Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          yXYSEkUCIHmldmbcBdULdAw2/KwtPGgZGVIinvKEYow=
Subject key identifier:   D6:93:08:0A:AC:F2:66:84:01:95:BD:2A:0D:91:67:B3:3A:5C:6D:0A
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       0198D65FB789D5CB25AAD6962382F6623245
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0B94
Signing time:             Sat 23 Aug 2025 10:00:53 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:53 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:53 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: /6spqjVWEiYYnoEJDE/3I+dE6ernM9Z2UyCWvBsn23I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:b7:89:d5:cb:25:aa:d6:96:23:82:f6:62:32:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Aug 23 10:00:53 2025 GMT
            Not After : Aug 24 10:00:53 2025 GMT
        Subject: CN=d693080aacf266840195bd2a0d9167b33a5c6d0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:83:65:d8:47:c8:16:fc:87:b8:b6:1c:08:65:
                    6a:f2:c7:f3:11:1d:6f:c9:22:d8:fe:3d:e0:56:a8:
                    29:c3:44:8f:79:df:be:88:9f:ae:4f:06:b9:3b:ba:
                    b0:7b:28:1a:b4:b6:66:ae:a2:cd:3a:b4:7c:c9:ae:
                    d8:11:d6:bf:c0:8d:e8:e9:dc:71:64:ff:99:93:ad:
                    fb:e0:d0:eb:c6:9c:24:1f:47:c0:85:2d:7c:73:6d:
                    7f:04:a5:71:45:58:de:e4:b6:96:32:f5:45:f3:9c:
                    cd:f3:01:f2:5d:60:39:61:ef:ec:13:8f:03:7d:f2:
                    cd:8c:6d:8a:98:f8:0c:7f:e9:87:17:0f:da:1d:a8:
                    07:63:1a:1e:c2:58:76:6c:5c:42:11:4c:45:d4:54:
                    c6:33:86:f1:08:71:a4:a1:1f:73:74:bf:dc:07:2f:
                    30:65:f8:04:e7:c6:78:16:1f:10:ce:4f:99:a0:d4:
                    3b:35:3f:0b:06:0c:35:ed:ff:9b:e6:f7:9b:6c:ed:
                    ce:95:be:0e:fa:83:7b:f4:1a:f2:f6:a6:74:ad:cf:
                    bc:d8:a9:dd:6e:68:d4:a8:cd:10:9b:e1:08:b1:71:
                    63:2d:43:e4:e3:36:9e:41:66:51:97:21:fd:33:de:
                    93:24:4f:e6:a7:9d:21:82:b3:89:22:af:23:98:70:
                    dd:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:93:08:0A:AC:F2:66:84:01:95:BD:2A:0D:91:67:B3:3A:5C:6D:0A
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:40:df:c4:bf:5a:5f:f1:f5:e6:e2:a8:8e:ca:f8:61:c9:04:
         40:9a:00:16:45:d8:d8:17:ea:84:05:31:d6:6e:31:be:99:74:
         d4:40:32:44:45:53:32:4d:36:53:28:cb:d2:03:f7:2a:70:ed:
         ea:4a:36:42:ac:b2:0c:f6:fc:84:56:14:3c:23:b6:a9:fc:5c:
         4e:10:8c:c6:56:2d:7c:46:b0:62:fb:6a:ca:06:31:c4:2d:a4:
         0b:36:ff:f1:d4:5d:97:e0:ca:90:a5:ec:23:26:d9:ac:4e:11:
         72:85:39:fa:1d:3f:dd:a1:08:4c:e8:91:9c:0f:6e:f9:53:be:
         19:76:45:2c:e2:66:6d:f5:4d:8c:4e:94:83:18:28:44:8c:d3:
         6c:9a:28:bc:68:20:80:f8:93:13:20:bc:c0:6a:73:f3:ef:27:
         3c:5b:69:60:d8:65:7f:65:c5:4f:d5:48:26:0c:78:0c:79:3f:
         75:48:9e:f5:69:9b:18:a2:3b:3e:66:82:0f:bf:cc:0f:2e:26:
         31:22:5a:20:0d:d6:5e:2d:8c:21:de:75:5d:b3:f6:e3:32:85:
         0a:a5:d3:18:2c:e1:ed:b2:bd:49:d8:0e:47:3f:29:70:c8:82:
         f4:26:1a:df:d0:ec:50:97:fc:4e:b4:35:35:54:45:b1:aa:e3:
         db:6a:7e:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX7eJ1cslqtaWI4L2YjJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjUwODIzMTAwMDUzWhcNMjUwODI0MTAwMDUzWjAzMTEwLwYDVQQD
EyhkNjkzMDgwYWFjZjI2Njg0MDE5NWJkMmEwZDkxNjdiMzNhNWM2ZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYNl2EfIFvyHuLYcCGVq8sfzER1v
ySLY/j3gVqgpw0SPed++iJ+uTwa5O7qweygatLZmrqLNOrR8ya7YEda/wI3o6dxx
ZP+Zk6374NDrxpwkH0fAhS18c21/BKVxRVje5LaWMvVF85zN8wHyXWA5Ye/sE48D
ffLNjG2KmPgMf+mHFw/aHagHYxoewlh2bFxCEUxF1FTGM4bxCHGkoR9zdL/cBy8w
ZfgE58Z4Fh8Qzk+ZoNQ7NT8LBgw17f+b5vebbO3Olb4O+oN79Bry9qZ0rc+82Knd
bmjUqM0Qm+EIsXFjLUPk4zaeQWZRlyH9M96TJE/mp50hgrOJIq8jmHDdPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNaTCAqs8maEAZW9Kg2RZ7M6XG0KMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKkDfxL9a
X/H15uKojsr4YckEQJoAFkXY2BfqhAUx1m4xvpl01EAyREVTMk02UyjL0gP3KnDt
6ko2QqyyDPb8hFYUPCO2qfxcThCMxlYtfEawYvtqygYxxC2kCzb/8dRdl+DKkKXs
IybZrE4RcoU5+h0/3aEITOiRnA9u+VO+GXZFLOJmbfVNjE6UgxgoRIzTbJoovGgg
gPiTEyC8wGpz8+8nPFtpYNhlf2XFT9VIJgx4DHk/dUie9WmbGKI7PmaCD7/MDy4m
MSJaIA3WXi2MId51XbP24zKFCqXTGCzh7bK9SdgORz8pcMiC9CYa39DsUJf8TrQ1
NVRFsarj22p+CQ==
-----END CERTIFICATE-----