Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
File:                     4iUB2aQBcJg48z0a4nm85xALPM8.mft (raw, json)
Hash identifier:          IhlRNt2vvCgzaTZkztCHARHw3HokHmgmTn46BrS+WoI=
Subject key identifier:   7B:6D:0F:BA:61:68:A2:4F:16:CE:C3:43:DB:16:79:A6:E8:12:0C:89
Authority key identifier: E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF
Certificate issuer:       /CN=e22501d9a401709838f33d1ae279bce7100b3ccf
Certificate serial:       01988B0EE2D158AF57144CB62FF5C5A21098
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
Manifest number:          109A
Signing time:             Fri 08 Aug 2025 19:01:05 +0000
Manifest this update:     Fri 08 Aug 2025 19:01:05 +0000
Manifest next update:     Sat 09 Aug 2025 19:01:05 +0000
Files and hashes:         1: 4iUB2aQBcJg48z0a4nm85xALPM8.crl (hash: U+zXKQfkmQuG7wHvkj9OfASlUeY3cFbE49OdMVwkop4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0e:e2:d1:58:af:57:14:4c:b6:2f:f5:c5:a2:10:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e22501d9a401709838f33d1ae279bce7100b3ccf
        Validity
            Not Before: Aug  8 19:01:05 2025 GMT
            Not After : Aug  9 19:01:05 2025 GMT
        Subject: CN=7b6d0fba6168a24f16cec343db1679a6e8120c89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:37:21:c6:42:24:2d:12:5a:99:0f:9a:56:33:
                    48:09:74:4e:c1:0f:ee:cc:8d:29:96:49:68:77:7c:
                    fd:74:89:8d:26:77:65:19:f4:65:a7:24:e1:bd:91:
                    50:98:ac:bf:4e:d9:f1:d6:c3:79:ee:23:78:77:b4:
                    8e:72:42:0d:a1:7d:d3:4b:5a:e8:cc:2e:a3:36:b0:
                    24:d1:52:a0:e9:c1:03:60:15:63:7d:35:70:1e:35:
                    c6:3d:40:51:ab:b3:b9:93:9c:77:6d:20:30:f6:23:
                    40:96:de:35:82:ff:3d:a9:12:00:61:ba:19:27:8d:
                    b0:2f:ff:99:dd:fe:74:1f:a8:92:23:f9:08:c6:e9:
                    64:fa:83:64:47:87:02:ad:0d:7c:95:bc:2b:87:26:
                    b9:43:ed:81:1a:56:64:7e:27:2a:1c:97:a3:3d:a9:
                    4f:44:82:10:d8:94:5d:07:a5:97:35:5c:45:66:72:
                    43:17:1e:c3:01:98:f4:56:aa:b8:e8:ad:4f:9f:80:
                    41:a0:8a:68:ae:77:a1:e6:d1:08:b6:97:94:7e:61:
                    80:58:b0:ee:1c:b0:e0:87:65:0f:f5:a1:69:86:c5:
                    44:6e:86:98:76:c4:6a:a3:d1:4c:d9:8d:9c:e5:16:
                    df:44:9e:7b:b6:96:3c:69:06:1c:6a:3d:90:7a:00:
                    19:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:6D:0F:BA:61:68:A2:4F:16:CE:C3:43:DB:16:79:A6:E8:12:0C:89
            X509v3 Authority Key Identifier:
                keyid:E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:d1:36:7a:9e:05:d5:0e:d2:db:26:c7:2b:2a:fe:48:0c:7b:
         e3:f5:f1:21:ce:51:b9:3b:47:e4:6b:c6:47:30:a9:16:ce:36:
         83:f7:0e:e3:7e:1e:e3:2c:73:d7:83:6e:ff:00:51:ec:64:79:
         d8:1f:2b:d5:9f:6b:a2:5e:ad:70:35:64:0c:1c:7e:60:64:2a:
         6e:89:e2:3e:e5:81:6b:31:4b:6c:39:bc:bd:00:cf:99:ba:4c:
         ab:c8:07:ed:eb:d3:df:db:99:ec:f6:c3:09:8a:47:b9:b1:9c:
         ec:5f:4e:28:71:c2:6b:11:78:56:8f:f4:e0:63:63:3d:d0:c3:
         cd:19:3d:a3:2f:79:09:8f:5f:ca:18:b7:25:eb:8f:1d:ba:e1:
         de:eb:ec:a1:7a:30:7f:c6:62:6c:bc:09:91:1a:7b:7a:da:07:
         e3:9a:e4:7c:28:3b:cb:b9:64:b0:43:86:9b:5d:48:34:02:ac:
         8b:a4:4c:d6:a8:52:d8:6d:ed:fa:a6:00:d9:2f:93:72:3b:50:
         cd:ae:af:a0:fb:0f:b1:61:06:33:14:5a:05:4b:2c:0b:8c:f1:
         e8:d4:aa:13:71:5c:08:33:d9:d4:74:d4:29:ae:6a:27:90:b0:
         cc:84:c1:1a:eb:c7:1f:ae:cf:3e:98:6e:79:33:97:45:eb:72:
         31:c5:23:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDuLRWK9XFEy2L/XFohCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjUwMWQ5YTQwMTcwOTgzOGYzM2QxYWUyNzliY2U3MTAw
YjNjY2YwHhcNMjUwODA4MTkwMTA1WhcNMjUwODA5MTkwMTA1WjAzMTEwLwYDVQQD
Eyg3YjZkMGZiYTYxNjhhMjRmMTZjZWMzNDNkYjE2NzlhNmU4MTIwYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9jchxkIkLRJamQ+aVjNICXROwQ/u
zI0plklod3z9dImNJndlGfRlpyThvZFQmKy/Ttnx1sN57iN4d7SOckINoX3TS1ro
zC6jNrAk0VKg6cEDYBVjfTVwHjXGPUBRq7O5k5x3bSAw9iNAlt41gv89qRIAYboZ
J42wL/+Z3f50H6iSI/kIxulk+oNkR4cCrQ18lbwrhya5Q+2BGlZkficqHJejPalP
RIIQ2JRdB6WXNVxFZnJDFx7DAZj0Vqq46K1Pn4BBoIporneh5tEItpeUfmGAWLDu
HLDgh2UP9aFphsVEboaYdsRqo9FM2Y2c5RbfRJ57tpY8aQYcaj2QegAZJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHttD7phaKJPFs7DQ9sWeaboEgyJMB8GA1UdIwQY
MBaAFOIlAdmkAXCYOPM9GuJ5vOcQCzzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3Njgt
Zjk4MTFlZTNmYTg3LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3NjgtZjk4MTFlZTNmYTg3
LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiNE2ep4F
1Q7S2ybHKyr+SAx74/XxIc5RuTtH5GvGRzCpFs42g/cO434e4yxz14Nu/wBR7GR5
2B8r1Z9rol6tcDVkDBx+YGQqboniPuWBazFLbDm8vQDPmbpMq8gH7evT39uZ7PbD
CYpHubGc7F9OKHHCaxF4Vo/04GNjPdDDzRk9oy95CY9fyhi3JeuPHbrh3uvsoXow
f8ZibLwJkRp7etoH45rkfCg7y7lksEOGm11INAKsi6RM1qhS2G3t+qYA2S+TcjtQ
za6voPsPsWEGMxRaBUssC4zx6NSqE3FcCDPZ1HTUKa5qJ5CwzITBGuvHH67PPphu
eTOXRetyMcUjhw==
-----END CERTIFICATE-----