Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
File:                     4tNxxKeqqFX4zDsa6oAilCCoDyA.mft (raw, json)
Hash identifier:          i4/5QWxi2Socf9+nuvJtOq+Oy0a9dS91nVT+TmeYQ/k=
Subject key identifier:   12:73:7D:56:49:B1:D2:B3:0D:7A:9C:FB:EA:C1:AC:48:EC:C2:49:C9
Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
Certificate issuer:       /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Certificate serial:       0198744FF06077E5D7A033B36CCA9498FFD5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
Manifest number:          1619
Signing time:             Mon 04 Aug 2025 09:00:52 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:52 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:52 +0000
Files and hashes:         1: 4tNxxKeqqFX4zDsa6oAilCCoDyA.crl (hash: OdnbNKgxiQScbSXEInsh/y1pumPHnJNVmyiDfhGzJP4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:f0:60:77:e5:d7:a0:33:b3:6c:ca:94:98:ff:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
        Validity
            Not Before: Aug  4 09:00:52 2025 GMT
            Not After : Aug  5 09:00:52 2025 GMT
        Subject: CN=12737d5649b1d2b30d7a9cfbeac1ac48ecc249c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a0:ab:a7:aa:c9:e0:6b:59:a4:ae:ac:1f:16:
                    09:75:a1:b5:91:e5:ef:56:8c:88:fa:17:28:9f:d2:
                    b3:69:56:fa:e4:92:a0:fa:19:5b:a3:ee:46:fb:4d:
                    51:2f:2b:fe:23:f8:95:39:5d:e1:66:9f:65:2a:86:
                    e4:fb:4a:a7:77:12:ef:ef:a6:b5:8e:67:53:3a:31:
                    4c:3e:f3:5a:5a:4e:0d:5e:81:03:6f:6f:b7:5d:44:
                    98:c6:7e:94:d7:f1:c6:f4:13:35:8e:ea:59:27:96:
                    7a:f1:81:8a:38:11:7a:92:3e:45:ae:85:90:0b:31:
                    b5:c0:ef:bb:ee:33:08:22:66:cf:5b:bc:57:55:b7:
                    7e:57:ed:7c:64:8d:5d:6d:e8:9c:eb:56:42:a2:a9:
                    4f:58:0d:dc:93:82:ee:92:e8:1e:2f:ab:41:ff:31:
                    7d:03:a3:6d:aa:0b:bc:03:93:1c:ad:19:d1:e0:b7:
                    73:62:8a:10:c6:f9:4b:98:bd:43:3e:76:63:e0:5d:
                    7a:b3:35:aa:50:28:8a:35:7c:bb:b5:f1:ce:a2:d1:
                    3d:5d:03:89:0b:88:24:b6:db:4b:2b:0e:66:f5:ea:
                    d3:91:07:a0:aa:7c:69:63:b8:61:f4:d2:77:20:d8:
                    38:16:20:a3:99:b4:28:a6:92:2a:f3:ee:ad:95:7d:
                    1f:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:73:7D:56:49:B1:D2:B3:0D:7A:9C:FB:EA:C1:AC:48:EC:C2:49:C9
            X509v3 Authority Key Identifier:
                keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:86:80:f5:28:44:2c:d1:48:b9:07:18:d0:41:79:da:87:fe:
         6e:a9:87:44:0c:eb:c3:38:8d:a9:f8:24:b0:3b:f0:c3:4c:80:
         74:4a:49:36:c4:9e:46:2d:09:6b:cb:51:b6:7e:da:8b:7c:c1:
         f6:59:78:8a:e7:5e:85:bf:39:bd:0b:b5:37:b1:8c:35:ce:89:
         69:4f:14:d2:2a:cc:e2:e6:f1:c6:33:79:4c:c7:10:58:ee:7d:
         3a:a7:23:41:b1:ea:c8:a5:7a:42:a4:bd:1a:d9:8f:73:c7:03:
         82:7e:eb:30:db:56:ae:e1:06:35:e2:d1:d4:dd:9b:16:80:39:
         10:46:ff:1c:63:17:27:b4:b8:f6:31:52:c1:4a:38:c5:b5:ec:
         f9:9c:a2:b5:11:2a:9a:7e:01:25:04:9c:cb:b0:e5:d5:97:95:
         a4:7c:c3:df:62:00:cb:a7:a6:ef:5b:a7:9c:dc:e5:e7:d2:01:
         a9:11:ea:81:ea:0d:01:72:88:1b:25:1e:ed:5b:30:6f:f8:cb:
         a8:18:b0:6f:52:2a:eb:50:44:16:7b:2f:9b:77:e9:0d:c5:fc:
         c7:49:e0:6f:76:4b:aa:18:01:e5:76:e8:3a:35:d9:7c:9e:68:
         4a:fd:d6:45:84:af:6d:9d:9b:35:c1:02:7b:d5:51:60:d0:b1:
         15:ba:6c:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T/Bgd+XXoDOzbMqUmP/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh
ODBmMjAwHhcNMjUwODA0MDkwMDUyWhcNMjUwODA1MDkwMDUyWjAzMTEwLwYDVQQD
EygxMjczN2Q1NjQ5YjFkMmIzMGQ3YTljZmJlYWMxYWM0OGVjYzI0OWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaCrp6rJ4GtZpK6sHxYJdaG1keXv
VoyI+hcon9KzaVb65JKg+hlbo+5G+01RLyv+I/iVOV3hZp9lKobk+0qndxLv76a1
jmdTOjFMPvNaWk4NXoEDb2+3XUSYxn6U1/HG9BM1jupZJ5Z68YGKOBF6kj5FroWQ
CzG1wO+77jMIImbPW7xXVbd+V+18ZI1dbeic61ZCoqlPWA3ck4LukugeL6tB/zF9
A6Ntqgu8A5McrRnR4LdzYooQxvlLmL1DPnZj4F16szWqUCiKNXy7tfHOotE9XQOJ
C4gktttLKw5m9erTkQegqnxpY7hh9NJ3INg4FiCjmbQoppIq8+6tlX0fSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJzfVZJsdKzDXqc++rBrEjswknJMB8GA1UdIwQY
MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt
OTA3YTU4Yzk5NGMyLzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy
LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcoaA9ShE
LNFIuQcY0EF52of+bqmHRAzrwziNqfgksDvww0yAdEpJNsSeRi0Ja8tRtn7ai3zB
9ll4iudehb85vQu1N7GMNc6JaU8U0irM4ubxxjN5TMcQWO59OqcjQbHqyKV6QqS9
GtmPc8cDgn7rMNtWruEGNeLR1N2bFoA5EEb/HGMXJ7S49jFSwUo4xbXs+ZyitREq
mn4BJQScy7Dl1ZeVpHzD32IAy6em71unnNzl59IBqRHqgeoNAXKIGyUe7Vswb/jL
qBiwb1Iq61BEFnsvm3fpDcX8x0ngb3ZLqhgB5XboOjXZfJ5oSv3WRYSvbZ2bNcEC
e9VRYNCxFbps5g==
-----END CERTIFICATE-----