Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          qm4Nc/At3PP9LSZCHpHvMuAHV42OWTAep1eM9pWVnQ8=
Subject key identifier:   11:98:61:7A:F8:0D:76:41:73:05:0D:A5:20:A3:A5:9D:9B:44:E8:0B
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019880C22E05ABBF94E5CFE22AD6A5C9D0F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          0F4F
Signing time:             Wed 06 Aug 2025 19:01:06 +0000
Manifest this update:     Wed 06 Aug 2025 19:01:06 +0000
Manifest next update:     Thu 07 Aug 2025 19:01:06 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: /2mx6q9HwGw6mJICs1ohF05/eyhdIgO6NN30greX3Io=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c2:2e:05:ab:bf:94:e5:cf:e2:2a:d6:a5:c9:d0:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Aug  6 19:01:06 2025 GMT
            Not After : Aug  7 19:01:06 2025 GMT
        Subject: CN=1198617af80d764173050da520a3a59d9b44e80b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d4:ae:9c:42:9b:4f:69:e6:bc:07:25:f7:0b:
                    c8:9e:74:75:71:71:c6:e3:72:9d:9e:e7:82:60:13:
                    9b:0f:91:dd:86:13:9d:0a:19:a6:51:ba:ad:73:66:
                    bb:79:ff:1c:04:e8:0e:4d:5d:6b:1e:76:b4:82:2d:
                    a8:73:3e:fa:9c:d9:7d:6c:e1:c0:0b:28:a8:d6:a9:
                    0c:9f:c2:00:1a:9b:a3:b1:9c:b2:27:a0:a1:3f:a4:
                    ab:80:65:d4:66:58:9a:14:52:91:67:2d:45:16:01:
                    34:c1:a8:86:e0:a3:e8:f0:1e:20:8f:48:bc:ab:4b:
                    12:1b:46:49:6b:d5:bf:78:54:ab:0c:ca:ce:6d:34:
                    fc:9e:64:f1:4b:ad:a6:ba:09:9e:af:08:38:b1:37:
                    79:cf:6b:4c:80:d4:06:44:11:4b:22:ee:7f:3b:85:
                    2d:ef:cc:bf:b9:3d:ca:ef:76:a8:6c:16:c1:c8:d1:
                    b8:35:32:17:c5:fc:06:84:78:0e:3a:c0:aa:ab:54:
                    f9:e3:2d:c9:d1:95:df:07:8f:d0:8a:7d:80:2f:cd:
                    fd:b0:88:ee:ca:42:39:3a:95:82:c3:5e:82:bd:9c:
                    8d:6e:6e:c5:a7:a2:e7:c7:0f:10:08:95:7c:65:26:
                    64:76:ce:5f:d0:37:67:20:34:18:93:89:48:25:c0:
                    81:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:98:61:7A:F8:0D:76:41:73:05:0D:A5:20:A3:A5:9D:9B:44:E8:0B
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:15:c0:77:96:06:4d:e0:0d:e3:09:ee:8a:88:ba:f6:01:be:
         de:f1:c4:ab:38:a9:48:a4:09:04:e3:db:16:67:25:13:c0:93:
         70:e8:31:88:53:83:4b:49:e2:46:05:c0:35:02:e5:1c:c1:66:
         de:44:e2:6a:18:b1:3a:5d:c2:4b:6b:44:7e:7e:28:82:db:17:
         2c:32:95:ce:e6:fc:0b:38:ee:5a:d7:b3:e5:33:81:11:17:77:
         43:16:2d:2a:0e:a9:92:a1:35:b0:06:02:45:8a:d2:0b:33:ce:
         a3:c4:bb:ff:cb:9f:70:d2:b6:72:62:06:db:19:8b:9b:d3:09:
         b3:82:fe:c5:a3:ff:7b:9e:bd:b2:74:9c:88:8c:85:5e:4d:11:
         c9:2f:a3:2a:24:62:d9:ed:7d:1b:d8:d4:b3:1b:b6:04:5c:1c:
         5d:d6:79:c6:c7:6e:53:c3:3d:5b:12:37:40:54:b6:4b:8e:53:
         1c:e3:e3:af:07:9b:1b:11:d4:40:5a:00:7d:8a:d5:d6:c7:04:
         61:b8:0a:b9:65:9e:d2:46:f2:32:cc:54:d4:9e:2a:5e:16:d6:
         cf:2e:48:db:85:56:98:8c:2b:d2:79:3a:d7:36:3e:c8:88:f6:
         bd:3a:21:6f:ee:53:b0:19:ae:42:14:a0:83:8f:d0:af:0a:bb:
         a8:32:3d:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAwi4Fq7+U5c/iKtalydDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjUwODA2MTkwMTA2WhcNMjUwODA3MTkwMTA2WjAzMTEwLwYDVQQD
EygxMTk4NjE3YWY4MGQ3NjQxNzMwNTBkYTUyMGEzYTU5ZDliNDRlODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9SunEKbT2nmvAcl9wvInnR1cXHG
43KdnueCYBObD5HdhhOdChmmUbqtc2a7ef8cBOgOTV1rHna0gi2ocz76nNl9bOHA
Cyio1qkMn8IAGpujsZyyJ6ChP6SrgGXUZliaFFKRZy1FFgE0waiG4KPo8B4gj0i8
q0sSG0ZJa9W/eFSrDMrObTT8nmTxS62mugmerwg4sTd5z2tMgNQGRBFLIu5/O4Ut
78y/uT3K73aobBbByNG4NTIXxfwGhHgOOsCqq1T54y3J0ZXfB4/Qin2AL839sIju
ykI5OpWCw16CvZyNbm7Fp6Lnxw8QCJV8ZSZkds5f0DdnIDQYk4lIJcCB4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGYYXr4DXZBcwUNpSCjpZ2bROgLMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBXAd5YG
TeAN4wnuioi69gG+3vHEqzipSKQJBOPbFmclE8CTcOgxiFODS0niRgXANQLlHMFm
3kTiahixOl3CS2tEfn4ogtsXLDKVzub8CzjuWtez5TOBERd3QxYtKg6pkqE1sAYC
RYrSCzPOo8S7/8ufcNK2cmIG2xmLm9MJs4L+xaP/e569snSciIyFXk0RyS+jKiRi
2e19G9jUsxu2BFwcXdZ5xsduU8M9WxI3QFS2S45THOPjrwebGxHUQFoAfYrV1scE
YbgKuWWe0kbyMsxU1J4qXhbWzy5I24VWmIwr0nk61zY+yIj2vTohb+5TsBmuQhSg
g4/Qrwq7qDI9ZA==
-----END CERTIFICATE-----