Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
File:                     R0NPTmaYKfhsbea6PrDo9m2piLY.mft (raw, json)
Hash identifier:          4xY98u32s/yhmWj3TqnzNs58jq9zD5Eku2iDdlUSC30=
Subject key identifier:   B2:F9:20:32:C8:E7:87:45:3E:CC:06:6C:C7:62:2C:C7:6B:EB:A8:46
Authority key identifier: 47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6
Certificate issuer:       /CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
Certificate serial:       0198D65F7B7C60DE714C6A36E0C2038CC47B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
Manifest number:          7C
Signing time:             Sat 23 Aug 2025 10:00:38 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:38 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:38 +0000
Files and hashes:         1: R0NPTmaYKfhsbea6PrDo9m2piLY.crl (hash: b4ViwCyzBG0Bx/dEqImb1LcyVNpawINhMQsFfbMUIPY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:7b:7c:60:de:71:4c:6a:36:e0:c2:03:8c:c4:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
        Validity
            Not Before: Aug 23 10:00:38 2025 GMT
            Not After : Aug 24 10:00:38 2025 GMT
        Subject: CN=b2f92032c8e787453ecc066cc7622cc76beba846
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d0:74:ce:e1:5e:63:f0:47:34:a8:ef:ff:8f:
                    be:bd:cd:25:72:72:e1:91:ac:a9:08:87:e7:f4:d6:
                    23:9a:7e:c3:fa:d2:8c:c4:4a:ef:22:e5:48:02:7e:
                    aa:ff:88:c6:56:ad:8a:83:c2:bb:64:bf:99:d3:f6:
                    e9:a5:83:91:23:bc:b9:93:d7:55:a1:46:a2:e0:8e:
                    05:4e:7f:9d:88:aa:37:8c:37:aa:ec:34:63:4c:82:
                    05:0f:fb:f7:ca:d9:d7:30:e1:f1:01:16:81:79:33:
                    22:f7:00:93:12:80:bd:66:1f:47:db:9b:bd:76:59:
                    2c:72:7e:93:92:9e:1c:f0:c9:ef:bc:42:0f:74:52:
                    19:00:d8:1f:39:98:87:29:17:b7:5c:d3:c3:29:5e:
                    7f:0b:1c:53:91:85:91:6b:f6:16:3e:6f:7b:3b:c5:
                    71:92:1b:47:e4:3b:43:a0:5e:3f:89:e1:9f:6a:dc:
                    89:cb:4d:a3:4c:be:1a:da:19:ab:f4:4a:61:e2:83:
                    df:66:6a:bf:27:46:10:f0:cc:71:5d:5c:88:7b:93:
                    2c:39:9f:cd:67:8c:2b:ea:ed:8d:56:5d:65:6f:7f:
                    7b:fe:3f:17:4a:01:f1:f3:35:28:8f:1d:6f:c1:9e:
                    95:14:78:ac:22:16:bf:f8:98:ee:6a:c8:f7:d0:06:
                    6f:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:F9:20:32:C8:E7:87:45:3E:CC:06:6C:C7:62:2C:C7:6B:EB:A8:46
            X509v3 Authority Key Identifier:
                keyid:47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:48:68:cd:54:64:43:6f:db:08:2e:4b:01:7e:3f:58:4d:fc:
         60:24:ba:ee:4f:eb:20:4d:52:4d:ff:e8:8b:ba:b7:50:7a:e3:
         f7:91:7e:9d:43:61:aa:87:54:ff:d6:69:fd:9b:06:57:50:dd:
         99:ec:43:da:db:40:1d:ee:27:94:f6:d2:be:8e:02:ba:85:f2:
         08:fe:04:93:62:84:87:91:f5:46:ea:2d:bb:8a:02:e4:bf:da:
         5b:32:73:ba:b9:50:11:f1:8a:9e:96:ee:2c:43:63:4e:f3:c9:
         6d:77:06:3c:70:2a:a1:f1:f8:69:0b:71:a8:51:e3:70:53:5a:
         64:c7:7d:22:e8:5f:ad:44:cd:2e:76:71:cf:f9:b5:ff:75:27:
         9a:4f:6a:1d:fa:ba:87:a6:3f:8c:35:ad:b5:f0:9e:18:a6:e5:
         79:83:08:8a:0d:09:ed:34:cd:22:73:91:b7:4f:7f:4c:4f:19:
         dc:ca:8a:c7:6e:7f:a4:14:f8:04:8d:b0:b2:00:5b:62:e2:b7:
         42:00:8a:58:0e:5b:03:11:e7:53:5f:2a:9b:96:6b:be:33:75:
         ee:86:c3:70:2d:a7:ba:7f:cd:ba:5a:40:93:bd:aa:cb:97:2b:
         23:e4:85:a0:8f:18:4b:ab:e9:4a:26:4c:42:98:49:bb:b3:6a:
         e2:f4:2c:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX3t8YN5xTGo24MIDjMR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NDM0ZjRlNjY5ODI5Zjg2YzZkZTZiYTNlYjBlOGY2NmRh
OTg4YjYwHhcNMjUwODIzMTAwMDM4WhcNMjUwODI0MTAwMDM4WjAzMTEwLwYDVQQD
EyhiMmY5MjAzMmM4ZTc4NzQ1M2VjYzA2NmNjNzYyMmNjNzZiZWJhODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9B0zuFeY/BHNKjv/4++vc0lcnLh
kaypCIfn9NYjmn7D+tKMxErvIuVIAn6q/4jGVq2Kg8K7ZL+Z0/bppYORI7y5k9dV
oUai4I4FTn+diKo3jDeq7DRjTIIFD/v3ytnXMOHxARaBeTMi9wCTEoC9Zh9H25u9
dlkscn6Tkp4c8MnvvEIPdFIZANgfOZiHKRe3XNPDKV5/CxxTkYWRa/YWPm97O8Vx
khtH5DtDoF4/ieGfatyJy02jTL4a2hmr9Eph4oPfZmq/J0YQ8MxxXVyIe5MsOZ/N
Z4wr6u2NVl1lb397/j8XSgHx8zUojx1vwZ6VFHisIha/+Jjuasj30AZvbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLL5IDLI54dFPswGbMdiLMdr66hGMB8GA1UdIwQY
MBaAFEdDT05mmCn4bG3muj6w6PZtqYi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODkt
NWI5ZmZmZjA4MmYxLzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODktNWI5ZmZmZjA4MmYx
LzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVUhozVRk
Q2/bCC5LAX4/WE38YCS67k/rIE1STf/oi7q3UHrj95F+nUNhqodU/9Zp/ZsGV1Dd
mexD2ttAHe4nlPbSvo4CuoXyCP4Ek2KEh5H1Ruotu4oC5L/aWzJzurlQEfGKnpbu
LENjTvPJbXcGPHAqofH4aQtxqFHjcFNaZMd9IuhfrUTNLnZxz/m1/3Unmk9qHfq6
h6Y/jDWttfCeGKbleYMIig0J7TTNInORt09/TE8Z3MqKx25/pBT4BI2wsgBbYuK3
QgCKWA5bAxHnU18qm5ZrvjN17obDcC2nun/NulpAk72qy5crI+SFoI8YS6vpSiZM
QphJu7Nq4vQsKA==
-----END CERTIFICATE-----