcaAlohoSy4YyMBzr1gLN
k6EIs5TwUxJG0GJ6eVzl+ze+7i5Jfl9YOB1yVl4L2VACGuIDhR0qbnvRQR1OD/tx
TTypzrQgdetRlIU6RXI1be4ARssBDDMqrhp0bobr4Snlnv7nz1AjZ2eK4lz32E5+
VyzFNwDsMe7X4s8AxJ3mR9NwgRAY/SgPt68Kv5fyuQukKV0ipAVZ0PYjDBaShbPp
DQ9C+jWZ8HjCt64eJnuoO4fgl+AsK2Wa1KDxksuBasNEM1E8itFKPf8JJNViN2/r
82gFNr43ODb4XaX8VPk+l0J/zFzS/8PHc1Q+EM4wDslwvSjirFja+e7sYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwrvkkRsPjxVsZ/2JWQSgQUP5d8MB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0631SOUs
36L3h9eKvD//AuR3AJCCxvTO7jWa2Hv8DuFXXBZsBrUabHIBu17ht6E1L5cQ8qk2
t1LNz+QBIXc4Bh1zmRtJTX41kX6UYFgmcg9uGB7Il8uNac/6VeOKYCp+6f/CymHd
RS/IQHXKko6Ns2/T6j+cVM6SH+WghVXP3heS51VxDTt5bbN0vjPjOJzRp9QPXsYW
ELzLHP9dKtLx0FL/4C1Hxh7Q0GXE/OS8AxNqFmOVeGdOC5dd9EcvwHbTRfQOEbYe
0wsGNId6kJ0zMrvlcRxWRF9RLh5Lkak3D41m9CI1xE5Bwp7yWZ2GX1atxee0L2/E
6Hg2j9c4DoMN3Q==
-----END CERTIFICATE-----