Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
File:                     H83UEOElAi3gfKWWP5L3jo-JSG4.mft (raw, json)
Hash identifier:          JAD7blZ9bUanidDzpWsWsQ6YdZdEiISMDgUCiL7aH4Y=
Subject key identifier:   14:7A:EE:25:68:03:75:2E:2B:05:EF:D2:43:03:9B:63:24:A0:9A:F6
Authority key identifier: 1F:CD:D4:10:E1:25:02:2D:E0:7C:A5:96:3F:92:F7:8E:8F:89:48:6E
Certificate issuer:       /CN=1fcdd410e125022de07ca5963f92f78e8f89486e
Certificate serial:       0198744FEF8F2992102B70E9B50744B5255A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
Manifest number:          1613
Signing time:             Mon 04 Aug 2025 09:00:52 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:52 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:52 +0000
Files and hashes:         1: H83UEOElAi3gfKWWP5L3jo-JSG4.crl (hash: W5noQSj+qDVgzafYcV6cLMxtd173P2HqYAlU2b76xlE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:ef:8f:29:92:10:2b:70:e9:b5:07:44:b5:25:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fcdd410e125022de07ca5963f92f78e8f89486e
        Validity
            Not Before: Aug  4 09:00:52 2025 GMT
            Not After : Aug  5 09:00:52 2025 GMT
        Subject: CN=147aee256803752e2b05efd243039b6324a09af6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:43:c4:cd:7e:94:ba:6d:a4:8d:41:02:91:71:
                    d8:a3:f4:a7:e9:39:06:fd:53:c6:b9:5b:f9:d2:e9:
                    43:59:e4:91:e0:74:6a:29:99:95:8f:a0:79:38:0f:
                    0f:81:a8:ba:b6:8e:1e:f4:4a:77:9c:4e:f3:b3:ec:
                    ef:13:75:53:2e:8b:b3:37:5e:c6:5b:e6:71:54:14:
                    c3:9f:24:e6:4d:f1:f9:2f:61:59:82:50:18:df:21:
                    4d:f8:a8:77:91:74:d4:11:77:5f:53:63:c4:a7:de:
                    ac:41:17:1d:e7:9e:a8:93:70:81:63:da:88:bb:19:
                    42:1a:de:36:e7:65:90:d3:5e:21:d3:84:85:5f:11:
                    94:ae:43:50:e3:c6:80:6a:67:e2:21:94:92:9c:8e:
                    6e:7d:78:05:2c:51:11:21:c6:2a:a1:41:3c:fe:19:
                    3d:f2:da:99:8a:84:c8:f9:cc:d6:31:67:04:9a:a2:
                    af:a0:64:25:91:84:77:c6:c6:47:1e:56:7a:a5:7f:
                    d7:b2:cd:8e:75:fa:59:38:db:1f:bb:92:76:31:e1:
                    a8:81:cb:76:76:8a:01:c6:f9:81:95:d9:16:eb:f8:
                    1f:35:59:71:93:c5:82:43:51:4c:1d:ec:4b:85:3a:
                    46:50:94:54:da:c5:05:ee:6f:62:13:b1:d2:f9:54:
                    3d:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:7A:EE:25:68:03:75:2E:2B:05:EF:D2:43:03:9B:63:24:A0:9A:F6
