Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          HFM5uQELgsT44+TAqnzcezmKlMIoo9vOlNa4ueTjACs=
Subject key identifier:   CD:1C:DF:7A:A7:47:55:3C:4E:06:3F:D0:AC:44:90:BB:71:A2:0A:CA
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       019896A6E31174C403336047CEF7A16872CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0B73
Signing time:             Mon 11 Aug 2025 01:02:56 +0000
Manifest this update:     Mon 11 Aug 2025 01:02:56 +0000
Manifest next update:     Tue 12 Aug 2025 01:02:56 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: XSPab4Q70WxDC2utST3ZHuNe5r519mU/Ke6UoWWVRJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:02:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a6:e3:11:74:c4:03:33:60:47:ce:f7:a1:68:72:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Aug 11 01:02:56 2025 GMT
            Not After : Aug 12 01:02:56 2025 GMT
        Subject: CN=cd1cdf7aa747553c4e063fd0ac4490bb71a20aca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f5:00:21:5f:57:23:f1:e5:54:70:9d:38:21:
                    c6:a9:90:54:31:cc:9d:2d:e1:e2:05:94:b6:22:6e:
                    66:fa:d4:31:88:07:b9:76:a5:95:2c:2e:1b:66:18:
                    3a:f5:7c:e1:4b:ae:9e:e6:6c:e1:5e:5f:54:5a:a0:
                    ff:aa:59:1d:26:04:98:ed:59:31:19:2a:02:26:16:
                    1b:cc:39:f0:87:7f:e5:95:6b:1e:f4:1f:6d:6e:58:
                    33:31:ea:63:d5:28:5c:f8:ff:26:5b:cf:7b:2d:67:
                    73:2a:e0:ae:2e:29:0d:98:10:50:b4:91:a7:8f:8e:
                    df:f6:bf:28:25:c6:fd:18:f2:57:f4:90:90:69:68:
                    0d:9f:0d:b0:79:a9:a5:ac:cd:ee:2f:39:e7:aa:23:
                    ce:d9:03:fd:6a:bc:46:4a:42:1f:de:49:7d:cf:4c:
                    56:34:e7:83:c7:e4:c3:6e:dc:6d:a1:83:05:30:83:
                    e1:09:35:58:7b:e6:41:06:47:ba:f5:75:74:e9:26:
                    49:3a:db:56:5f:04:1e:5f:8e:bc:c5:d7:3f:2e:84:
                    ac:1d:00:a0:71:d8:63:5f:aa:eb:73:9a:38:d3:1c:
                    7c:f1:a3:47:bb:5a:86:78:08:e4:67:c9:3f:12:1f:
                    b0:d3:96:94:52:9f:d8:e9:c3:de:85:57:db:2c:72:
                    66:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:1C:DF:7A:A7:47:55:3C:4E:06:3F:D0:AC:44:90:BB:71:A2:0A:CA
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:2c:14:ba:b6:8c:57:92:08:94:77:ec:87:f0:ed:c0:8f:13:
         c1:37:b7:2f:9a:77:74:42:cb:96:fb:d6:22:0a:e4:e0:94:2e:
         fd:b3:89:6d:f8:d4:dd:75:77:4d:80:ef:c6:ce:34:67:4d:db:
         72:4b:f6:14:0a:73:5a:25:05:2e:e8:e9:42:33:0e:b8:82:3e:
         46:df:e6:d2:c8:81:51:d7:4e:21:01:cf:2d:7b:5c:a1:5b:b3:
         ec:9f:cf:a9:3d:95:93:69:51:a2:4a:5f:14:cc:08:2e:72:56:
         e1:20:20:6a:87:fc:8b:4c:6a:45:84:46:af:1c:44:24:1b:67:
         8f:6b:6f:2e:77:77:03:0f:7b:36:06:4f:de:4d:f0:67:c7:31:
         7c:b2:a4:93:02:65:70:22:24:87:97:57:e7:7b:13:2e:37:c8:
         1c:fe:e0:cf:04:0e:08:02:99:35:79:d3:53:13:1c:34:6f:56:
         63:27:e3:90:f8:b4:64:47:d6:17:01:ee:e2:b5:c0:32:32:cb:
         04:d7:cf:75:65:63:a3:72:39:83:12:a6:ed:f3:9c:51:ca:44:
         65:1d:1e:b4:e2:fc:07:55:cb:70:23:4f:35:e0:2c:f7:3f:5a:
         a8:26:23:b0:7b:d9:2d:c9:e6:f0:58:59:c5:9c:90:b0:13:88:
         39:09:e6:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpuMRdMQDM2BHzvehaHLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjUwODExMDEwMjU2WhcNMjUwODEyMDEwMjU2WjAzMTEwLwYDVQQD
EyhjZDFjZGY3YWE3NDc1NTNjNGUwNjNmZDBhYzQ0OTBiYjcxYTIwYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/UAIV9XI/HlVHCdOCHGqZBUMcyd
LeHiBZS2Im5m+tQxiAe5dqWVLC4bZhg69XzhS66e5mzhXl9UWqD/qlkdJgSY7Vkx
GSoCJhYbzDnwh3/llWse9B9tblgzMepj1Shc+P8mW897LWdzKuCuLikNmBBQtJGn
j47f9r8oJcb9GPJX9JCQaWgNnw2weamlrM3uLznnqiPO2QP9arxGSkIf3kl9z0xW
NOeDx+TDbtxtoYMFMIPhCTVYe+ZBBke69XV06SZJOttWXwQeX468xdc/LoSsHQCg
cdhjX6rrc5o40xx88aNHu1qGeAjkZ8k/Eh+w05aUUp/Y6cPehVfbLHJmlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0c33qnR1U8TgY/0KxEkLtxogrKMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPywUuraM
V5IIlHfsh/DtwI8TwTe3L5p3dELLlvvWIgrk4JQu/bOJbfjU3XV3TYDvxs40Z03b
ckv2FApzWiUFLujpQjMOuII+Rt/m0siBUddOIQHPLXtcoVuz7J/PqT2Vk2lRokpf
FMwILnJW4SAgaof8i0xqRYRGrxxEJBtnj2tvLnd3Aw97NgZP3k3wZ8cxfLKkkwJl
cCIkh5dX53sTLjfIHP7gzwQOCAKZNXnTUxMcNG9WYyfjkPi0ZEfWFwHu4rXAMjLL
BNfPdWVjo3I5gxKm7fOcUcpEZR0etOL8B1XLcCNPNeAs9z9aqCYjsHvZLcnm8FhZ
xZyQsBOIOQnmhQ==
-----END CERTIFICATE-----