Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
File:                     CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft (raw, json)
Hash identifier:          jXq90HWnzXMl/w/g4frrXZk99zFsBNWv0DsX7gGmkr8=
Subject key identifier:   43:6F:3C:00:81:73:5C:88:37:AD:0D:3C:31:F6:28:BE:BA:6D:1A:82
Authority key identifier: 08:A8:B8:FE:0C:88:5A:45:F2:48:55:23:34:2E:9B:A8:DC:89:E6:8F
Certificate issuer:       /CN=08a8b8fe0c885a45f2485523342e9ba8dc89e68f
Certificate serial:       01989C70E3A5B1538D6475DC4547DE0F3B6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
Manifest number:          043B
Signing time:             Tue 12 Aug 2025 04:01:40 +0000
Manifest this update:     Tue 12 Aug 2025 04:01:40 +0000
Manifest next update:     Wed 13 Aug 2025 04:01:40 +0000
Files and hashes:         1: CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl (hash: x/Q2ZKhKm9i9rTBH8xvX7KNy6qgAB83GXn7H3o7WO60=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 04:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9c:70:e3:a5:b1:53:8d:64:75:dc:45:47:de:0f:3b:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08a8b8fe0c885a45f2485523342e9ba8dc89e68f
        Validity
            Not Before: Aug 12 04:01:40 2025 GMT
            Not After : Aug 13 04:01:40 2025 GMT
        Subject: CN=436f3c0081735c8837ad0d3c31f628beba6d1a82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ef:77:40:b6:6a:26:04:91:52:e2:3c:66:14:
                    3f:8e:4c:ca:6a:f1:e1:b3:94:ec:db:62:6d:bb:b5:
                    29:4d:56:ac:d3:75:78:fa:32:50:0a:bf:ff:3e:34:
                    0b:bf:15:ca:5c:29:e6:73:4c:46:47:f2:d3:6d:df:
                    93:38:a8:89:74:ee:95:72:d4:34:d0:5c:d6:45:0a:
                    d1:f9:1b:9d:54:54:b7:18:6e:85:fa:48:e6:37:f8:
                    ce:7f:00:29:e4:40:02:86:f0:55:fd:f5:33:6e:9f:
                    b8:7e:bc:d9:3a:7c:64:8e:d3:3f:91:16:33:b6:ca:
                    0d:a4:09:ad:07:b2:74:02:48:8c:b6:25:06:20:63:
                    7a:1c:e0:fa:28:22:2b:e9:f7:e0:39:3b:35:57:e4:
                    98:fb:57:d2:ef:a9:f2:ba:93:6b:95:2d:5e:0d:6c:
                    bf:6c:cf:8e:59:4c:61:f7:70:fb:34:d2:c8:63:1e:
                    56:ec:38:5b:e4:e3:0c:c3:65:b8:38:c0:71:d6:2e:
                    73:fb:2a:27:61:cc:c0:7f:60:e1:ea:3e:f1:6d:33:
                    b5:4f:27:18:26:94:4d:89:56:4b:03:10:30:98:d5:
                    ef:fc:85:2e:b1:70:0e:c5:eb:cf:f8:b4:37:a4:3b:
                    93:a7:c8:83:c1:f6:bf:61:18:f3:e2:e4:8d:04:56:
                    cb:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:6F:3C:00:81:73:5C:88:37:AD:0D:3C:31:F6:28:BE:BA:6D:1A:82
