Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.mft
File:                     Fh4OrnepjDYj0XgfmvRVfTVB0ro.mft (raw, json)
Hash identifier:          ZDkW1A3MN+d5rbsvYHcO/jTIIk82S1SiBcPfu6K9idw=
Subject key identifier:   B3:FB:84:99:C7:8B:61:6A:5B:66:31:CA:6F:73:73:F4:0F:A2:28:53
Authority key identifier: 16:1E:0E:AE:77:A9:8C:36:23:D1:78:1F:9A:F4:55:7D:35:41:D2:BA
Certificate issuer:       /CN=161e0eae77a98c3623d1781f9af4557d3541d2ba
Certificate serial:       01988B7CFFE5A93C3A4F17AF9140634F9B4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fh4OrnepjDYj0XgfmvRVfTVB0ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.mft
Manifest number:          1620
Signing time:             Fri 08 Aug 2025 21:01:21 +0000
Manifest this update:     Fri 08 Aug 2025 21:01:21 +0000
Manifest next update:     Sat 09 Aug 2025 21:01:21 +0000
Files and hashes:         1: Fh4OrnepjDYj0XgfmvRVfTVB0ro.crl (hash: jCBaRXRWJamR9Zn+dLl/FS0qE9bsLynmemhFegSBptg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Fh4OrnepjDYj0XgfmvRVfTVB0ro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:7c:ff:e5:a9:3c:3a:4f:17:af:91:40:63:4f:9b:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=161e0eae77a98c3623d1781f9af4557d3541d2ba
        Validity
            Not Before: Aug  8 21:01:21 2025 GMT
            Not After : Aug  9 21:01:21 2025 GMT
        Subject: CN=b3fb8499c78b616a5b6631ca6f7373f40fa22853
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:cb:c7:bb:69:8a:e3:0d:c7:f8:9a:59:9f:bf:
                    9b:11:a9:2e:01:aa:60:f4:4f:aa:aa:ea:b3:21:fc:
                    90:12:b4:ea:1d:db:b3:35:46:77:a2:7c:32:d4:c8:
                    09:54:3e:52:1e:6a:1d:32:55:58:31:c3:38:0d:79:
                    80:df:30:42:30:62:89:19:bf:22:78:e3:82:70:44:
                    ff:fd:32:b9:fb:c4:bf:90:cd:dc:43:b0:89:ad:7c:
                    82:27:05:d3:f5:5b:9e:2b:d9:cf:a4:e0:6f:a1:df:
                    ee:45:ce:32:81:82:0a:b2:4a:c5:62:6e:d7:c8:57:
                    fb:be:68:a7:e3:58:5c:3c:43:e3:40:7b:55:91:5b:
                    db:79:91:dd:2a:fc:66:9b:2c:49:7e:63:01:ea:b6:
                    c8:f2:d7:67:33:cd:12:0a:ec:5c:62:f4:a7:df:58:
                    0d:b5:aa:ce:ba:01:b6:c5:1d:66:f5:32:75:93:57:
                    76:7d:33:34:61:7d:99:fd:58:f1:17:86:60:99:84:
                    b3:46:61:f4:40:19:0e:0e:97:bc:31:ce:3a:4c:99:
                    9a:79:0c:3f:07:a4:dc:34:0f:36:5b:88:4e:70:1d:
                    08:15:c6:ad:91:21:47:76:7c:69:b2:f8:82:10:1a:
                    1c:23:42:6f:9e:14:46:e4:de:44:b3:41:6c:ff:e5:
                    fb:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:FB:84:99:C7:8B:61:6A:5B:66:31:CA:6F:73:73:F4:0F:A2:28:53
            X509v3 Authority Key Identifier:
                keyid:16:1E:0E:AE:77:A9:8C:36:23:D1:78:1F:9A:F4:55:7D:35:41:D2:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fh4OrnepjDYj0XgfmvRVfTVB0ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/969708-e4b9-4ab2-b50b-29dc953620c1/1/Fh4OrnepjDYj0XgfmvRVfTVB0ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:fd:cc:98:04:68:00:3e:8f:5b:48:ab:a2:a6:d9:b2:80:79:
         89:ca:b9:d7:3c:ea:40:6e:ce:ff:91:dc:7d:4a:27:ba:03:20:
         4d:42:4e:08:a3:9f:51:83:82:2d:10:d1:5e:65:b8:3d:f9:99:
         4e:f5:66:b5:2c:40:2e:c6:1a:04:d7:7e:10:19:04:06:5a:dd:
         13:45:76:97:aa:4f:09:6d:a9:95:fd:1f:cc:07:75:3f:4c:83:
         25:67:97:29:71:4e:6e:19:78:49:ae:46:ba:10:31:5b:c2:19:
         8e:30:47:5f:c9:b2:6b:b3:54:31:2f:d9:3d:00:21:e6:15:88:
         db:0a:05:e4:62:4f:d8:80:3e:46:7d:be:42:75:1c:21:8c:8f:
         47:a9:68:32:c5:80:92:03:82:47:a7:91:f6:58:5c:bc:5f:4f:
         d6:5a:95:c2:f3:41:35:d7:3c:83:9c:3b:f5:96:f5:6f:fd:0c:
         2e:fa:80:90:fc:b2:d8:22:5a:98:4e:57:2e:37:a3:18:be:21:
         7b:76:47:81:d0:fc:be:a6:51:9d:c7:d7:dc:ff:a6:53:a9:1b:
         77:71:d9:a7:53:b5:f1:16:2a:f9:c3:75:f1:28:9d:ec:57:a1:
         ad:60:c6:55:ce:54:36:e8:70:2c:55:7f:49:40:88:c0:32:62:
         d8:7a:12:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfP/lqTw6TxevkUBjT5tKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MWUwZWFlNzdhOThjMzYyM2QxNzgxZjlhZjQ1NTdkMzU0
MWQyYmEwHhcNMjUwODA4MjEwMTIxWhcNMjUwODA5MjEwMTIxWjAzMTEwLwYDVQQD
EyhiM2ZiODQ5OWM3OGI2MTZhNWI2NjMxY2E2ZjczNzNmNDBmYTIyODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8vHu2mK4w3H+JpZn7+bEakuAapg
9E+qquqzIfyQErTqHduzNUZ3onwy1MgJVD5SHmodMlVYMcM4DXmA3zBCMGKJGb8i
eOOCcET//TK5+8S/kM3cQ7CJrXyCJwXT9VueK9nPpOBvod/uRc4ygYIKskrFYm7X
yFf7vmin41hcPEPjQHtVkVvbeZHdKvxmmyxJfmMB6rbI8tdnM80SCuxcYvSn31gN
tarOugG2xR1m9TJ1k1d2fTM0YX2Z/VjxF4ZgmYSzRmH0QBkODpe8Mc46TJmaeQw/
B6TcNA82W4hOcB0IFcatkSFHdnxpsviCEBocI0JvnhRG5N5Es0Fs/+X7ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLP7hJnHi2FqW2Yxym9zc/QPoihTMB8GA1UdIwQY
MBaAFBYeDq53qYw2I9F4H5r0VX01QdK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmg0T3JuZXBqRFlqMFhnZm12UlZmVFZCMHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85Njk3MDgtZTRiOS00YWIyLWI1MGIt
MjlkYzk1MzYyMGMxLzEvRmg0T3JuZXBqRFlqMFhnZm12UlZmVFZCMHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85Njk3MDgtZTRiOS00YWIyLWI1MGItMjlkYzk1MzYyMGMx
LzEvRmg0T3JuZXBqRFlqMFhnZm12UlZmVFZCMHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmv3MmARo
AD6PW0iroqbZsoB5icq51zzqQG7O/5HcfUonugMgTUJOCKOfUYOCLRDRXmW4PfmZ
TvVmtSxALsYaBNd+EBkEBlrdE0V2l6pPCW2plf0fzAd1P0yDJWeXKXFObhl4Sa5G
uhAxW8IZjjBHX8mya7NUMS/ZPQAh5hWI2woF5GJP2IA+Rn2+QnUcIYyPR6loMsWA
kgOCR6eR9lhcvF9P1lqVwvNBNdc8g5w79Zb1b/0MLvqAkPyy2CJamE5XLjejGL4h
e3ZHgdD8vqZRncfX3P+mU6kbd3HZp1O18RYq+cN18Sid7FehrWDGVc5UNuhwLFV/
SUCIwDJi2HoSuw==
-----END CERTIFICATE-----