Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          J8il+1rod4BqDXjZIrJ4CdLQkdZ0pqH+zrnB9rboIdM=
Subject key identifier:   16:FB:99:3D:0A:79:A1:96:DF:15:42:65:6D:B8:78:31:E1:61:47:3B
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       01974B8DA4399FBF15ED28B7449C468199DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          050F
Signing time:             Sat 07 Jun 2025 18:01:03 +0000
Manifest this update:     Sat 07 Jun 2025 18:01:03 +0000
Manifest next update:     Sun 08 Jun 2025 18:01:03 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: 7SlBekGbtSXwOi1jXl/Yy4DCY1WMh2XFvmJTeq65IiU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:8d:a4:39:9f:bf:15:ed:28:b7:44:9c:46:81:99:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Jun  7 18:01:03 2025 GMT
            Not After : Jun  8 18:01:03 2025 GMT
        Subject: CN=16fb993d0a79a196df1542656db87831e161473b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:6a:51:b8:e8:1d:16:ed:a8:7b:88:23:05:74:
                    40:cc:95:54:0d:6c:e3:79:6f:8d:75:53:11:bc:97:
                    9d:1d:97:dc:83:6a:fb:0d:65:ae:80:02:d9:22:a7:
                    38:d6:c6:1c:c2:e5:a3:d9:2a:e8:4a:d9:7b:7c:ad:
                    77:be:ce:3b:18:69:cb:db:cc:62:ed:19:fb:d6:4e:
                    83:70:1c:81:42:63:fe:95:dd:13:cc:ab:ea:3d:70:
                    69:14:2f:8f:b1:a5:b6:36:99:9f:12:52:f8:9d:8f:
                    0c:38:bc:0c:b3:e7:92:00:14:18:af:90:b3:95:af:
                    0f:dc:01:c9:9c:2c:f6:59:06:e3:72:e0:3c:5d:66:
                    f3:52:e6:d4:a2:5b:46:e0:43:18:aa:7d:c3:99:44:
                    97:6f:5a:4c:b7:25:56:70:c3:08:0c:6d:55:f0:b0:
                    ce:b6:33:93:32:d5:a8:9a:f4:e4:34:83:c0:22:9f:
                    c5:ca:3a:ca:0b:be:f5:38:59:a4:3d:57:29:63:26:
                    ed:40:4d:49:2b:d0:4d:e7:88:04:3c:61:63:ad:81:
                    08:f9:29:70:3e:ef:d1:3b:37:81:43:01:55:ed:0d:
                    94:5b:65:73:b1:db:3b:b0:af:43:12:b9:d4:c4:19:
                    4e:38:39:5b:63:17:3d:60:7d:cd:4a:15:95:74:00:
                    3c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:FB:99:3D:0A:79:A1:96:DF:15:42:65:6D:B8:78:31:E1:61:47:3B
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:3b:e5:6b:33:34:43:67:c7:5e:1b:c1:f8:7c:ef:c8:70:2f:
         77:4f:81:01:13:c5:e1:14:38:ac:81:00:07:35:96:f3:ba:e1:
         a9:4a:7d:51:79:28:02:dd:cd:e5:1a:92:2e:d0:9c:ec:2a:bf:
         2c:d3:15:c4:9d:d7:0e:36:a3:96:3e:5e:e7:70:7d:e8:1f:88:
         8e:62:7d:d6:01:42:ce:da:da:45:1f:9b:fa:78:65:96:00:59:
         51:48:62:16:c3:e5:9c:65:f4:77:c0:fb:72:2d:6e:30:a8:00:
         ec:fc:3b:5c:63:0a:82:5a:a4:d2:f6:6e:a2:2e:c8:78:9a:0d:
         9e:4e:86:a1:30:73:b0:47:36:3e:dc:7f:f9:19:b4:57:ab:6f:
         65:84:7c:db:8b:53:8d:41:dc:ff:13:58:a2:bc:c4:08:93:48:
         d7:40:a8:65:8a:de:3b:e5:f7:61:f9:11:f7:06:0e:ee:b9:d3:
         d7:2e:00:b6:f1:49:cb:b4:de:45:55:3a:c0:7a:8d:49:a7:dc:
         01:6f:b8:88:9c:ef:60:c1:bf:b5:4d:0b:09:cd:a2:b7:68:df:
         08:71:1d:7a:03:c0:31:85:fd:d1:f1:68:cd:1a:30:88:ab:47:
         44:b0:76:a2:ef:84:2f:03:ac:f9:ed:5a:75:0f:21:96:77:f0:
         1c:46:2c:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLjaQ5n78V7Si3RJxGgZnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjUwNjA3MTgwMTAzWhcNMjUwNjA4MTgwMTAzWjAzMTEwLwYDVQQD
EygxNmZiOTkzZDBhNzlhMTk2ZGYxNTQyNjU2ZGI4NzgzMWUxNjE0NzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWpRuOgdFu2oe4gjBXRAzJVUDWzj
eW+NdVMRvJedHZfcg2r7DWWugALZIqc41sYcwuWj2SroStl7fK13vs47GGnL28xi
7Rn71k6DcByBQmP+ld0TzKvqPXBpFC+PsaW2NpmfElL4nY8MOLwMs+eSABQYr5Cz
la8P3AHJnCz2WQbjcuA8XWbzUubUoltG4EMYqn3DmUSXb1pMtyVWcMMIDG1V8LDO
tjOTMtWomvTkNIPAIp/FyjrKC771OFmkPVcpYybtQE1JK9BN54gEPGFjrYEI+Slw
Pu/ROzeBQwFV7Q2UW2Vzsds7sK9DErnUxBlOODlbYxc9YH3NShWVdAA8VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBb7mT0KeaGW3xVCZW24eDHhYUc7MB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUTvlazM0
Q2fHXhvB+HzvyHAvd0+BARPF4RQ4rIEABzWW87rhqUp9UXkoAt3N5RqSLtCc7Cq/
LNMVxJ3XDjajlj5e53B96B+IjmJ91gFCztraRR+b+nhllgBZUUhiFsPlnGX0d8D7
ci1uMKgA7Pw7XGMKglqk0vZuoi7IeJoNnk6GoTBzsEc2Ptx/+Rm0V6tvZYR824tT
jUHc/xNYorzECJNI10CoZYreO+X3YfkR9wYO7rnT1y4AtvFJy7TeRVU6wHqNSafc
AW+4iJzvYMG/tU0LCc2it2jfCHEdegPAMYX90fFozRowiKtHRLB2ou+ELwOs+e1a
dQ8hlnfwHEYsDA==
-----END CERTIFICATE-----