Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
File:                     IPdQab1W78UXA4PtMcrSJGT98DA.mft (raw, json)
Hash identifier:          iS9GCih/r602rVYFVP1+j70gGAC67a68X+g0fI0F6zc=
Subject key identifier:   35:9A:B5:64:FC:2E:9E:6A:3E:7C:D5:67:99:4B:B9:1A:6B:33:19:C3
Authority key identifier: 20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30
Certificate issuer:       /CN=20f75069bd56efc5170383ed31cad22464fdf030
Certificate serial:       019A706E1CFB6007CB2B9B6357C8BE7E546D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
Manifest number:          04CD
Signing time:             Tue 11 Nov 2025 01:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 01:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 01:00:55 +0000
Files and hashes:         1: IPdQab1W78UXA4PtMcrSJGT98DA.crl (hash: ErGqODiXBuj4BaU7SRNReTNsHbvkOzs3CIHh4wiLcM0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:1c:fb:60:07:cb:2b:9b:63:57:c8:be:7e:54:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20f75069bd56efc5170383ed31cad22464fdf030
        Validity
            Not Before: Nov 11 01:00:55 2025 GMT
            Not After : Nov 12 01:00:55 2025 GMT
        Subject: CN=359ab564fc2e9e6a3e7cd567994bb91a6b3319c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:1f:32:5a:f4:a9:10:c4:72:ed:84:7d:1f:ca:
                    3c:9f:78:ee:7e:b0:c1:20:f1:92:ce:22:ec:b3:56:
                    2c:5f:ac:06:b2:a7:59:1d:b4:fb:3a:24:3c:fb:50:
                    a2:cf:fa:86:17:03:0d:cc:e3:da:96:30:6a:48:c2:
                    9f:38:9c:45:03:e9:08:81:1f:fb:a3:d4:4b:73:4b:
                    a5:1d:f7:c8:a6:d9:64:8f:ac:2c:86:f4:89:fc:76:
                    04:76:85:ca:95:0f:c4:0f:26:51:39:2e:9b:a7:34:
                    5b:88:59:b4:20:16:83:5a:a3:ae:8c:f5:65:83:50:
                    6d:cb:ed:c3:5d:e9:99:0a:b6:c9:a4:55:a7:ae:13:
                    a2:3a:0b:3e:4e:26:c4:24:f1:bb:bc:e8:55:a1:01:
                    4c:f1:11:03:94:52:4c:3e:92:73:7a:32:04:ef:9c:
                    98:7a:b6:2f:fb:4c:9f:7c:33:da:05:d1:77:52:b7:
                    94:9b:9a:ce:d4:05:ed:9d:b8:22:9d:43:12:d5:3f:
                    1a:f6:48:90:43:39:45:5f:2a:7e:4a:70:fa:fa:96:
                    fe:a7:fa:cc:7f:29:e6:eb:be:de:02:e3:a8:e3:3d:
                    e1:39:8e:b6:b5:4f:56:2d:c8:e2:b7:e2:73:bd:12:
                    60:25:f6:b8:ed:6e:39:33:7b:35:56:74:40:d2:16:
                    32:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:9A:B5:64:FC:2E:9E:6A:3E:7C:D5:67:99:4B:B9:1A:6B:33:19:C3
            X509v3 Authority Key Identifier:
                keyid:20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:ab:7c:dd:88:81:d4:14:37:25:1d:c3:f9:13:2b:83:f8:a0:
         5f:77:ec:58:dc:d7:13:3c:96:de:1a:6a:e3:14:c8:26:ff:38:
         dc:55:09:de:25:49:ef:89:5e:f5:3e:73:e5:8a:3a:a4:65:c7:
         3c:6a:41:61:19:f8:a4:a2:c8:cf:3c:60:20:0d:ac:1e:17:3a:
         ce:6d:37:70:65:36:a2:a3:94:ba:36:f3:7e:0e:5a:22:02:51:
         e9:24:d8:e6:32:b2:0c:89:8d:c5:f8:12:9e:46:9f:a5:cf:db:
         74:e0:41:1f:98:fc:6f:d3:b4:7e:da:65:31:1c:2d:69:b2:38:
         f4:ca:f5:a7:10:6e:d8:22:cf:3b:4a:16:a3:28:3f:7b:fa:0a:
         d1:23:86:c7:4c:b8:62:40:f7:57:ab:bf:ff:c0:d8:28:2b:ec:
         71:c2:13:4f:f4:da:78:2f:fd:71:e6:69:89:2b:8e:6f:15:4e:
         4a:be:d6:e1:78:42:94:11:4b:4e:a1:5d:3c:c6:c8:f5:cf:28:
         56:e4:92:93:d8:c3:63:d9:15:4e:92:9d:9a:27:bf:ae:28:59:
         ab:54:c2:25:0d:9e:64:30:a7:b9:69:a2:6f:2d:17:f1:3c:f4:
         65:c9:ff:ef:33:4b:7c:22:fe:94:cd:3d:58:52:b1:33:e2:5c:
         98:93:d8:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbhz7YAfLK5tjV8i+flRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjc1MDY5YmQ1NmVmYzUxNzAzODNlZDMxY2FkMjI0NjRm
ZGYwMzAwHhcNMjUxMTExMDEwMDU1WhcNMjUxMTEyMDEwMDU1WjAzMTEwLwYDVQQD
EygzNTlhYjU2NGZjMmU5ZTZhM2U3Y2Q1Njc5OTRiYjkxYTZiMzMxOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh8yWvSpEMRy7YR9H8o8n3jufrDB
IPGSziLss1YsX6wGsqdZHbT7OiQ8+1Ciz/qGFwMNzOPaljBqSMKfOJxFA+kIgR/7
o9RLc0ulHffIptlkj6wshvSJ/HYEdoXKlQ/EDyZROS6bpzRbiFm0IBaDWqOujPVl
g1Bty+3DXemZCrbJpFWnrhOiOgs+TibEJPG7vOhVoQFM8REDlFJMPpJzejIE75yY
erYv+0yffDPaBdF3UreUm5rO1AXtnbginUMS1T8a9kiQQzlFXyp+SnD6+pb+p/rM
fynm677eAuOo4z3hOY62tU9WLcjit+JzvRJgJfa47W45M3s1VnRA0hYyAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWatWT8Lp5qPnzVZ5lLuRprMxnDMB8GA1UdIwQY
MBaAFCD3UGm9Vu/FFwOD7THK0iRk/fAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYt
Yjk3MDVkN2QzNTc5LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYtYjk3MDVkN2QzNTc5
LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF6t83YiB
1BQ3JR3D+RMrg/igX3fsWNzXEzyW3hpq4xTIJv843FUJ3iVJ74le9T5z5Yo6pGXH
PGpBYRn4pKLIzzxgIA2sHhc6zm03cGU2oqOUujbzfg5aIgJR6STY5jKyDImNxfgS
nkafpc/bdOBBH5j8b9O0ftplMRwtabI49Mr1pxBu2CLPO0oWoyg/e/oK0SOGx0y4
YkD3V6u//8DYKCvsccITT/TaeC/9ceZpiSuObxVOSr7W4XhClBFLTqFdPMbI9c8o
VuSSk9jDY9kVTpKdmie/rihZq1TCJQ2eZDCnuWmiby0X8Tz0Zcn/7zNLfCL+lM09
WFKxM+JcmJPYsg==
-----END CERTIFICATE-----