Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
File:                     AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json)
Hash identifier:          WbUF0qaYgC8pvFB75Mte6pGgdVGMVUtY0BfBK3Wo/B8=
Subject key identifier:   2D:5F:D4:48:7C:02:DD:67:68:DA:D3:65:97:B0:D3:33:B0:A3:D9:CF
Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C
Certificate issuer:       /CN=0248417c7fe9ccec5b9daacc08fce799d673088c
Certificate serial:       019873E24A7335F1BB5763C03A809AFFABC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
Manifest number:          0E4D
Signing time:             Mon 04 Aug 2025 07:01:06 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:06 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:06 +0000
Files and hashes:         1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: H7gnwW6/yx95wZWBMwE1SF7h86kE6k6gTl8zlfpbjHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 07:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:4a:73:35:f1:bb:57:63:c0:3a:80:9a:ff:ab:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c
        Validity
            Not Before: Aug  4 07:01:06 2025 GMT
            Not After : Aug  5 07:01:06 2025 GMT
        Subject: CN=2d5fd4487c02dd6768dad36597b0d333b0a3d9cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:4b:8d:e4:76:2f:7e:c4:3f:f5:af:ab:c3:a4:
                    4f:03:6d:c1:c8:14:8e:c7:32:42:5a:83:09:11:44:
                    84:49:e2:4c:e5:68:5c:b2:77:f8:66:cb:f3:73:bd:
                    f8:1d:c0:a2:1c:0b:d3:9a:c1:78:cb:02:44:2c:01:
                    f9:0f:aa:36:5e:d9:18:de:97:3b:83:48:70:fb:8c:
                    45:78:2d:46:60:85:f8:92:60:de:6e:fd:2c:c3:a3:
                    a9:42:d1:82:92:6d:f8:86:b2:f1:d4:da:74:71:87:
                    a5:e3:af:fd:bf:b4:6d:ad:4a:b7:36:f0:1a:71:84:
                    ff:78:e6:b4:50:18:da:61:7b:a5:e3:74:3d:02:5a:
                    1c:ec:7d:7e:7d:32:5c:0c:c2:50:52:66:e5:9c:b5:
                    4e:49:c9:5b:fb:2b:f5:29:71:fd:77:5f:0c:03:04:
                    ae:ec:3d:72:0d:5c:c2:3d:27:24:0f:78:bc:4f:5e:
                    94:be:f5:62:39:e8:4a:f7:a9:de:16:9d:03:01:d0:
                    12:71:bd:c0:fc:6d:40:34:29:c5:c5:40:db:8d:07:
                    f7:15:60:8d:80:bc:60:a6:31:1b:96:02:10:fd:0f:
                    0b:ec:7f:e7:77:12:d9:55:77:fb:d1:9c:a4:f6:b5:
                    24:77:ef:ed:d8:8b:b7:65:f2:ce:0f:e5:ce:11:85:
                    b2:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:5F:D4:48:7C:02:DD:67:68:DA:D3:65:97:B0:D3:33:B0:A3:D9:CF
            X509v3 Authority Key Identifier:
                keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:60:65:63:a3:55:48:fb:4c:33:be:5d:90:b2:17:c1:77:ec:
         1e:f8:45:3d:b2:16:aa:b3:5c:5c:e7:d7:c8:5f:a4:1f:19:17:
         5b:bb:0d:8b:2f:c5:2b:05:1b:15:46:93:fb:b9:f5:be:56:fa:
         7c:7b:2f:b2:48:c0:bf:62:43:a1:3c:6c:b5:cf:c3:43:fb:70:
         b2:62:81:9e:3f:f5:07:93:64:1b:c0:fd:27:c0:a9:db:87:80:
         17:ad:74:83:e6:c4:f9:c0:e9:7b:e4:8c:b8:c7:e2:30:da:d3:
         65:da:48:71:ae:12:3d:18:80:e1:6f:b3:48:ed:c6:32:14:19:
         18:66:07:e3:b1:93:88:12:28:e4:55:f0:6c:45:b4:3a:50:b7:
         ff:5f:f6:c2:b0:05:3b:ee:fb:86:55:16:5e:3f:61:5f:d0:00:
         15:2c:d9:78:e8:08:45:84:7d:c3:c2:c2:49:6a:20:3d:e9:4d:
         ab:55:62:38:6e:fc:fb:9a:79:ba:eb:5a:f5:45:61:94:10:41:
         81:89:6c:d6:61:82:06:ba:00:6d:f0:ed:d0:60:55:3e:64:53:
         66:69:55:c7:78:4c:58:ac:3a:fc:30:bf:24:4d:26:71:0f:60:
         43:c1:5e:5a:b7:61:5b:db:fd:ab:aa:8e:c4:85:6e:c3:89:40:
         92:a1:63:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4kpzNfG7V2PAOoCa/6vBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3
MzA4OGMwHhcNMjUwODA0MDcwMTA2WhcNMjUwODA1MDcwMTA2WjAzMTEwLwYDVQQD
EygyZDVmZDQ0ODdjMDJkZDY3NjhkYWQzNjU5N2IwZDMzM2IwYTNkOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kuN5HYvfsQ/9a+rw6RPA23ByBSO
xzJCWoMJEUSESeJM5Whcsnf4Zsvzc734HcCiHAvTmsF4ywJELAH5D6o2XtkY3pc7
g0hw+4xFeC1GYIX4kmDebv0sw6OpQtGCkm34hrLx1Np0cYel46/9v7RtrUq3NvAa
cYT/eOa0UBjaYXul43Q9Aloc7H1+fTJcDMJQUmblnLVOSclb+yv1KXH9d18MAwSu
7D1yDVzCPSckD3i8T16UvvViOehK96neFp0DAdAScb3A/G1ANCnFxUDbjQf3FWCN
gLxgpjEblgIQ/Q8L7H/ndxLZVXf70Zyk9rUkd+/t2Iu3ZfLOD+XOEYWytwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1f1Eh8At1naNrTZZew0zOwo9nPMB8GA1UdIwQY
MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt
NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2
LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGGBlY6NV
SPtMM75dkLIXwXfsHvhFPbIWqrNcXOfXyF+kHxkXW7sNiy/FKwUbFUaT+7n1vlb6
fHsvskjAv2JDoTxstc/DQ/twsmKBnj/1B5NkG8D9J8Cp24eAF610g+bE+cDpe+SM
uMfiMNrTZdpIca4SPRiA4W+zSO3GMhQZGGYH47GTiBIo5FXwbEW0OlC3/1/2wrAF
O+77hlUWXj9hX9AAFSzZeOgIRYR9w8LCSWogPelNq1ViOG78+5p5uuta9UVhlBBB
gYls1mGCBroAbfDt0GBVPmRTZmlVx3hMWKw6/DC/JE0mcQ9gQ8FeWrdhW9v9q6qO
xIVuw4lAkqFj/g==
-----END CERTIFICATE-----