Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          /nZ8m4+a1IW4qQ7Zz9DivjwZ6wdJkYwGqtg1eGhw30Y=
Subject key identifier:   B9:1F:EE:B4:35:22:E1:84:9D:E0:75:89:E7:0D:3A:0A:2D:7B:28:30
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       01989ECCDEF8B403CEE24693FA94E3074310
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          0F56
Signing time:             Tue 12 Aug 2025 15:01:23 +0000
Manifest this update:     Tue 12 Aug 2025 15:01:23 +0000
Manifest next update:     Wed 13 Aug 2025 15:01:23 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: AGn3NKxb7D8ocfq3yeBFxP7SIiEtNZJTvCzsaQFX0HQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 15:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9e:cc:de:f8:b4:03:ce:e2:46:93:fa:94:e3:07:43:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Aug 12 15:01:23 2025 GMT
            Not After : Aug 13 15:01:23 2025 GMT
        Subject: CN=b91feeb43522e1849de07589e70d3a0a2d7b2830
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:95:f0:62:ad:7f:6d:0d:71:fa:58:b8:2a:23:
                    06:3c:00:ec:4e:47:8a:2e:58:2a:39:a1:bc:ba:f2:
                    b4:f8:fc:92:c6:5c:09:29:ce:1b:8b:1b:f0:5c:82:
                    d0:ef:5e:6f:c8:ef:fe:18:59:c0:f8:87:fb:42:3c:
                    74:1a:94:e6:91:be:10:04:66:f0:86:4e:fd:7d:53:
                    1f:ad:2a:d5:4a:3f:e1:e2:98:96:d8:6d:b1:1a:a5:
                    be:7a:4d:6c:34:e5:f6:79:cd:ad:f8:71:4e:23:10:
                    a5:93:fd:8f:dc:d4:4e:71:bd:f8:01:1f:6e:1a:e0:
                    44:94:d9:2c:d1:12:11:56:80:fb:34:f2:5a:a5:74:
                    86:bd:30:26:85:76:4d:24:d6:8d:75:e0:88:1e:e1:
                    fa:37:48:d7:00:a8:1f:13:d0:41:d5:6e:55:f6:2e:
                    66:dc:6a:7b:30:f2:b4:12:8e:75:8c:bd:26:d8:fc:
                    e7:ac:e3:3b:98:9f:46:6f:35:28:55:44:11:b5:d7:
                    57:ac:1d:c1:55:51:4f:91:db:cc:91:7f:b4:7a:6e:
                    87:46:94:5b:c8:96:60:1c:ce:65:73:1c:b8:70:8d:
                    da:94:8e:13:7f:e4:cd:4e:09:d8:58:4f:3b:f7:8e:
                    ce:db:c0:d6:a7:51:9c:3e:ad:73:09:78:77:fa:86:
                    e1:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:1F:EE:B4:35:22:E1:84:9D:E0:75:89:E7:0D:3A:0A:2D:7B:28:30
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:b5:a5:5b:7b:17:a3:92:a2:16:22:52:fc:5d:b4:ba:81:14:
         b1:36:b6:32:05:06:5a:2f:93:ce:6e:bc:d9:3c:62:ec:bf:0b:
         0a:03:bd:b6:b0:43:30:37:b7:fc:d2:3a:da:f2:93:66:ab:70:
         d0:00:07:57:0e:1d:59:8a:a7:49:de:58:71:29:a2:26:64:7b:
         ab:8d:02:5d:fe:06:0a:09:60:15:e5:da:fa:da:67:71:80:51:
         37:45:67:13:8d:44:a6:b3:22:f9:06:5a:34:c6:74:24:e3:14:
         34:9d:07:1e:14:b6:4d:6d:ee:d3:60:d4:98:43:29:52:40:a7:
         90:78:fe:f5:8d:9c:66:61:4a:22:30:2a:ca:54:fc:9c:d5:b0:
         c4:22:c9:d4:34:53:20:44:b6:e0:53:4f:13:a5:7e:bb:0b:05:
         65:4d:4f:d2:79:b5:cf:61:16:47:a5:4c:02:77:a9:ae:e7:99:
         41:99:eb:09:8a:55:5a:16:c1:7a:d9:f2:25:2e:43:47:44:08:
         df:e6:13:f2:19:11:53:2e:fa:6c:b7:2d:83:a0:ba:8b:6d:e7:
         9c:46:64:98:51:44:88:6d:a7:88:c5:47:54:49:e7:c5:f4:d4:
         fd:c4:ae:a6:15:8e:7a:a1:09:ed:92:49:c2:1a:ec:85:09:9c:
         8d:03:0d:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiezN74tAPO4kaT+pTjB0MQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjUwODEyMTUwMTIzWhcNMjUwODEzMTUwMTIzWjAzMTEwLwYDVQQD
EyhiOTFmZWViNDM1MjJlMTg0OWRlMDc1ODllNzBkM2EwYTJkN2IyODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pXwYq1/bQ1x+li4KiMGPADsTkeK
LlgqOaG8uvK0+PySxlwJKc4bixvwXILQ715vyO/+GFnA+If7Qjx0GpTmkb4QBGbw
hk79fVMfrSrVSj/h4piW2G2xGqW+ek1sNOX2ec2t+HFOIxClk/2P3NROcb34AR9u
GuBElNks0RIRVoD7NPJapXSGvTAmhXZNJNaNdeCIHuH6N0jXAKgfE9BB1W5V9i5m
3Gp7MPK0Eo51jL0m2PznrOM7mJ9GbzUoVUQRtddXrB3BVVFPkdvMkX+0em6HRpRb
yJZgHM5lcxy4cI3alI4Tf+TNTgnYWE87947O28DWp1GcPq1zCXh3+obhPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkf7rQ1IuGEneB1iecNOgoteygwMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAULWlW3sX
o5KiFiJS/F20uoEUsTa2MgUGWi+Tzm682Txi7L8LCgO9trBDMDe3/NI62vKTZqtw
0AAHVw4dWYqnSd5YcSmiJmR7q40CXf4GCglgFeXa+tpncYBRN0VnE41EprMi+QZa
NMZ0JOMUNJ0HHhS2TW3u02DUmEMpUkCnkHj+9Y2cZmFKIjAqylT8nNWwxCLJ1DRT
IES24FNPE6V+uwsFZU1P0nm1z2EWR6VMAneprueZQZnrCYpVWhbBetnyJS5DR0QI
3+YT8hkRUy76bLctg6C6i23nnEZkmFFEiG2niMVHVEnnxfTU/cSuphWOeqEJ7ZJJ
whrshQmcjQMNKg==
-----END CERTIFICATE-----