Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          Pv1c4TpyC66PI0Wok82QmFPRoD+CDmES+pRyYbUK4L8=
Subject key identifier:   BA:13:58:F0:68:5F:A1:F0:D7:EA:0C:BD:E3:0F:89:37:F9:56:1C:03
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       0198D698852B7D30C56318635A3DFA993361
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          0459
Signing time:             Sat 23 Aug 2025 11:02:56 +0000
Manifest this update:     Sat 23 Aug 2025 11:02:56 +0000
Manifest next update:     Sun 24 Aug 2025 11:02:56 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: lIjP7z8OUF71bRbq41bMy9gy9GifnqsiT7BlDfWe75o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:98:85:2b:7d:30:c5:63:18:63:5a:3d:fa:99:33:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Aug 23 11:02:56 2025 GMT
            Not After : Aug 24 11:02:56 2025 GMT
        Subject: CN=ba1358f0685fa1f0d7ea0cbde30f8937f9561c03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e5:c1:f7:24:67:3a:8e:b9:13:a9:7a:5e:6f:
                    0c:9f:c7:55:07:91:46:ac:df:2d:8d:26:39:73:3b:
                    02:bf:82:d3:39:62:e3:32:89:d9:08:65:22:c7:de:
                    1d:0d:8b:d2:2a:9b:fd:4d:4d:91:36:e7:63:e2:aa:
                    fb:1b:cf:10:48:a7:4e:1d:66:30:4d:7c:db:85:b7:
                    2d:dc:22:4a:7a:ae:80:af:e6:8c:e2:4d:5d:19:3f:
                    af:58:cd:c2:4f:eb:98:9c:98:52:4e:f9:71:55:62:
                    d2:58:4e:cf:2d:e4:2a:70:b0:be:62:68:e2:33:2e:
                    a7:70:92:7c:6a:07:37:ae:05:2d:fa:23:a4:17:e7:
                    30:b9:55:f4:71:6b:54:65:97:d5:84:08:89:c9:f8:
                    0b:cf:ce:0f:9e:7d:c6:40:c8:a1:68:6a:8f:10:3c:
                    19:a1:6c:7f:f0:f0:7a:94:d9:c0:f8:5f:a8:10:1d:
                    b7:d1:8f:cd:be:b6:59:7c:d4:44:1b:a0:c5:39:42:
                    e9:83:9a:ad:6b:1f:8a:c7:9d:e9:52:91:bb:93:41:
                    dd:63:ab:a8:92:23:0d:13:b8:c7:40:00:85:00:2c:
                    9f:9d:7a:e6:e2:aa:37:07:8e:12:4e:d1:ff:20:5d:
                    f8:71:be:ae:61:29:96:5d:38:41:2c:00:a6:37:d6:
                    04:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:13:58:F0:68:5F:A1:F0:D7:EA:0C:BD:E3:0F:89:37:F9:56:1C:03
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:b3:98:7e:12:7d:ea:a1:47:8a:51:3d:9a:8f:77:a0:2b:26:
         fa:7f:8f:a2:1d:db:ec:8b:ae:c1:3a:11:69:1c:46:7d:3a:fb:
         d7:8c:d2:bf:65:0c:4e:e2:e2:c3:56:2a:9d:67:be:d2:15:92:
         9b:7e:6b:91:21:62:4f:1d:1b:e0:2b:b7:1d:f8:51:05:06:ea:
         3b:cd:f2:9c:e6:89:72:b6:8c:0b:45:9c:26:1f:ea:e0:51:bd:
         97:0f:33:0a:5b:a1:48:67:db:94:4b:fa:4c:e8:68:c3:e2:3e:
         d0:ed:36:94:95:4d:c0:0b:f9:76:20:28:01:4b:96:91:e9:ab:
         4c:bb:5e:06:8f:bd:5d:d8:cf:37:d3:7c:35:d8:b9:d9:c7:83:
         cb:fa:12:65:61:d9:f8:1d:cd:f3:a5:6d:ba:fc:dd:15:a7:a9:
         f0:a1:58:29:97:00:40:62:f1:93:35:9e:fd:1b:d7:d1:9d:2a:
         93:88:66:f5:b3:c0:40:50:53:25:d7:6e:bf:84:27:9e:16:9f:
         87:7c:0e:26:fd:d4:06:e8:11:87:9a:0c:8b:ed:46:f2:76:15:
         fe:4d:cc:c2:81:de:3c:c1:ae:50:56:b5:3c:45:da:d2:c8:56:
         83:4f:cb:38:d2:3d:ae:f8:6a:ac:1f:a8:ab:a5:af:f2:9f:90:
         97:a7:5b:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWmIUrfTDFYxhjWj36mTNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjUwODIzMTEwMjU2WhcNMjUwODI0MTEwMjU2WjAzMTEwLwYDVQQD
EyhiYTEzNThmMDY4NWZhMWYwZDdlYTBjYmRlMzBmODkzN2Y5NTYxYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+XB9yRnOo65E6l6Xm8Mn8dVB5FG
rN8tjSY5czsCv4LTOWLjMonZCGUix94dDYvSKpv9TU2RNudj4qr7G88QSKdOHWYw
TXzbhbct3CJKeq6Ar+aM4k1dGT+vWM3CT+uYnJhSTvlxVWLSWE7PLeQqcLC+Ymji
My6ncJJ8agc3rgUt+iOkF+cwuVX0cWtUZZfVhAiJyfgLz84Pnn3GQMihaGqPEDwZ
oWx/8PB6lNnA+F+oEB230Y/NvrZZfNREG6DFOULpg5qtax+Kx53pUpG7k0HdY6uo
kiMNE7jHQACFACyfnXrm4qo3B44STtH/IF34cb6uYSmWXThBLACmN9YEDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoTWPBoX6Hw1+oMveMPiTf5VhwDMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARbOYfhJ9
6qFHilE9mo93oCsm+n+Poh3b7IuuwToRaRxGfTr714zSv2UMTuLiw1YqnWe+0hWS
m35rkSFiTx0b4Cu3HfhRBQbqO83ynOaJcraMC0WcJh/q4FG9lw8zCluhSGfblEv6
TOhow+I+0O02lJVNwAv5diAoAUuWkemrTLteBo+9XdjPN9N8Ndi52ceDy/oSZWHZ
+B3N86VtuvzdFaep8KFYKZcAQGLxkzWe/RvX0Z0qk4hm9bPAQFBTJdduv4Qnnhaf
h3wOJv3UBugRh5oMi+1G8nYV/k3MwoHePMGuUFa1PEXa0shWg0/LONI9rvhqrB+o
q6Wv8p+Ql6dbHw==
-----END CERTIFICATE-----