            X509v3 Authority Key Identifier:
                keyid:08:A8:B8:FE:0C:88:5A:45:F2:48:55:23:34:2E:9B:A8:DC:89:E6:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:d5:f5:71:ec:19:6f:2d:62:5d:ae:b4:00:da:3e:b5:11:07:
         4f:52:c4:4c:03:d1:59:a6:ce:4a:65:d6:b8:45:ae:ca:d1:3c:
         10:f4:30:d9:3b:f7:c1:f6:48:23:c0:7b:7e:69:5c:4b:96:f9:
         f6:7e:67:33:fd:7d:84:88:97:b9:a8:b8:66:d3:9e:70:2b:05:
         92:0a:70:a0:7e:4e:71:25:4f:49:c2:b2:08:14:59:50:29:de:
         92:f9:0b:12:40:3c:4b:0a:b8:1b:cc:a5:9c:64:e1:56:cb:50:
         4e:04:79:a6:96:e5:e3:30:5a:a5:ca:ea:15:c2:4a:cb:ee:81:
         f5:81:b2:6c:d0:85:df:c9:cd:3a:87:12:ca:0f:5c:a9:c8:a9:
         22:4c:1b:a6:b7:bc:1f:9d:52:7d:d0:ad:ff:42:60:e4:7e:e5:
         b4:09:e4:13:fa:ef:5c:ba:3d:c5:fc:fc:80:67:90:d1:c5:cc:
         88:ad:a6:bd:68:89:12:8e:d1:a3:96:68:51:88:9d:ea:07:08:
         fa:59:43:f1:c3:5e:b3:f9:e9:bf:c5:98:35:f6:a9:3f:33:28:
         ea:4d:92:4f:72:7d:4a:70:92:f9:18:45:f4:5b:a3:b1:1e:eb:
         00:0b:14:91:f6:de:ca:fc:86:fb:de:3f:c3:84:2f:9f:6c:20:
         f2:f7:3c:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiccOOlsVONZHXcRUfeDztuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YThiOGZlMGM4ODVhNDVmMjQ4NTUyMzM0MmU5YmE4ZGM4
OWU2OGYwHhcNMjUwODEyMDQwMTQwWhcNMjUwODEzMDQwMTQwWjAzMTEwLwYDVQQD
Eyg0MzZmM2MwMDgxNzM1Yzg4MzdhZDBkM2MzMWY2MjhiZWJhNmQxYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO93QLZqJgSRUuI8ZhQ/jkzKavHh
s5Ts22Jtu7UpTVas03V4+jJQCr//PjQLvxXKXCnmc0xGR/LTbd+TOKiJdO6VctQ0
0FzWRQrR+RudVFS3GG6F+kjmN/jOfwAp5EAChvBV/fUzbp+4frzZOnxkjtM/kRYz
tsoNpAmtB7J0AkiMtiUGIGN6HOD6KCIr6ffgOTs1V+SY+1fS76nyupNrlS1eDWy/
bM+OWUxh93D7NNLIYx5W7Dhb5OMMw2W4OMBx1i5z+yonYczAf2Dh6j7xbTO1TycY
JpRNiVZLAxAwmNXv/IUusXAOxevP+LQ3pDuTp8iDwfa/YRjz4uSNBFbLfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENvPACBc1yIN60NPDH2KL66bRqCMB8GA1UdIwQY
MBaAFAiouP4MiFpF8khVIzQum6jcieaPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mOGU1OTktYjU3YS00NGEyLTljMzUt
OWVlNTM0NDJjM2U5LzEvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mOGU1OTktYjU3YS00NGEyLTljMzUtOWVlNTM0NDJjM2U5
LzEvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgNX1cewZ
by1iXa60ANo+tREHT1LETAPRWabOSmXWuEWuytE8EPQw2Tv3wfZII8B7fmlcS5b5
9n5nM/19hIiXuai4ZtOecCsFkgpwoH5OcSVPScKyCBRZUCnekvkLEkA8Swq4G8yl
nGThVstQTgR5ppbl4zBapcrqFcJKy+6B9YGybNCF38nNOocSyg9cqcipIkwbpre8
H51SfdCt/0Jg5H7ltAnkE/rvXLo9xfz8gGeQ0cXMiK2mvWiJEo7Ro5ZoUYid6gcI
+llD8cNes/npv8WYNfapPzMo6k2ST3J9SnCS+RhF9FujsR7rAAsUkfbeyvyG+94/
w4Qvn2wg8vc8cg==
-----END CERTIFICATE-----