Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
File:                     4tY8oFQoMuZCZPOssVYZki_s-Ds.mft (raw, json)
Hash identifier:          78i1Kfg3eXmGD4eXlXzb41vPH8dnOaSSDvNmT2zgQ0I=
Subject key identifier:   70:D7:A6:5E:8D:D9:94:F1:5A:82:83:8D:86:5C:D5:A1:05:27:E7:08
Authority key identifier: E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B
Certificate issuer:       /CN=e2d63ca0542832e64264f3acb15619922fecf83b
Certificate serial:       01987A88F0CDA880ADAFBAA560794066A507
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
Manifest number:          0EF3
Signing time:             Tue 05 Aug 2025 14:00:51 +0000
Manifest this update:     Tue 05 Aug 2025 14:00:51 +0000
Manifest next update:     Wed 06 Aug 2025 14:00:51 +0000
Files and hashes:         1: 4tY8oFQoMuZCZPOssVYZki_s-Ds.crl (hash: wBpLMi9vCGMGq9YAs26IhEPRgwOa2Gllu/79gJOr+r0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7a:88:f0:cd:a8:80:ad:af:ba:a5:60:79:40:66:a5:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d63ca0542832e64264f3acb15619922fecf83b
        Validity
            Not Before: Aug  5 14:00:51 2025 GMT
            Not After : Aug  6 14:00:51 2025 GMT
        Subject: CN=70d7a65e8dd994f15a82838d865cd5a10527e708
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fe:7f:3c:df:cc:a4:01:36:87:47:d1:53:4c:e2:
                    60:16:fa:68:1a:92:44:e9:bc:9e:3c:00:8d:a4:93:
                    e1:ca:e4:a5:8b:85:af:92:86:04:cc:3f:1a:e5:2a:
                    fa:26:53:c3:11:b1:ed:92:90:6f:c5:50:5a:10:99:
                    38:2a:0f:9f:69:b2:35:c6:a2:f6:fe:db:b7:a1:ca:
                    63:e1:0f:dd:c4:b6:99:02:a5:25:e1:95:73:fb:f3:
                    ec:5d:f9:38:2c:0e:d1:43:e6:dd:59:58:1e:63:3a:
                    ea:6c:aa:c5:02:0c:dc:8d:f7:52:ee:f8:5c:15:6b:
                    fe:b3:5e:8a:0f:70:05:5b:7a:5d:13:06:73:f8:61:
                    50:f0:ca:3e:a8:06:c8:92:3a:95:7b:f1:09:b4:28:
                    9f:c3:1f:f3:a4:fb:47:4d:6b:f6:9e:9a:73:6b:e3:
                    4c:45:14:e9:ee:91:97:02:9b:44:45:b4:7d:03:4f:
                    37:29:69:e6:99:3d:b5:14:01:28:d3:ad:dc:24:91:
                    90:6b:44:c8:c6:8b:f5:e6:b0:14:b9:8a:72:78:da:
                    dc:b2:f5:b2:99:0e:30:ca:cb:14:6d:cc:45:c8:ff:
                    46:dd:b8:af:65:d2:65:12:d2:3e:45:d1:f4:26:d4:
                    11:89:69:36:15:82:cb:8f:f7:b0:4a:29:a7:84:49:
                    7b:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:D7:A6:5E:8D:D9:94:F1:5A:82:83:8D:86:5C:D5:A1:05:27:E7:08
            X509v3 Authority Key Identifier:
                keyid:E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:79:ba:b3:6b:61:f3:fc:93:ff:43:4e:f1:f3:46:c6:2b:f7:
         7c:c5:7e:37:3d:a2:0b:7b:0b:b8:a3:42:cd:51:4a:85:1c:7e:
         0f:bb:4d:b3:b5:d0:75:1f:0d:59:d9:2e:99:0b:a1:b3:1e:db:
         ea:44:fd:60:da:09:74:d1:88:30:c6:5c:fc:a6:6b:0f:1d:bf:
         ba:1c:af:a6:16:d2:47:e0:7d:bc:63:5d:9e:1a:3e:fa:d3:cc:
         5d:76:25:72:7f:61:d3:51:32:d1:50:0e:71:4a:e2:8e:5c:8e:
         12:92:cd:af:7c:5d:2f:34:a1:4e:03:dc:8c:02:e0:af:13:ab:
         54:c8:fb:5b:ec:46:92:8f:d4:ec:76:b6:3a:2d:3b:b2:e2:2a:
         2a:6c:a4:b4:3f:ca:6f:89:2c:94:31:45:3e:4f:f0:ee:cf:8f:
         b8:eb:63:5a:71:c3:fe:f4:01:69:af:01:51:bc:ce:0c:ab:3e:
         7f:5d:db:b5:bd:c6:56:7d:64:42:68:b7:6b:6a:bf:cc:b9:6f:
         cb:fe:09:ef:8e:87:ea:37:97:f0:94:ca:59:58:34:1a:28:6e:
         13:80:e6:42:31:9c:fa:b9:91:00:b5:3a:46:a0:26:0d:80:ab:
         a6:68:fb:65:1c:50:a7:01:a5:8a:33:76:d1:db:df:42:75:d5:
         74:ae:ad:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh6iPDNqICtr7qlYHlAZqUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDYzY2EwNTQyODMyZTY0MjY0ZjNhY2IxNTYxOTkyMmZl
Y2Y4M2IwHhcNMjUwODA1MTQwMDUxWhcNMjUwODA2MTQwMDUxWjAzMTEwLwYDVQQD
Eyg3MGQ3YTY1ZThkZDk5NGYxNWE4MjgzOGQ4NjVjZDVhMTA1MjdlNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/n8838ykATaHR9FTTOJgFvpoGpJE
6byePACNpJPhyuSli4WvkoYEzD8a5Sr6JlPDEbHtkpBvxVBaEJk4Kg+fabI1xqL2
/tu3ocpj4Q/dxLaZAqUl4ZVz+/PsXfk4LA7RQ+bdWVgeYzrqbKrFAgzcjfdS7vhc
FWv+s16KD3AFW3pdEwZz+GFQ8Mo+qAbIkjqVe/EJtCifwx/zpPtHTWv2nppza+NM
RRTp7pGXAptERbR9A083KWnmmT21FAEo063cJJGQa0TIxov15rAUuYpyeNrcsvWy
mQ4wyssUbcxFyP9G3bivZdJlEtI+RdH0JtQRiWk2FYLLj/ewSimnhEl7wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDXpl6N2ZTxWoKDjYZc1aEFJ+cIMB8GA1UdIwQY
MBaAFOLWPKBUKDLmQmTzrLFWGZIv7Pg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEt
YzViMDBjYjhkOTE0LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEtYzViMDBjYjhkOTE0
LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABnm6s2th
8/yT/0NO8fNGxiv3fMV+Nz2iC3sLuKNCzVFKhRx+D7tNs7XQdR8NWdkumQuhsx7b
6kT9YNoJdNGIMMZc/KZrDx2/uhyvphbSR+B9vGNdnho++tPMXXYlcn9h01Ey0VAO
cUrijlyOEpLNr3xdLzShTgPcjALgrxOrVMj7W+xGko/U7Ha2Oi07suIqKmyktD/K
b4kslDFFPk/w7s+PuOtjWnHD/vQBaa8BUbzODKs+f13btb3GVn1kQmi3a2q/zLlv
y/4J746H6jeX8JTKWVg0GihuE4DmQjGc+rmRALU6RqAmDYCrpmj7ZRxQpwGlijN2
0dvfQnXVdK6toQ==
-----END CERTIFICATE-----