Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.mft
File:                     TOlmOD4HjvQLXtgi5uKjAbBRDs4.mft (raw, json)
Hash identifier:          FFJUq/L8cy0oaClu81LZfuNBX8GSha6kdCaR463/5mU=
Subject key identifier:   9E:6E:BE:46:B4:A1:46:AA:EB:D4:9E:0E:C7:35:D2:BA:27:35:61:3C
Authority key identifier: 4C:E9:66:38:3E:07:8E:F4:0B:5E:D8:22:E6:E2:A3:01:B0:51:0E:CE
Certificate issuer:       /CN=4ce966383e078ef40b5ed822e6e2a301b0510ece
Certificate serial:       0198741959EF22922EFB574EBE97F5FD4B39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TOlmOD4HjvQLXtgi5uKjAbBRDs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.mft
Manifest number:          1613
Signing time:             Mon 04 Aug 2025 08:01:15 +0000
Manifest this update:     Mon 04 Aug 2025 08:01:15 +0000
Manifest next update:     Tue 05 Aug 2025 08:01:15 +0000
Files and hashes:         1: TOlmOD4HjvQLXtgi5uKjAbBRDs4.crl (hash: vrVAnoM8ASwx6aB369BPUjPLV2WNOvU3v9pilZofoL0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TOlmOD4HjvQLXtgi5uKjAbBRDs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 08:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:19:59:ef:22:92:2e:fb:57:4e:be:97:f5:fd:4b:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ce966383e078ef40b5ed822e6e2a301b0510ece
        Validity
            Not Before: Aug  4 08:01:15 2025 GMT
            Not After : Aug  5 08:01:15 2025 GMT
        Subject: CN=9e6ebe46b4a146aaebd49e0ec735d2ba2735613c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:da:44:fa:96:06:6f:f3:d5:9b:37:b8:6f:12:
                    4c:e2:4c:4b:4c:c1:01:21:f8:c8:3f:ab:8f:98:64:
                    88:e9:a1:99:c1:dd:14:a9:bb:73:55:69:8b:86:53:
                    56:b8:79:74:34:0e:17:1e:1e:b6:68:d0:31:24:b5:
                    0a:52:f2:8d:3d:cb:ab:ef:43:44:02:eb:88:99:1b:
                    e5:89:f0:59:85:4e:eb:3c:6a:0e:93:bc:45:fa:77:
                    27:b1:77:04:5a:56:4d:72:58:fe:b0:7b:f5:ef:a4:
                    cd:f5:0a:12:de:5c:a7:39:25:b9:96:7f:f0:3b:43:
                    2a:73:74:e8:29:72:9a:50:4e:8c:42:2b:26:0e:90:
                    14:c1:cd:d3:82:49:83:b4:45:1c:ee:99:71:7b:77:
                    21:70:93:de:39:93:d6:58:26:38:41:20:67:e0:97:
                    e7:d9:98:f1:ae:ba:e4:ee:49:c4:38:77:1f:b7:0b:
                    bc:94:24:55:c6:d8:25:7d:ce:11:c0:9a:c2:d4:18:
                    74:e3:b6:c4:49:cb:e1:9f:f2:1d:65:ac:01:0f:eb:
                    0a:c6:bd:0e:f6:38:c4:91:2c:18:e8:33:90:1d:5a:
                    37:ea:96:67:f3:25:6c:e6:08:e7:ed:66:3f:2b:e9:
                    24:5b:39:1f:1b:e4:7b:91:67:7c:79:5f:10:ee:fc:
                    d7:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:6E:BE:46:B4:A1:46:AA:EB:D4:9E:0E:C7:35:D2:BA:27:35:61:3C
            X509v3 Authority Key Identifier:
                keyid:4C:E9:66:38:3E:07:8E:F4:0B:5E:D8:22:E6:E2:A3:01:B0:51:0E:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOlmOD4HjvQLXtgi5uKjAbBRDs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/66bb8b-cc0d-4d33-8b47-3723d6e6b6ef/1/TOlmOD4HjvQLXtgi5uKjAbBRDs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:89:1c:13:dd:0a:db:33:06:eb:f3:1b:65:51:8b:e7:d6:30:
         74:a4:a0:a8:d6:05:4f:8a:f7:82:70:ef:5c:77:c2:06:25:cc:
         b6:ee:28:ae:c0:72:1e:53:d8:a4:87:e9:3e:c5:54:03:a0:8d:
         f2:b6:96:16:b1:f1:ab:ce:21:ff:f9:2f:79:ca:2e:5a:49:3b:
         b0:42:6e:14:8e:3c:9a:40:14:20:dc:8a:bb:45:28:6a:3e:f1:
         b9:82:50:2f:9f:92:8e:9c:a3:2a:54:54:72:61:90:ad:28:0b:
         29:22:18:e0:32:1a:a8:e6:bf:a0:61:3f:7e:8a:96:94:e9:a0:
         41:50:b3:88:97:ee:fa:16:d7:ab:aa:a8:49:48:c2:4b:42:97:
         11:b3:8e:9e:74:32:75:b2:9c:5a:70:78:8c:64:de:05:39:0b:
         0e:b6:d8:6f:51:86:66:01:01:9d:cb:b5:3d:d8:f6:95:cb:ff:
         68:af:b8:10:cc:d1:31:1a:40:11:e8:68:94:ac:c9:dd:7d:2e:
         91:ac:9c:15:2a:48:b0:9e:5f:bd:69:d7:52:a8:89:59:d3:ed:
         32:6c:f1:ef:f1:c7:9a:92:44:e6:98:97:7c:ec:40:76:1a:ee:
         20:97:25:1d:fe:f4:d4:c3:28:83:5f:5a:80:eb:23:8a:80:11:
         82:8c:4a:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0GVnvIpIu+1dOvpf1/Us5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTk2NjM4M2UwNzhlZjQwYjVlZDgyMmU2ZTJhMzAxYjA1
MTBlY2UwHhcNMjUwODA0MDgwMTE1WhcNMjUwODA1MDgwMTE1WjAzMTEwLwYDVQQD
Eyg5ZTZlYmU0NmI0YTE0NmFhZWJkNDllMGVjNzM1ZDJiYTI3MzU2MTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNpE+pYGb/PVmze4bxJM4kxLTMEB
IfjIP6uPmGSI6aGZwd0UqbtzVWmLhlNWuHl0NA4XHh62aNAxJLUKUvKNPcur70NE
AuuImRvlifBZhU7rPGoOk7xF+ncnsXcEWlZNclj+sHv176TN9QoS3lynOSW5ln/w
O0Mqc3ToKXKaUE6MQismDpAUwc3TgkmDtEUc7plxe3chcJPeOZPWWCY4QSBn4Jfn
2Zjxrrrk7knEOHcftwu8lCRVxtglfc4RwJrC1Bh047bEScvhn/IdZawBD+sKxr0O
9jjEkSwY6DOQHVo36pZn8yVs5gjn7WY/K+kkWzkfG+R7kWd8eV8Q7vzXiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5uvka0oUaq69SeDsc10ronNWE8MB8GA1UdIwQY
MBaAFEzpZjg+B470C17YIubiowGwUQ7OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9sbU9ENEhqdlFMWHRnaTV1S2pBYkJSRHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82NmJiOGItY2MwZC00ZDMzLThiNDct
MzcyM2Q2ZTZiNmVmLzEvVE9sbU9ENEhqdlFMWHRnaTV1S2pBYkJSRHM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82NmJiOGItY2MwZC00ZDMzLThiNDctMzcyM2Q2ZTZiNmVm
LzEvVE9sbU9ENEhqdlFMWHRnaTV1S2pBYkJSRHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4kcE90K
2zMG6/MbZVGL59YwdKSgqNYFT4r3gnDvXHfCBiXMtu4orsByHlPYpIfpPsVUA6CN
8raWFrHxq84h//kvecouWkk7sEJuFI48mkAUINyKu0Uoaj7xuYJQL5+SjpyjKlRU
cmGQrSgLKSIY4DIaqOa/oGE/foqWlOmgQVCziJfu+hbXq6qoSUjCS0KXEbOOnnQy
dbKcWnB4jGTeBTkLDrbYb1GGZgEBncu1Pdj2lcv/aK+4EMzRMRpAEeholKzJ3X0u
kaycFSpIsJ5fvWnXUqiJWdPtMmzx7/HHmpJE5piXfOxAdhruIJclHf701MMog19a
gOsjioARgoxKcw==
-----END CERTIFICATE-----