Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          gW/pfRP/2w6odA6Z8uxyrfKYSv27qNwxPQ1ufiMM6S4=
Subject key identifier:   6A:D1:66:50:A1:4A:D5:12:6F:45:E5:92:01:8D:CA:A9:3C:43:5E:CD
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       0199228C348BCA7DE020106B56A7B920F69B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          0F6E
Signing time:             Sun 07 Sep 2025 05:00:37 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:37 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:37 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: rNuV8pKPLTq0objfxdXgFvJufED2BqLhuHg/lG1wtRg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:34:8b:ca:7d:e0:20:10:6b:56:a7:b9:20:f6:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: Sep  7 05:00:37 2025 GMT
            Not After : Sep  8 05:00:37 2025 GMT
        Subject: CN=6ad16650a14ad5126f45e592018dcaa93c435ecd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:74:9f:e4:d1:fd:ca:54:0b:c7:55:fc:4f:b0:
                    25:10:7b:72:31:96:81:b6:fd:c1:50:3c:e0:68:53:
                    60:3f:df:e5:c4:a3:e9:78:3c:be:20:f9:d9:81:fe:
                    56:8f:82:fc:36:5d:76:61:de:c5:51:dc:de:e2:33:
                    94:8c:63:17:f1:d0:82:2a:de:f9:7c:39:c4:d1:2c:
                    93:da:7d:67:20:74:54:01:94:17:48:2c:ae:d1:d0:
                    14:75:ab:a7:04:de:cd:f3:e1:36:0b:63:6a:b4:67:
                    51:5e:59:ee:84:c6:70:95:e0:4e:7a:03:ff:b9:70:
                    72:0c:24:3a:3a:2b:42:75:f1:f2:d4:02:dc:5a:41:
                    78:f8:c2:f6:71:8c:bd:c7:3c:dd:d5:6a:f4:aa:80:
                    9e:a7:d0:f3:4f:9c:77:98:4d:cf:a5:19:54:b4:dd:
                    2b:fd:0b:1f:1e:3c:4e:cf:c2:8f:b2:73:b1:48:f0:
                    9c:98:dd:aa:8e:e2:75:0b:b2:f5:89:34:d0:18:bb:
                    d5:85:50:76:a4:e0:90:85:27:64:f0:39:8a:48:09:
                    e3:40:8c:42:b7:b0:79:ec:8b:8e:dd:0c:fb:82:fb:
                    42:a8:d5:0a:10:77:3e:3a:c7:db:19:09:eb:b7:02:
                    26:10:71:ed:25:9a:d5:9d:2a:ff:d8:67:e5:16:7d:
                    17:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:D1:66:50:A1:4A:D5:12:6F:45:E5:92:01:8D:CA:A9:3C:43:5E:CD
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:1c:dd:50:0d:92:0d:21:f3:aa:c7:70:c1:a6:8e:57:26:6a:
         cd:ee:fa:b4:f8:fa:5b:1b:4e:42:b6:a5:b3:b7:ba:57:46:7d:
         b5:7b:81:2e:f6:03:e5:4e:aa:63:9d:17:00:08:24:dd:e7:a5:
         41:97:7d:c3:58:7b:69:ca:4d:64:31:d0:9d:e5:c4:79:9b:40:
         1c:ca:ed:f6:67:20:aa:3e:9e:88:e7:bc:41:c7:19:3c:55:5e:
         05:d2:a4:b2:e7:9b:16:47:f3:c1:80:8e:f4:18:05:1d:49:cf:
         0c:c7:d6:c3:e1:a6:15:e6:28:70:f5:7e:46:78:d0:4d:51:aa:
         7b:4b:e9:dd:48:1e:21:b4:92:11:7a:6b:91:1c:f7:d1:c0:2c:
         28:5a:20:38:0e:5c:4c:d7:25:bb:9d:17:c8:07:f1:76:d8:5e:
         5e:6b:88:59:05:e3:e4:0d:92:5b:41:92:b2:f6:b0:bd:33:89:
         98:50:b2:5a:30:60:8d:ae:6f:d0:7c:3f:72:e2:c7:89:1b:48:
         99:c8:9f:f2:38:0a:a4:88:ba:92:27:11:6a:47:dd:1c:e2:f6:
         f2:03:a9:cd:f4:5f:81:87:96:6c:9e:d1:3f:57:ad:4d:00:98:
         62:62:f3:13:72:46:35:89:6d:e4:90:42:a4:b8:03:68:ee:25:
         14:6f:da:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijDSLyn3gIBBrVqe5IPabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjUwOTA3MDUwMDM3WhcNMjUwOTA4MDUwMDM3WjAzMTEwLwYDVQQD
Eyg2YWQxNjY1MGExNGFkNTEyNmY0NWU1OTIwMThkY2FhOTNjNDM1ZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXSf5NH9ylQLx1X8T7AlEHtyMZaB
tv3BUDzgaFNgP9/lxKPpeDy+IPnZgf5Wj4L8Nl12Yd7FUdze4jOUjGMX8dCCKt75
fDnE0SyT2n1nIHRUAZQXSCyu0dAUdaunBN7N8+E2C2NqtGdRXlnuhMZwleBOegP/
uXByDCQ6OitCdfHy1ALcWkF4+ML2cYy9xzzd1Wr0qoCep9DzT5x3mE3PpRlUtN0r
/QsfHjxOz8KPsnOxSPCcmN2qjuJ1C7L1iTTQGLvVhVB2pOCQhSdk8DmKSAnjQIxC
t7B57IuO3Qz7gvtCqNUKEHc+OsfbGQnrtwImEHHtJZrVnSr/2GflFn0X+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrRZlChStUSb0XlkgGNyqk8Q17NMB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANBzdUA2S
DSHzqsdwwaaOVyZqze76tPj6WxtOQrals7e6V0Z9tXuBLvYD5U6qY50XAAgk3eel
QZd9w1h7acpNZDHQneXEeZtAHMrt9mcgqj6eiOe8QccZPFVeBdKksuebFkfzwYCO
9BgFHUnPDMfWw+GmFeYocPV+RnjQTVGqe0vp3UgeIbSSEXprkRz30cAsKFogOA5c
TNclu50XyAfxdtheXmuIWQXj5A2SW0GSsvawvTOJmFCyWjBgja5v0Hw/cuLHiRtI
mcif8jgKpIi6kicRakfdHOL28gOpzfRfgYeWbJ7RP1etTQCYYmLzE3JGNYlt5JBC
pLgDaO4lFG/a3w==
-----END CERTIFICATE-----