            X509v3 Authority Key Identifier:
                keyid:1F:CD:D4:10:E1:25:02:2D:E0:7C:A5:96:3F:92:F7:8E:8F:89:48:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:42:64:86:1d:c1:52:57:be:44:66:a8:1f:4f:80:04:d1:18:
         df:21:d3:b3:1a:e8:e9:45:20:e6:61:77:c5:34:c8:bc:42:9d:
         77:29:7c:bd:f4:fc:10:cf:3c:ae:e6:90:2b:0d:f4:06:67:45:
         90:ec:53:3f:1e:95:55:71:6a:35:08:68:43:36:d5:85:b9:09:
         78:8b:10:03:1f:2a:88:ce:a8:69:94:de:e6:10:9f:77:12:1e:
         b4:33:d8:5d:b1:80:9a:c0:ec:12:0c:c4:0b:d5:85:d1:3b:d8:
         ca:98:a3:e6:bd:df:8d:8a:2b:87:92:4d:1e:1c:bb:47:0f:00:
         35:f9:57:c2:92:1f:7a:05:1a:b0:ac:62:66:c9:a1:25:c7:f4:
         38:ee:02:4e:af:02:bf:be:66:8d:64:ef:0b:16:5f:4b:fd:c0:
         87:08:3a:4d:b3:82:9e:eb:f9:9f:39:a8:52:e7:2a:bc:c2:60:
         43:38:6e:2e:4c:ae:b1:a5:34:1b:d7:9e:9b:fa:2d:5e:52:7d:
         c9:18:72:b8:9f:2a:51:4f:49:8e:4f:64:55:49:8d:fc:ea:44:
         56:a1:25:84:0d:d8:86:13:33:be:de:22:c6:54:b2:1f:df:27:
         61:b1:ed:96:fc:96:0d:71:ca:13:a0:e1:04:7c:c2:70:bd:af:
         fc:a5:32:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T++PKZIQK3DptQdEtSVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmY2RkNDEwZTEyNTAyMmRlMDdjYTU5NjNmOTJmNzhlOGY4
OTQ4NmUwHhcNMjUwODA0MDkwMDUyWhcNMjUwODA1MDkwMDUyWjAzMTEwLwYDVQQD
EygxNDdhZWUyNTY4MDM3NTJlMmIwNWVmZDI0MzAzOWI2MzI0YTA5YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40PEzX6Uum2kjUECkXHYo/Sn6TkG
/VPGuVv50ulDWeSR4HRqKZmVj6B5OA8Pgai6to4e9Ep3nE7zs+zvE3VTLouzN17G
W+ZxVBTDnyTmTfH5L2FZglAY3yFN+Kh3kXTUEXdfU2PEp96sQRcd556ok3CBY9qI
uxlCGt4252WQ014h04SFXxGUrkNQ48aAamfiIZSSnI5ufXgFLFERIcYqoUE8/hk9
8tqZioTI+czWMWcEmqKvoGQlkYR3xsZHHlZ6pX/Xss2OdfpZONsfu5J2MeGogct2
dooBxvmBldkW6/gfNVlxk8WCQ1FMHexLhTpGUJRU2sUF7m9iE7HS+VQ90QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBR67iVoA3UuKwXv0kMDm2MkoJr2MB8GA1UdIwQY
MBaAFB/N1BDhJQIt4Hyllj+S946PiUhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZmE4MWItMWYzZi00ODJkLTk1MjUt
YWI2OWRhOGYzN2VjLzEvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZmE4MWItMWYzZi00ODJkLTk1MjUtYWI2OWRhOGYzN2Vj
LzEvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALkJkhh3B
Ule+RGaoH0+ABNEY3yHTsxro6UUg5mF3xTTIvEKddyl8vfT8EM88ruaQKw30BmdF
kOxTPx6VVXFqNQhoQzbVhbkJeIsQAx8qiM6oaZTe5hCfdxIetDPYXbGAmsDsEgzE
C9WF0TvYypij5r3fjYorh5JNHhy7Rw8ANflXwpIfegUasKxiZsmhJcf0OO4CTq8C
v75mjWTvCxZfS/3Ahwg6TbOCnuv5nzmoUucqvMJgQzhuLkyusaU0G9eem/otXlJ9
yRhyuJ8qUU9Jjk9kVUmN/OpEVqElhA3YhhMzvt4ixlSyH98nYbHtlvyWDXHKE6Dh
BHzCcL2v/KUyAw==
-----END CERTIFICATE-----