Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          YrzcA/Jn0TgQZmpmEx/VSRKKtWIpoLiszYZTlQHNKVs=
Subject key identifier:   B3:39:F6:EC:FC:45:CB:76:74:3C:AE:59:E9:85:3D:E2:8C:DE:5E:A8
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       0198D5F1189B4A640CCD7A1C5AD916373F40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          0523
Signing time:             Sat 23 Aug 2025 08:00:04 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:04 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:04 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: 80d/bnDd8/0X28DPVfKTc8nrHFZaNn7SMxNmZSLEtaY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:18:9b:4a:64:0c:cd:7a:1c:5a:d9:16:37:3f:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Aug 23 08:00:04 2025 GMT
            Not After : Aug 24 08:00:04 2025 GMT
        Subject: CN=b339f6ecfc45cb76743cae59e9853de28cde5ea8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:46:85:05:b1:3d:f5:a0:42:f6:98:8b:06:de:
                    37:74:5d:d0:77:5d:e9:c9:5c:07:0e:7a:32:9a:60:
                    1f:00:09:9a:00:9a:5a:b7:c4:d0:00:90:32:f9:e1:
                    91:fe:ab:98:7a:13:a2:bf:2c:af:41:2e:fc:b1:2c:
                    81:55:54:73:5c:6b:f4:8c:82:94:61:65:48:3c:92:
                    d6:fb:59:15:3e:14:a5:26:17:24:f0:1b:cf:6b:8a:
                    43:65:06:de:f5:2e:b1:ba:de:f4:96:31:b7:fe:1a:
                    81:11:a2:1e:01:1e:d9:70:f7:c0:a1:1a:8f:43:fd:
                    f5:ca:6d:a0:2f:28:7f:ea:89:8e:dd:01:e0:d2:5f:
                    43:28:2f:ac:ac:a1:61:87:fc:d7:ea:58:3c:4e:c3:
                    26:45:b9:d3:b2:38:3f:54:9b:42:e1:ea:e9:35:12:
                    09:1f:23:c9:17:23:c3:9c:bd:a6:0b:7f:52:de:a1:
                    f6:3d:d8:f7:ae:02:df:d9:62:7b:57:8c:a4:e8:d1:
                    08:af:52:cb:9f:53:a7:fe:93:09:e0:75:0d:02:05:
                    79:c1:dd:a3:23:11:60:bf:c4:a9:95:13:f3:46:77:
                    34:8e:eb:76:1c:6b:fa:97:7f:70:41:4f:1e:6f:9b:
                    e5:5a:a2:74:ff:41:99:24:8c:9f:33:61:8c:0e:58:
                    7b:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:39:F6:EC:FC:45:CB:76:74:3C:AE:59:E9:85:3D:E2:8C:DE:5E:A8
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:b3:3d:96:1d:eb:e2:c1:1b:70:05:c6:0a:ec:e8:b1:16:f7:
         ff:b6:94:6e:29:5e:9c:88:83:e6:7b:9d:40:ca:39:28:f9:02:
         cc:d8:e0:f5:20:cf:c7:e7:d9:b7:06:d6:88:1e:16:9c:21:35:
         88:00:17:c5:8b:c9:01:23:76:52:dc:a3:2b:d0:45:d3:70:7b:
         f0:8b:98:90:f4:9a:be:b6:f1:2d:44:ec:22:55:18:82:8a:6d:
         6c:8a:7e:70:bf:10:6d:8e:fc:1b:a6:70:7f:b0:2e:c2:af:15:
         73:16:90:30:02:67:c6:8d:25:33:27:36:3d:f1:5e:6c:47:14:
         e1:1a:ab:ca:29:cf:f1:21:5f:bd:04:a4:c6:9c:79:30:11:f9:
         c2:47:7f:eb:54:c6:65:cd:ca:e4:d4:1c:47:fb:7d:c6:24:3f:
         1b:bd:aa:2b:c6:2e:ad:aa:6b:aa:80:95:e1:bd:88:e7:38:78:
         da:3f:1a:84:28:a8:30:33:a4:48:c6:1d:35:53:66:1d:7b:c1:
         f5:bd:dc:84:99:2e:1a:25:29:ab:1b:a5:2d:e5:2f:6f:79:61:
         64:cd:64:dd:ad:5e:7e:db:80:fe:29:a7:6f:be:ba:84:24:1d:
         de:19:0f:a3:2c:23:cb:82:4c:7a:44:91:b0:a5:1d:0a:2f:08:
         c7:d3:40:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8RibSmQMzXocWtkWNz9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjUwODIzMDgwMDA0WhcNMjUwODI0MDgwMDA0WjAzMTEwLwYDVQQD
EyhiMzM5ZjZlY2ZjNDVjYjc2NzQzY2FlNTllOTg1M2RlMjhjZGU1ZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskaFBbE99aBC9piLBt43dF3Qd13p
yVwHDnoymmAfAAmaAJpat8TQAJAy+eGR/quYehOivyyvQS78sSyBVVRzXGv0jIKU
YWVIPJLW+1kVPhSlJhck8BvPa4pDZQbe9S6xut70ljG3/hqBEaIeAR7ZcPfAoRqP
Q/31ym2gLyh/6omO3QHg0l9DKC+srKFhh/zX6lg8TsMmRbnTsjg/VJtC4erpNRIJ
HyPJFyPDnL2mC39S3qH2Pdj3rgLf2WJ7V4yk6NEIr1LLn1On/pMJ4HUNAgV5wd2j
IxFgv8SplRPzRnc0jut2HGv6l39wQU8eb5vlWqJ0/0GZJIyfM2GMDlh7tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLM59uz8Rct2dDyuWemFPeKM3l6oMB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL7M9lh3r
4sEbcAXGCuzosRb3/7aUbilenIiD5nudQMo5KPkCzNjg9SDPx+fZtwbWiB4WnCE1
iAAXxYvJASN2UtyjK9BF03B78IuYkPSavrbxLUTsIlUYgoptbIp+cL8QbY78G6Zw
f7Auwq8VcxaQMAJnxo0lMyc2PfFebEcU4RqryinP8SFfvQSkxpx5MBH5wkd/61TG
Zc3K5NQcR/t9xiQ/G72qK8YuraprqoCV4b2I5zh42j8ahCioMDOkSMYdNVNmHXvB
9b3chJkuGiUpqxulLeUvb3lhZM1k3a1eftuA/imnb766hCQd3hkPoywjy4JMekSR
sKUdCi8Ix9NAew==
-----END CERTIFICATE-----