Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
File:                     5IKZWNgAyhrebhPKeygLIpzmYC4.mft (raw, json)
Hash identifier:          lrgGLx92L3UCy9BBEpI+qkkdrdFJXDkVWSdNGX7ZIuE=
Subject key identifier:   3B:4B:00:8E:7B:B1:E6:B1:8E:4E:1F:7E:3D:DD:B5:FC:25:A2:47:F6
Authority key identifier: E4:82:99:58:D8:00:CA:1A:DE:6E:13:CA:7B:28:0B:22:9C:E6:60:2E
Certificate issuer:       /CN=e4829958d800ca1ade6e13ca7b280b229ce6602e
Certificate serial:       019873E310F2826ABDBDBE5DC6A404F16330
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
Manifest number:          1614
Signing time:             Mon 04 Aug 2025 07:01:57 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:57 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:57 +0000
Files and hashes:         1: 5IKZWNgAyhrebhPKeygLIpzmYC4.crl (hash: aLqXLu30IjzKQMwtp9zKKeHATM7Urcxd2aDRa8toFkw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:10:f2:82:6a:bd:bd:be:5d:c6:a4:04:f1:63:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4829958d800ca1ade6e13ca7b280b229ce6602e
        Validity
            Not Before: Aug  4 07:01:57 2025 GMT
            Not After : Aug  5 07:01:57 2025 GMT
        Subject: CN=3b4b008e7bb1e6b18e4e1f7e3dddb5fc25a247f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:95:61:84:65:79:95:bb:b3:2c:8d:53:94:d1:
                    48:0e:8f:4d:46:6a:29:4e:a3:38:47:86:a4:2a:04:
                    68:38:6a:93:5f:51:16:2b:ec:01:c4:4d:cd:d5:cd:
                    f1:59:d3:c1:7d:20:52:d9:9e:f6:47:25:0c:35:cb:
                    56:19:27:d2:bf:db:a5:87:ca:ae:d8:5e:7f:e2:f2:
                    d4:b4:c3:ba:3c:1f:62:8e:43:2e:d0:30:d4:67:e7:
                    99:fa:cd:ad:29:e2:45:8d:e0:12:76:0a:4f:fc:61:
                    9e:c5:be:58:b0:d4:6c:dd:4c:33:61:be:e2:3f:59:
                    60:d4:1f:81:13:ec:d8:d5:ab:ed:62:13:11:74:12:
                    1e:2e:5e:66:4e:10:b8:97:0d:13:81:39:f8:43:7d:
                    f8:15:21:c5:10:e2:ea:1e:2c:19:44:8f:d0:a5:1a:
                    eb:ad:60:15:88:cd:44:72:d4:de:78:3f:db:55:a2:
                    96:e2:ad:de:e2:81:8c:57:4b:0d:6a:f8:59:47:15:
                    04:ce:5b:b1:46:ea:8b:2a:78:62:d6:53:d7:33:5f:
                    fb:65:74:50:7f:b4:02:ed:b8:c5:03:dd:b2:16:28:
                    05:16:13:59:cc:c6:6d:56:43:0a:ba:b7:14:00:4b:
                    fa:94:6b:1c:da:64:d9:d1:db:c9:1a:7d:66:11:2b:
                    a0:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:4B:00:8E:7B:B1:E6:B1:8E:4E:1F:7E:3D:DD:B5:FC:25:A2:47:F6
