Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          6JSEYMKYf6p2ESCPpQ/MDWaulrP03OmdiRJLocyslhI=
Subject key identifier:   B7:8C:C9:83:BE:19:C7:46:23:64:D7:30:06:76:F0:BA:E9:C4:14:68
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       019A70A53C9AEB17C3C76B79D36D9CF852F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          101B
Signing time:             Tue 11 Nov 2025 02:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:08 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: vp6bjfHWhvZgn8KmbSpbwi/zn2OVOUA5jmFEP11IaCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:3c:9a:eb:17:c3:c7:6b:79:d3:6d:9c:f8:52:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: Nov 11 02:01:08 2025 GMT
            Not After : Nov 12 02:01:08 2025 GMT
        Subject: CN=b78cc983be19c7462364d7300676f0bae9c41468
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:fc:60:6e:da:60:a6:92:16:5a:23:c2:f4:6e:
                    ae:57:75:6b:1a:6a:20:a3:ae:09:25:f3:24:5d:c1:
                    26:b5:a8:62:f3:74:79:54:52:31:cf:2d:b5:d2:a2:
                    46:81:17:ec:41:bd:16:9f:38:b3:2f:82:2a:34:22:
                    4e:97:83:5f:e5:a7:db:70:ed:3b:1b:09:7b:43:96:
                    7d:a3:cc:ea:5c:82:2a:c8:ec:19:79:96:ee:c6:5d:
                    a4:1c:f9:e9:88:0e:9f:ce:26:99:3e:00:ba:57:c5:
                    d0:ee:aa:40:75:ba:2b:95:30:88:a9:4c:2e:65:55:
                    c5:8f:cc:2c:a5:27:32:c1:46:38:95:0c:ab:a3:0c:
                    61:b9:31:57:35:9b:e2:f9:ea:2f:a4:f2:88:bc:aa:
                    96:10:e0:4d:9c:d3:5c:06:23:7e:2a:96:af:32:32:
                    fc:72:89:a9:8a:11:1d:15:66:e7:57:1c:1a:8e:40:
                    00:a7:30:19:ed:67:c5:54:01:35:39:ed:b0:d9:64:
                    80:a3:ef:15:f3:ad:d6:79:8d:ea:75:bf:d0:67:f1:
                    bc:11:1e:3a:61:40:f5:f8:5c:62:d9:fa:ef:4c:c3:
                    97:71:88:e6:65:9e:d9:d2:97:33:14:50:fd:7a:14:
                    91:8f:b2:e3:81:bf:79:fa:e6:cc:d6:7b:7d:4c:d6:
                    c6:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:8C:C9:83:BE:19:C7:46:23:64:D7:30:06:76:F0:BA:E9:C4:14:68
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:2c:07:3a:2b:b0:fe:0b:d1:b0:a6:ff:0d:18:98:6d:41:c5:
         0c:0c:0a:6f:2a:e5:e7:8b:e0:d3:ea:c3:51:1b:fb:14:ee:7d:
         e2:6a:27:58:6a:f5:0d:4e:42:af:95:45:eb:44:3f:75:62:4d:
         35:5b:cb:93:c0:12:80:99:cf:59:12:8a:b1:9e:51:9f:ff:25:
         bd:44:d9:1d:52:c2:c8:76:85:1e:b5:db:93:91:8f:b0:da:00:
         a9:32:85:16:83:dc:60:48:63:bf:f1:8c:3e:52:89:ee:20:5d:
         f6:75:33:fa:77:54:84:32:db:47:f3:25:32:9a:7a:f0:a3:92:
         d6:73:0b:d5:bd:c9:75:fa:df:95:65:a3:ef:a4:4f:a9:86:3a:
         f5:8d:b6:68:79:f4:46:ec:96:5b:e6:5f:05:e8:c7:6e:96:11:
         cf:32:68:5d:63:ae:c5:4c:71:48:67:1b:8d:31:78:6a:e4:8c:
         9d:35:e1:87:bb:dd:0b:9e:30:00:90:69:cd:53:10:0d:cb:5d:
         5a:86:1d:a6:c5:35:d3:36:db:b5:bf:77:ef:97:be:6a:34:dc:
         da:34:70:77:ee:d1:24:c0:b0:15:1e:89:9c:8b:ad:7b:c3:38:
         16:48:86:e4:f7:9f:f8:7c:41:46:e9:11:87:ca:e2:9c:39:b8:
         4e:b3:f8:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpTya6xfDx2t5022c+FL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjUxMTExMDIwMTA4WhcNMjUxMTEyMDIwMTA4WjAzMTEwLwYDVQQD
EyhiNzhjYzk4M2JlMTljNzQ2MjM2NGQ3MzAwNjc2ZjBiYWU5YzQxNDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/xgbtpgppIWWiPC9G6uV3VrGmog
o64JJfMkXcEmtahi83R5VFIxzy210qJGgRfsQb0WnzizL4IqNCJOl4Nf5afbcO07
Gwl7Q5Z9o8zqXIIqyOwZeZbuxl2kHPnpiA6fziaZPgC6V8XQ7qpAdborlTCIqUwu
ZVXFj8wspScywUY4lQyrowxhuTFXNZvi+eovpPKIvKqWEOBNnNNcBiN+KpavMjL8
compihEdFWbnVxwajkAApzAZ7WfFVAE1Oe2w2WSAo+8V863WeY3qdb/QZ/G8ER46
YUD1+Fxi2frvTMOXcYjmZZ7Z0pczFFD9ehSRj7Ljgb95+ubM1nt9TNbGWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLeMyYO+GcdGI2TXMAZ28LrpxBRoMB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOywHOiuw
/gvRsKb/DRiYbUHFDAwKbyrl54vg0+rDURv7FO594monWGr1DU5Cr5VF60Q/dWJN
NVvLk8ASgJnPWRKKsZ5Rn/8lvUTZHVLCyHaFHrXbk5GPsNoAqTKFFoPcYEhjv/GM
PlKJ7iBd9nUz+ndUhDLbR/MlMpp68KOS1nML1b3JdfrflWWj76RPqYY69Y22aHn0
RuyWW+ZfBejHbpYRzzJoXWOuxUxxSGcbjTF4auSMnTXhh7vdC54wAJBpzVMQDctd
WoYdpsU10zbbtb9375e+ajTc2jRwd+7RJMCwFR6JnIute8M4FkiG5Pef+HxBRukR
h8rinDm4TrP4yg==
-----END CERTIFICATE-----