Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          p08XxV031FnpbIP2vVgSxfaXUPqrr12bkK+yArBYHlQ=
Subject key identifier:   74:F0:91:67:17:69:8D:D7:BB:56:D6:AB:C9:D3:E9:88:22:BE:D6:B5
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       01989448F089795688013CE9F297CFA1082B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          03F9
Signing time:             Sun 10 Aug 2025 14:01:04 +0000
Manifest this update:     Sun 10 Aug 2025 14:01:04 +0000
Manifest next update:     Mon 11 Aug 2025 14:01:04 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: w+x+zsTOsrECkIedUYJTShFgu/sCAlp5yHpZON8TvHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 14:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:94:48:f0:89:79:56:88:01:3c:e9:f2:97:cf:a1:08:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Aug 10 14:01:04 2025 GMT
            Not After : Aug 11 14:01:04 2025 GMT
        Subject: CN=74f0916717698dd7bb56d6abc9d3e98822bed6b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:be:de:55:31:dc:a0:78:06:12:90:42:5a:6f:
                    a5:6f:6a:47:36:cd:57:d5:4f:0e:61:0b:57:a5:92:
                    b5:ee:a4:e1:ee:cb:75:0c:a8:1a:8d:3f:b5:5a:90:
                    e7:c0:b5:37:7a:80:a5:23:00:71:e2:ef:eb:1e:43:
                    f1:19:c5:6b:46:63:2e:79:80:ef:07:81:98:ad:54:
                    43:ac:76:bf:ef:18:a5:6c:1b:4b:f5:6d:3c:fe:b1:
                    bf:e5:0d:d2:3e:d3:52:a3:03:19:34:c0:f3:ee:b2:
                    cb:15:cb:05:34:24:9a:e1:78:0c:8f:5a:71:88:bc:
                    2a:31:1d:8d:d1:13:a9:f5:88:6b:a4:92:1a:5e:d6:
                    ed:30:2c:06:81:1e:23:b2:ce:56:c4:93:ad:37:07:
                    e8:4b:46:8b:07:77:32:b4:89:c1:61:58:04:85:fb:
                    41:52:9d:cc:b1:cf:c1:d5:64:43:58:95:d0:af:59:
                    4d:55:07:61:bd:79:4f:4c:06:62:a8:f4:59:c0:84:
                    06:35:8c:52:3f:d4:83:29:27:53:26:8b:c6:6a:08:
                    8a:e7:cc:a5:5d:cf:8b:48:6b:98:a5:16:73:32:d3:
                    5d:cb:8c:07:7e:b5:3b:4a:27:37:0c:e9:62:7d:a6:
                    dc:0b:25:a8:f8:98:20:dd:5d:19:54:7b:18:64:6b:
                    78:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:F0:91:67:17:69:8D:D7:BB:56:D6:AB:C9:D3:E9:88:22:BE:D6:B5
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:1f:fd:7c:39:e2:31:70:52:c6:8b:f7:00:73:d4:14:14:03:
         3e:c9:fb:58:0a:3a:de:9a:0f:97:d9:c3:a4:32:97:34:aa:08:
         92:84:53:5f:cd:6e:01:95:1d:7d:1e:b1:9f:10:8c:99:96:ce:
         96:28:cc:d3:b2:e9:fa:54:44:ff:c3:44:eb:d1:b6:83:25:31:
         ae:2b:a9:b7:15:79:44:b8:71:0b:a4:5e:eb:9b:30:62:dd:2c:
         78:5b:6b:dd:e2:83:91:b2:fe:03:d3:77:43:91:fa:43:f1:a4:
         bb:1c:a9:1c:6d:61:b0:ba:93:6d:7a:aa:11:eb:37:ff:bd:1c:
         30:f0:11:32:35:12:c4:52:12:a9:c3:34:85:dc:8a:8e:43:63:
         aa:89:30:52:b1:cc:f0:bf:29:fa:25:8c:89:10:29:a1:3f:81:
         dd:ca:84:10:49:87:30:8a:a2:d5:3d:88:f1:eb:b9:20:a7:da:
         6c:22:6d:55:7f:cc:06:7a:21:64:65:00:3e:cb:55:3b:8f:4f:
         d0:9a:2d:81:3f:93:c5:6e:83:e5:88:6b:1a:db:08:67:e7:d6:
         d0:0e:6d:ba:7c:63:3e:22:ad:78:62:f1:b8:8d:c9:84:36:dd:
         7d:2c:5c:57:06:11:a0:32:bf:0a:20:c2:e8:d7:15:8a:b9:7f:
         ca:d7:d4:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiUSPCJeVaIATzp8pfPoQgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjUwODEwMTQwMTA0WhcNMjUwODExMTQwMTA0WjAzMTEwLwYDVQQD
Eyg3NGYwOTE2NzE3Njk4ZGQ3YmI1NmQ2YWJjOWQzZTk4ODIyYmVkNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjL7eVTHcoHgGEpBCWm+lb2pHNs1X
1U8OYQtXpZK17qTh7st1DKgajT+1WpDnwLU3eoClIwBx4u/rHkPxGcVrRmMueYDv
B4GYrVRDrHa/7xilbBtL9W08/rG/5Q3SPtNSowMZNMDz7rLLFcsFNCSa4XgMj1px
iLwqMR2N0ROp9YhrpJIaXtbtMCwGgR4jss5WxJOtNwfoS0aLB3cytInBYVgEhftB
Up3Msc/B1WRDWJXQr1lNVQdhvXlPTAZiqPRZwIQGNYxSP9SDKSdTJovGagiK58yl
Xc+LSGuYpRZzMtNdy4wHfrU7Sic3DOlifabcCyWo+Jgg3V0ZVHsYZGt40wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTwkWcXaY3Xu1bWq8nT6Ygivta1MB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkh/9fDni
MXBSxov3AHPUFBQDPsn7WAo63poPl9nDpDKXNKoIkoRTX81uAZUdfR6xnxCMmZbO
lijM07Lp+lRE/8NE69G2gyUxriuptxV5RLhxC6Re65swYt0seFtr3eKDkbL+A9N3
Q5H6Q/GkuxypHG1hsLqTbXqqEes3/70cMPARMjUSxFISqcM0hdyKjkNjqokwUrHM
8L8p+iWMiRApoT+B3cqEEEmHMIqi1T2I8eu5IKfabCJtVX/MBnohZGUAPstVO49P
0JotgT+TxW6D5YhrGtsIZ+fW0A5tunxjPiKteGLxuI3JhDbdfSxcVwYRoDK/CiDC
6NcVirl/ytfUTg==
-----END CERTIFICATE-----