            X509v3 Authority Key Identifier:
                keyid:E4:82:99:58:D8:00:CA:1A:DE:6E:13:CA:7B:28:0B:22:9C:E6:60:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:92:32:da:4c:89:59:ea:93:c7:a9:84:cf:1e:27:ff:d7:46:
         53:30:78:b0:a4:52:bc:0e:9a:84:a9:24:8e:f3:82:71:74:20:
         39:c9:c6:68:07:32:ee:0c:3f:d5:4d:0a:57:9f:75:75:38:20:
         ec:1e:bb:50:12:a2:a1:a1:46:67:c2:97:3c:ec:51:a3:54:30:
         31:c8:b8:a4:57:e8:f4:29:b3:a3:df:a4:3b:c2:eb:6c:23:a4:
         dd:ca:a3:fb:7c:6f:d7:c5:ae:2c:8b:e8:ba:68:26:de:fa:da:
         6e:4d:a4:22:6a:8c:0a:92:22:97:e1:90:3e:c4:24:ba:e1:ec:
         bf:bd:b3:62:db:5a:dc:b5:11:a2:9c:08:c6:38:a9:2d:f4:30:
         9b:1d:f5:4d:e5:4e:3f:bb:d6:af:3f:09:03:aa:8e:10:b9:8b:
         93:53:57:e0:df:06:7b:e9:b9:88:a4:29:dc:59:48:5d:48:9e:
         29:20:74:35:fa:17:b1:21:cc:98:bf:89:54:df:80:82:e4:55:
         99:01:c3:61:02:bb:fd:39:60:ba:e6:5e:39:a6:0f:a9:bf:09:
         28:a4:c9:a9:9b:74:5f:5b:a9:84:e3:d3:ed:3c:0e:ed:94:50:
         e6:a8:1d:d7:98:41:ec:ac:fd:e9:e7:93:56:c8:ff:d1:48:5c:
         a5:14:2a:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4xDygmq9vb5dxqQE8WMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ODI5OTU4ZDgwMGNhMWFkZTZlMTNjYTdiMjgwYjIyOWNl
NjYwMmUwHhcNMjUwODA0MDcwMTU3WhcNMjUwODA1MDcwMTU3WjAzMTEwLwYDVQQD
EygzYjRiMDA4ZTdiYjFlNmIxOGU0ZTFmN2UzZGRkYjVmYzI1YTI0N2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZVhhGV5lbuzLI1TlNFIDo9NRmop
TqM4R4akKgRoOGqTX1EWK+wBxE3N1c3xWdPBfSBS2Z72RyUMNctWGSfSv9ulh8qu
2F5/4vLUtMO6PB9ijkMu0DDUZ+eZ+s2tKeJFjeASdgpP/GGexb5YsNRs3UwzYb7i
P1lg1B+BE+zY1avtYhMRdBIeLl5mThC4lw0TgTn4Q334FSHFEOLqHiwZRI/QpRrr
rWAViM1EctTeeD/bVaKW4q3e4oGMV0sNavhZRxUEzluxRuqLKnhi1lPXM1/7ZXRQ
f7QC7bjFA92yFigFFhNZzMZtVkMKurcUAEv6lGsc2mTZ0dvJGn1mESugmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtLAI57seaxjk4ffj3dtfwlokf2MB8GA1UdIwQY
MBaAFOSCmVjYAMoa3m4TynsoCyKc5mAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS83M2FmN2MtNTY0Ny00MmQ3LWFhMWQt
MWQ1YmMwMDFhMWRlLzEvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS83M2FmN2MtNTY0Ny00MmQ3LWFhMWQtMWQ1YmMwMDFhMWRl
LzEvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgJIy2kyJ
WeqTx6mEzx4n/9dGUzB4sKRSvA6ahKkkjvOCcXQgOcnGaAcy7gw/1U0KV591dTgg
7B67UBKioaFGZ8KXPOxRo1QwMci4pFfo9Cmzo9+kO8LrbCOk3cqj+3xv18WuLIvo
umgm3vrabk2kImqMCpIil+GQPsQkuuHsv72zYtta3LURopwIxjipLfQwmx31TeVO
P7vWrz8JA6qOELmLk1NX4N8Ge+m5iKQp3FlIXUieKSB0NfoXsSHMmL+JVN+AguRV
mQHDYQK7/TlguuZeOaYPqb8JKKTJqZt0X1uphOPT7TwO7ZRQ5qgd15hB7Kz96eeT
Vsj/0UhcpRQqQg==
-----END CERTIFICATE-----