Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
File:                     SVfItkDqWWxdEac7PSZu54w_Cds.mft (raw, json)
Hash identifier:          /XQeLD5Ys5MtuN3HNv4xaiL0P/ebVWlVlWnfSyTsqFM=
Subject key identifier:   A9:66:D1:A6:40:96:0F:6A:7F:6D:78:1B:BB:1A:63:3A:7E:2F:3D:6C
Authority key identifier: 49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB
Certificate issuer:       /CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
Certificate serial:       01988F90B9D7E60D3E502A04986D195A90E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
Manifest number:          08B3
Signing time:             Sat 09 Aug 2025 16:01:23 +0000
Manifest this update:     Sat 09 Aug 2025 16:01:23 +0000
Manifest next update:     Sun 10 Aug 2025 16:01:23 +0000
Files and hashes:         1: SVfItkDqWWxdEac7PSZu54w_Cds.crl (hash: Fl290tmZHYO3ln4lFEA3anlasVCjtZtx0n60uJcbePw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8f:90:b9:d7:e6:0d:3e:50:2a:04:98:6d:19:5a:90:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
        Validity
            Not Before: Aug  9 16:01:23 2025 GMT
            Not After : Aug 10 16:01:23 2025 GMT
        Subject: CN=a966d1a640960f6a7f6d781bbb1a633a7e2f3d6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:7f:c5:96:c6:07:87:07:5a:72:82:53:55:9f:
                    ad:2d:6d:68:4e:f0:96:dd:95:9c:44:e3:3e:de:62:
                    58:a3:ad:52:d7:ff:d6:f0:b8:f1:35:bf:87:ea:64:
                    8f:3a:ea:41:fc:bc:a7:63:7a:29:11:55:43:78:d4:
                    bb:1b:c7:5c:52:d7:5c:23:86:04:26:39:6c:c7:f4:
                    4f:5d:16:9b:b8:e2:10:89:e7:b4:68:0b:ab:aa:4c:
                    39:7c:24:5c:1b:be:0d:b5:c2:3f:45:ec:2d:01:6e:
                    e2:06:fd:fe:21:9b:ef:ad:f3:ef:6b:d7:24:e9:95:
                    0c:26:61:25:cc:21:99:0c:e5:64:77:3b:1c:91:35:
                    cd:93:7a:4a:11:90:0c:c3:68:cd:b9:af:13:bd:2b:
                    5d:17:fc:02:21:63:dd:83:fe:5b:f4:71:e5:c9:f0:
                    01:ce:16:ca:8b:4f:ad:85:cc:4a:c3:6f:05:48:e8:
                    05:34:69:4c:14:e5:28:57:fa:37:6c:a7:ae:2b:be:
                    dd:bc:d3:42:78:de:aa:70:f4:d0:83:9c:4a:08:e6:
                    d7:f7:7d:2e:ec:ed:c9:8f:33:09:b5:2f:bf:33:61:
                    82:5d:aa:4e:61:2c:35:41:36:b6:e8:f6:a2:56:6c:
                    58:44:d1:eb:0a:f6:18:4f:31:c2:c8:7a:14:31:27:
                    4f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:66:D1:A6:40:96:0F:6A:7F:6D:78:1B:BB:1A:63:3A:7E:2F:3D:6C
            X509v3 Authority Key Identifier:
                keyid:49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:ac:a9:79:d8:c6:db:94:f0:d4:0b:f6:81:c3:3c:93:42:7d:
         f3:0a:68:72:62:dd:46:e1:c6:27:8e:5d:8c:79:41:b2:7e:d3:
         8e:92:e6:6e:d4:bb:5b:6d:91:72:2a:a6:e4:92:82:be:a2:a6:
         52:78:14:cf:fd:4e:19:bb:0c:e1:8b:2c:b6:9f:fb:92:21:76:
         cb:05:14:b5:39:b7:87:91:3e:a8:15:97:fc:32:c4:6c:91:33:
         ab:0f:5f:c4:38:d7:14:76:c9:ad:77:12:07:f7:e4:47:d7:5b:
         31:36:0e:aa:b8:6f:35:7e:fb:f9:d2:23:ac:f7:fb:59:04:42:
         c5:cb:6a:1f:b7:5a:15:2f:26:77:05:60:02:ef:b3:de:57:84:
         2b:ad:42:1d:23:cd:07:3a:d5:b3:24:61:22:1e:c9:d2:74:08:
         b6:2b:ae:ca:24:fa:fa:8f:be:51:a0:be:f5:91:90:33:6f:57:
         8c:e9:2c:66:b3:24:4b:ec:f3:a1:32:cb:db:11:f3:4c:bd:b0:
         08:1a:3f:a6:4c:ec:d8:7f:63:44:16:69:68:c2:c9:9c:d6:1f:
         f9:90:31:92:da:95:60:3e:2f:4d:8e:26:a0:da:40:ef:38:b6:
         5f:d2:ca:7e:2c:7f:fa:4e:ca:b4:6c:fb:26:11:9a:53:f6:0c:
         92:25:60:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPkLnX5g0+UCoEmG0ZWpDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTdjOGI2NDBlYTU5NmM1ZDExYTczYjNkMjY2ZWU3OGMz
ZjA5ZGIwHhcNMjUwODA5MTYwMTIzWhcNMjUwODEwMTYwMTIzWjAzMTEwLwYDVQQD
EyhhOTY2ZDFhNjQwOTYwZjZhN2Y2ZDc4MWJiYjFhNjMzYTdlMmYzZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyn/FlsYHhwdacoJTVZ+tLW1oTvCW
3ZWcROM+3mJYo61S1//W8LjxNb+H6mSPOupB/LynY3opEVVDeNS7G8dcUtdcI4YE
Jjlsx/RPXRabuOIQiee0aAurqkw5fCRcG74NtcI/RewtAW7iBv3+IZvvrfPva9ck
6ZUMJmElzCGZDOVkdzsckTXNk3pKEZAMw2jNua8TvStdF/wCIWPdg/5b9HHlyfAB
zhbKi0+thcxKw28FSOgFNGlMFOUoV/o3bKeuK77dvNNCeN6qcPTQg5xKCObX930u
7O3JjzMJtS+/M2GCXapOYSw1QTa26PaiVmxYRNHrCvYYTzHCyHoUMSdPnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlm0aZAlg9qf214G7saYzp+Lz1sMB8GA1UdIwQY
MBaAFElXyLZA6llsXRGnOz0mbueMPwnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWIt
YmZlMWUxNzNkOGYwLzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWItYmZlMWUxNzNkOGYw
LzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT6ypedjG
25Tw1Av2gcM8k0J98wpocmLdRuHGJ45djHlBsn7TjpLmbtS7W22Rciqm5JKCvqKm
UngUz/1OGbsM4Ysstp/7kiF2ywUUtTm3h5E+qBWX/DLEbJEzqw9fxDjXFHbJrXcS
B/fkR9dbMTYOqrhvNX77+dIjrPf7WQRCxctqH7daFS8mdwVgAu+z3leEK61CHSPN
BzrVsyRhIh7J0nQItiuuyiT6+o++UaC+9ZGQM29XjOksZrMkS+zzoTLL2xHzTL2w
CBo/pkzs2H9jRBZpaMLJnNYf+ZAxktqVYD4vTY4moNpA7zi2X9LKfix/+k7KtGz7
JhGaU/YMkiVgeQ==
-----END CERTIFICATE-----