Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          jKjFqKqapshBrcV5ErIIIUAQucN82dO2JoMO8RyTznQ=
Subject key identifier:   A4:58:A0:76:2D:30:4C:4B:16:39:04:21:FC:D8:C4:BD:75:40:C6:2D
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       019A526315D149FA01F119AF1587C64092B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          04E0
Signing time:             Wed 05 Nov 2025 05:00:16 +0000
Manifest this update:     Wed 05 Nov 2025 05:00:16 +0000
Manifest next update:     Thu 06 Nov 2025 05:00:16 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: GP4EoxUahTcf3fnPz2Uxq8Bp4wvIoubm1HDXQiAShDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:63:15:d1:49:fa:01:f1:19:af:15:87:c6:40:92:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Nov  5 05:00:16 2025 GMT
            Not After : Nov  6 05:00:16 2025 GMT
        Subject: CN=a458a0762d304c4b16390421fcd8c4bd7540c62d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:7b:15:4a:bc:37:f7:8e:63:e6:2e:23:8c:88:
                    6d:97:f1:cd:74:1a:61:1f:d5:8d:d9:6b:33:d5:4f:
                    a8:f1:11:a9:0f:ee:9f:ee:1a:7e:f8:91:d2:21:b0:
                    93:2b:d1:7e:ea:40:8f:31:1b:4d:77:4d:a8:80:58:
                    80:55:e7:e2:d2:78:60:18:9f:9f:fe:8b:17:d8:d5:
                    51:12:3f:9c:1f:ca:2c:fd:56:10:73:4e:e9:22:88:
                    a3:10:f0:49:ef:83:06:00:96:46:26:ce:16:82:e0:
                    55:ec:37:a3:a7:8f:e4:a2:ed:e7:f9:0c:61:f3:84:
                    89:ef:96:21:8c:8c:93:d5:d0:79:cf:55:eb:9c:78:
                    2b:6b:ba:ea:b2:da:c8:63:65:56:fe:bd:e2:c1:43:
                    8e:c5:48:bc:7d:52:0d:a9:a3:23:f6:7f:6c:52:d4:
                    ab:44:9e:92:d7:46:ca:06:2b:67:b7:8b:72:70:47:
                    8d:37:01:44:10:25:8f:56:d4:6b:9d:ec:8b:72:0d:
                    f0:3e:b5:c8:2d:ba:08:1c:3c:9a:0d:9a:3b:62:b8:
                    d6:32:32:3f:fd:13:43:77:eb:dc:38:52:5c:77:b8:
                    d4:a7:20:cc:3d:0f:22:0e:a1:73:c8:5c:38:a6:de:
                    15:ad:ef:b6:3b:c9:a2:1a:6a:06:a9:25:94:f8:e0:
                    ef:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:58:A0:76:2D:30:4C:4B:16:39:04:21:FC:D8:C4:BD:75:40:C6:2D
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:16:04:4b:73:8e:11:d3:81:98:71:56:99:9d:0b:c2:0b:9b:
         99:05:47:30:61:68:79:aa:ec:64:c0:5a:1c:a6:25:81:e9:a1:
         65:4c:13:db:58:de:d0:31:be:7c:1d:28:3a:17:03:ee:cc:50:
         c7:68:74:00:8d:ea:d4:ca:a0:06:18:ce:15:9e:f3:3b:3a:46:
         6b:6e:bf:2c:ad:7f:45:5a:35:3c:7f:d2:3d:df:d6:b3:a7:88:
         93:01:d6:f0:26:7a:45:24:b8:a0:52:b9:30:93:af:30:49:d2:
         8f:5a:d9:0e:77:85:ca:8a:af:66:76:62:f8:68:d6:ce:8f:94:
         8d:90:83:02:fa:fd:59:3a:8d:95:aa:96:f7:a2:b1:1c:cb:2a:
         00:57:07:8d:6e:1f:87:f8:7c:51:ae:b7:e6:6e:5b:e3:77:68:
         3e:e6:f3:a4:a8:73:b1:d7:de:20:5f:9f:d1:e0:22:39:6e:30:
         64:d0:c2:80:9e:a9:ea:7c:29:13:6f:5a:17:a6:02:d9:ff:0f:
         7f:83:37:9d:52:5e:bd:c0:51:ad:3d:72:d4:b6:5c:9e:c0:fa:
         bd:6a:a7:1f:ef:5b:16:7d:63:47:6e:9b:e0:05:84:30:9d:61:
         f7:aa:ba:a6:40:9c:0e:18:01:e5:50:8b:c2:e2:28:45:dd:69:
         1d:41:31:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSYxXRSfoB8RmvFYfGQJK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjUxMTA1MDUwMDE2WhcNMjUxMTA2MDUwMDE2WjAzMTEwLwYDVQQD
EyhhNDU4YTA3NjJkMzA0YzRiMTYzOTA0MjFmY2Q4YzRiZDc1NDBjNjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHsVSrw3945j5i4jjIhtl/HNdBph
H9WN2Wsz1U+o8RGpD+6f7hp++JHSIbCTK9F+6kCPMRtNd02ogFiAVefi0nhgGJ+f
/osX2NVREj+cH8os/VYQc07pIoijEPBJ74MGAJZGJs4WguBV7Dejp4/kou3n+Qxh
84SJ75YhjIyT1dB5z1XrnHgra7rqstrIY2VW/r3iwUOOxUi8fVINqaMj9n9sUtSr
RJ6S10bKBitnt4tycEeNNwFEECWPVtRrneyLcg3wPrXILboIHDyaDZo7YrjWMjI/
/RNDd+vcOFJcd7jUpyDMPQ8iDqFzyFw4pt4Vre+2O8miGmoGqSWU+ODvawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRYoHYtMExLFjkEIfzYxL11QMYtMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGhYES3OO
EdOBmHFWmZ0LwgubmQVHMGFoearsZMBaHKYlgemhZUwT21je0DG+fB0oOhcD7sxQ
x2h0AI3q1MqgBhjOFZ7zOzpGa26/LK1/RVo1PH/SPd/Ws6eIkwHW8CZ6RSS4oFK5
MJOvMEnSj1rZDneFyoqvZnZi+GjWzo+UjZCDAvr9WTqNlaqW96KxHMsqAFcHjW4f
h/h8Ua635m5b43doPubzpKhzsdfeIF+f0eAiOW4wZNDCgJ6p6nwpE29aF6YC2f8P
f4M3nVJevcBRrT1y1LZcnsD6vWqnH+9bFn1jR26b4AWEMJ1h96q6pkCcDhgB5VCL
wuIoRd1pHUEx2g==
-----END CERTIFICATE-----