Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
File:                     IPdQab1W78UXA4PtMcrSJGT98DA.mft (raw, json)
Hash identifier:          t9BMxcVqgtRT19NsPXuvAXWdt3aSVmnV+1tKIWG19oI=
Subject key identifier:   AB:63:C7:D5:42:86:44:5D:21:91:D2:35:FF:0B:06:BB:AF:4F:52:2F
Authority key identifier: 20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30
Certificate issuer:       /CN=20f75069bd56efc5170383ed31cad22464fdf030
Certificate serial:       01974742F4078E6DFD6F31F28352D7CF01E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
Manifest number:          032A
Signing time:             Fri 06 Jun 2025 22:00:59 +0000
Manifest this update:     Fri 06 Jun 2025 22:00:59 +0000
Manifest next update:     Sat 07 Jun 2025 22:00:59 +0000
Files and hashes:         1: IPdQab1W78UXA4PtMcrSJGT98DA.crl (hash: XalrsnsmmRWAG0SdzZbFUJMYIFjdQ+pl2Li5LBS9HzY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:42:f4:07:8e:6d:fd:6f:31:f2:83:52:d7:cf:01:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20f75069bd56efc5170383ed31cad22464fdf030
        Validity
            Not Before: Jun  6 22:00:59 2025 GMT
            Not After : Jun  7 22:00:59 2025 GMT
        Subject: CN=ab63c7d54286445d2191d235ff0b06bbaf4f522f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2e:0f:17:6c:1d:7d:31:9b:9c:84:0d:33:b5:
                    4e:96:9b:6c:b6:d8:fc:2d:64:a4:7a:d0:64:1f:b1:
                    61:1c:92:d5:a9:47:16:e8:59:a8:c7:7c:95:15:6e:
                    55:f9:74:cd:d7:b5:b5:8c:55:94:9e:33:6c:5a:22:
                    61:df:34:3c:1e:7a:cb:32:f3:76:84:d6:7e:8f:fe:
                    d2:19:0d:2e:28:be:4d:83:72:d0:d1:7a:db:62:f6:
                    7c:03:c9:5d:bd:86:fb:db:cd:9e:dc:f8:48:d1:6b:
                    e3:b2:b9:35:bd:09:8f:3f:8d:0e:d5:1c:6c:e9:b8:
                    50:8f:e7:08:4c:f0:d5:14:35:89:8e:f4:88:85:28:
                    0b:3b:03:ec:de:92:f1:00:1f:41:04:e5:0c:a3:ba:
                    bb:c8:1d:a6:18:1d:90:00:4c:1e:c5:27:44:90:9f:
                    71:09:9c:5b:ff:c8:46:60:d2:f3:20:69:c7:d7:83:
                    4c:2d:3d:53:b2:f5:7d:99:8e:3c:2a:0f:43:6f:7c:
                    76:e2:28:cc:37:6b:cf:a7:50:73:dd:70:cb:91:0e:
                    14:fe:b1:76:e8:df:22:2d:b5:08:59:2d:df:1f:88:
                    44:5c:9e:b1:00:86:22:26:b0:ad:97:75:6a:a9:29:
                    03:28:0c:62:5f:c2:0e:74:fa:27:5d:2a:5e:24:e2:
                    cb:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:63:C7:D5:42:86:44:5D:21:91:D2:35:FF:0B:06:BB:AF:4F:52:2F
            X509v3 Authority Key Identifier:
                keyid:20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:b7:8c:ef:90:90:4d:4f:16:1d:c3:29:54:ec:0a:73:ac:6f:
         2d:29:f4:6d:c6:6e:77:08:81:a3:30:42:a5:3f:36:16:8e:9f:
         84:0e:40:7b:23:69:6a:b1:fb:8c:fc:cb:51:89:03:6b:4d:3f:
         e6:80:a4:0c:d8:fc:9a:99:53:fb:47:74:c1:15:f7:42:20:03:
         16:80:2e:e2:03:9a:b1:f4:00:a8:c7:2e:b7:2d:53:8b:41:3a:
         d3:d3:fd:8b:5e:07:23:4b:13:1a:6a:fb:6a:08:1d:e0:75:d4:
         43:08:b8:df:07:9a:02:04:f6:3c:65:f8:d6:2a:68:39:48:05:
         c3:c3:39:57:e8:ce:88:b4:bc:76:fd:57:28:bb:a6:2a:9c:8d:
         8d:7f:40:8f:c1:ab:1b:ac:90:8e:3e:55:4d:44:79:c5:b7:db:
         5a:74:d1:f1:43:a9:3c:e3:ac:ec:6f:56:3d:8c:54:ee:43:50:
         ed:f8:4c:ac:23:c8:b6:f4:1f:93:4c:0a:78:47:e6:e7:f3:cc:
         3f:6a:2f:71:4a:8a:6c:2e:81:68:47:78:b3:86:aa:4b:be:4a:
         35:d5:ff:74:bb:20:f0:f1:6c:6c:53:b5:be:67:d2:ab:80:3a:
         10:fc:4b:c9:63:c8:7a:65:bb:1d:49:38:3e:3b:df:1f:63:b6:
         1c:39:33:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHQvQHjm39bzHyg1LXzwHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjc1MDY5YmQ1NmVmYzUxNzAzODNlZDMxY2FkMjI0NjRm
ZGYwMzAwHhcNMjUwNjA2MjIwMDU5WhcNMjUwNjA3MjIwMDU5WjAzMTEwLwYDVQQD
EyhhYjYzYzdkNTQyODY0NDVkMjE5MWQyMzVmZjBiMDZiYmFmNGY1MjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi4PF2wdfTGbnIQNM7VOlptsttj8
LWSketBkH7FhHJLVqUcW6Fmox3yVFW5V+XTN17W1jFWUnjNsWiJh3zQ8HnrLMvN2
hNZ+j/7SGQ0uKL5Ng3LQ0XrbYvZ8A8ldvYb7282e3PhI0Wvjsrk1vQmPP40O1Rxs
6bhQj+cITPDVFDWJjvSIhSgLOwPs3pLxAB9BBOUMo7q7yB2mGB2QAEwexSdEkJ9x
CZxb/8hGYNLzIGnH14NMLT1TsvV9mY48Kg9Db3x24ijMN2vPp1Bz3XDLkQ4U/rF2
6N8iLbUIWS3fH4hEXJ6xAIYiJrCtl3VqqSkDKAxiX8IOdPonXSpeJOLLCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtjx9VChkRdIZHSNf8LBruvT1IvMB8GA1UdIwQY
MBaAFCD3UGm9Vu/FFwOD7THK0iRk/fAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYt
Yjk3MDVkN2QzNTc5LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYtYjk3MDVkN2QzNTc5
LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANbeM75CQ
TU8WHcMpVOwKc6xvLSn0bcZudwiBozBCpT82Fo6fhA5AeyNparH7jPzLUYkDa00/
5oCkDNj8mplT+0d0wRX3QiADFoAu4gOasfQAqMcuty1Ti0E609P9i14HI0sTGmr7
aggd4HXUQwi43weaAgT2PGX41ipoOUgFw8M5V+jOiLS8dv1XKLumKpyNjX9Aj8Gr
G6yQjj5VTUR5xbfbWnTR8UOpPOOs7G9WPYxU7kNQ7fhMrCPItvQfk0wKeEfm5/PM
P2ovcUqKbC6BaEd4s4aqS75KNdX/dLsg8PFsbFO1vmfSq4A6EPxLyWPIemW7HUk4
PjvfH2O2HDkz2A==
-----END CERTIFICATE-----