Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.mft
File:                     4fLKlRgjMUpfTRCmangiOY-4iWs.mft (raw, json)
Hash identifier:          EX0G5bp5l0XjMPJDSTaMLzRvuG6+sI+pD4gmzo//uWU=
Subject key identifier:   C0:E0:0D:F6:7F:CF:32:9F:A7:34:29:D9:95:D5:25:BB:46:07:3D:1B
Authority key identifier: E1:F2:CA:95:18:23:31:4A:5F:4D:10:A6:6A:78:22:39:8F:B8:89:6B
Certificate issuer:       /CN=e1f2ca951823314a5f4d10a66a7822398fb8896b
Certificate serial:       01987F795B4081E634AADD3F33C251E1773A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4fLKlRgjMUpfTRCmangiOY-4iWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.mft
Manifest number:          161A
Signing time:             Wed 06 Aug 2025 13:01:56 +0000
Manifest this update:     Wed 06 Aug 2025 13:01:56 +0000
Manifest next update:     Thu 07 Aug 2025 13:01:56 +0000
Files and hashes:         1: 4fLKlRgjMUpfTRCmangiOY-4iWs.crl (hash: uPKLYzj9i7LyAPNQl8HEY0P1NY5dEy4iyeBWCti01g4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4fLKlRgjMUpfTRCmangiOY-4iWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 13:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7f:79:5b:40:81:e6:34:aa:dd:3f:33:c2:51:e1:77:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1f2ca951823314a5f4d10a66a7822398fb8896b
        Validity
            Not Before: Aug  6 13:01:56 2025 GMT
            Not After : Aug  7 13:01:56 2025 GMT
        Subject: CN=c0e00df67fcf329fa73429d995d525bb46073d1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8b:f0:b0:3f:f0:8b:75:48:f9:68:f7:93:99:
                    f3:cc:fe:b1:d4:82:2a:9f:6e:62:87:71:ed:00:0b:
                    a5:8b:ca:c5:0e:e1:bf:8e:d2:46:b7:b4:04:05:7c:
                    b5:b5:d8:be:c8:da:21:37:25:ca:ea:4f:a9:e1:62:
                    b8:50:43:8b:a0:64:9d:1f:9c:dd:10:4e:36:ba:36:
                    95:d7:a4:3f:ee:7d:8d:0a:76:2c:2b:f3:07:07:57:
                    e7:14:46:7f:22:3e:0e:9a:5f:b7:85:f2:f9:de:d3:
                    49:78:f1:dd:63:8a:3d:10:fb:6f:39:8c:b5:75:bb:
                    ec:66:60:64:e5:0c:1f:ad:2d:df:6b:7f:77:37:1d:
                    85:26:9e:fd:0e:14:cb:1b:93:b7:8e:f0:47:8e:e0:
                    7b:c7:cb:61:e9:a0:8a:13:6f:53:8b:ef:bc:a4:43:
                    be:f2:61:39:39:87:b4:c6:2c:b1:ee:18:ba:93:da:
                    eb:81:64:ad:9e:f4:50:77:10:4b:4f:bb:99:d9:0c:
                    f3:70:37:55:f5:94:50:c7:8c:91:14:ce:c6:9e:e4:
                    dd:0b:6c:5c:28:e7:26:1a:df:6d:35:0d:67:ff:b5:
                    81:23:46:15:13:6c:67:a8:d7:45:1a:4d:0c:6d:e9:
                    5e:67:ed:14:37:82:7c:a7:4e:7e:00:b8:9f:dd:10:
                    35:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:E0:0D:F6:7F:CF:32:9F:A7:34:29:D9:95:D5:25:BB:46:07:3D:1B
            X509v3 Authority Key Identifier:
                keyid:E1:F2:CA:95:18:23:31:4A:5F:4D:10:A6:6A:78:22:39:8F:B8:89:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fLKlRgjMUpfTRCmangiOY-4iWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/4f69aa-213a-497b-b059-d2884a19be0a/1/4fLKlRgjMUpfTRCmangiOY-4iWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:80:20:7c:d8:af:dc:dc:35:ee:1f:f2:c4:1f:95:bc:41:08:
         2f:41:07:14:72:d0:60:e9:85:70:44:6d:52:bf:e5:d7:0f:ec:
         1c:91:ed:2e:64:13:d5:61:d0:cf:2e:67:c8:49:ed:c8:3d:bd:
         83:ea:c3:3d:e6:79:74:84:96:20:42:12:cd:85:10:1b:3d:fd:
         2f:df:2e:4b:ca:d8:09:83:eb:d8:07:e6:50:37:19:87:4e:2f:
         af:1c:65:78:64:b1:13:18:bb:50:75:60:87:48:95:88:f0:a6:
         b3:87:98:40:95:4c:a5:fa:e2:63:49:1a:82:43:1b:c9:32:20:
         e1:91:21:73:9a:fa:c8:5e:f9:78:dd:5d:6d:ac:06:5d:92:d8:
         d7:09:82:73:b6:85:03:b2:b5:25:95:1b:0c:a1:98:f7:0c:03:
         c4:e7:18:2c:bb:59:45:18:a1:ba:eb:be:15:71:d2:32:a5:32:
         67:c0:db:43:0f:1a:2e:8f:08:7b:b1:ca:4b:e4:c8:d2:87:a4:
         9b:cd:08:7c:5f:67:f6:04:4e:66:70:3b:c9:fd:62:ba:91:69:
         4c:10:f0:1f:1a:e6:03:b9:d3:cc:ba:f7:c5:7f:d8:c4:e0:88:
         02:20:d2:c0:90:d4:86:37:f9:9e:d7:cb:81:74:7e:34:8f:8c:
         0e:dc:f2:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh/eVtAgeY0qt0/M8JR4Xc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZjJjYTk1MTgyMzMxNGE1ZjRkMTBhNjZhNzgyMjM5OGZi
ODg5NmIwHhcNMjUwODA2MTMwMTU2WhcNMjUwODA3MTMwMTU2WjAzMTEwLwYDVQQD
EyhjMGUwMGRmNjdmY2YzMjlmYTczNDI5ZDk5NWQ1MjViYjQ2MDczZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYvwsD/wi3VI+Wj3k5nzzP6x1IIq
n25ih3HtAAuli8rFDuG/jtJGt7QEBXy1tdi+yNohNyXK6k+p4WK4UEOLoGSdH5zd
EE42ujaV16Q/7n2NCnYsK/MHB1fnFEZ/Ij4Oml+3hfL53tNJePHdY4o9EPtvOYy1
dbvsZmBk5QwfrS3fa393Nx2FJp79DhTLG5O3jvBHjuB7x8th6aCKE29Ti++8pEO+
8mE5OYe0xiyx7hi6k9rrgWStnvRQdxBLT7uZ2QzzcDdV9ZRQx4yRFM7GnuTdC2xc
KOcmGt9tNQ1n/7WBI0YVE2xnqNdFGk0MbeleZ+0UN4J8p05+ALif3RA1pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDgDfZ/zzKfpzQp2ZXVJbtGBz0bMB8GA1UdIwQY
MBaAFOHyypUYIzFKX00Qpmp4IjmPuIlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGZMS2xSZ2pNVXBmVFJDbWFuZ2lPWS00aVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC80ZjY5YWEtMjEzYS00OTdiLWIwNTkt
ZDI4ODRhMTliZTBhLzEvNGZMS2xSZ2pNVXBmVFJDbWFuZ2lPWS00aVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC80ZjY5YWEtMjEzYS00OTdiLWIwNTktZDI4ODRhMTliZTBh
LzEvNGZMS2xSZ2pNVXBmVFJDbWFuZ2lPWS00aVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlIAgfNiv
3Nw17h/yxB+VvEEIL0EHFHLQYOmFcERtUr/l1w/sHJHtLmQT1WHQzy5nyEntyD29
g+rDPeZ5dISWIEISzYUQGz39L98uS8rYCYPr2AfmUDcZh04vrxxleGSxExi7UHVg
h0iViPCms4eYQJVMpfriY0kagkMbyTIg4ZEhc5r6yF75eN1dbawGXZLY1wmCc7aF
A7K1JZUbDKGY9wwDxOcYLLtZRRihuuu+FXHSMqUyZ8DbQw8aLo8Ie7HKS+TI0oek
m80IfF9n9gROZnA7yf1iupFpTBDwHxrmA7nTzLr3xX/YxOCIAiDSwJDUhjf5ntfL
gXR+NI+MDtzyhw==
-----END CERTIFICATE-----