Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          cCH7ydBFi02I5G/t4C8TPHbQJKffpGWfM4ndEVTTiro=
Subject key identifier:   60:40:19:B8:0F:7B:30:27:34:F5:56:D6:9F:0D:35:93:D6:F2:E9:32
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       019A0147B18609337765EFD2FB3F81E465CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          04B6
Signing time:             Mon 20 Oct 2025 11:01:06 +0000
Manifest this update:     Mon 20 Oct 2025 11:01:06 +0000
Manifest next update:     Tue 21 Oct 2025 11:01:06 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: 9jsvh/2wm0viN9KvOprrBRjVyUFdLplZPHWnUW7Cqsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 11:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:47:b1:86:09:33:77:65:ef:d2:fb:3f:81:e4:65:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Oct 20 11:01:06 2025 GMT
            Not After : Oct 21 11:01:06 2025 GMT
        Subject: CN=604019b80f7b302734f556d69f0d3593d6f2e932
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:bd:81:fd:bb:be:bc:af:4c:2c:cd:5e:92:6a:
                    38:f1:0d:d4:68:62:36:ae:6d:e4:a8:63:24:bd:ef:
                    3f:33:8b:1c:3d:87:29:4b:10:8e:30:0c:14:8a:d6:
                    08:1b:47:68:bf:66:c1:5c:0b:eb:38:62:2f:fb:c0:
                    81:15:d9:ad:69:85:e2:d7:4b:6b:b0:e2:57:cd:46:
                    d2:9b:c1:05:8a:a7:d9:0d:94:6e:d6:e6:3a:82:d7:
                    25:ac:01:bf:59:70:1c:e0:d1:f7:90:1d:34:ee:66:
                    90:2c:97:1c:c9:a8:1c:d8:87:aa:6c:ef:0c:7a:78:
                    9e:da:2a:b3:14:dd:2c:c3:a7:a5:eb:2f:94:c0:75:
                    bb:54:63:a8:98:d5:cb:c9:96:9e:47:04:d8:98:f4:
                    b3:bf:cc:96:8e:50:c1:00:bb:d2:d3:75:57:c1:97:
                    8e:f9:18:b2:4c:ba:1d:96:3f:db:c2:30:79:62:ea:
                    22:b8:70:06:f4:5f:00:48:bf:9c:d9:cf:41:b8:97:
                    76:52:6e:d7:03:64:82:ef:27:2f:02:9e:46:75:fb:
                    27:95:54:25:9c:e4:ab:28:f9:9f:b9:d4:d9:93:a1:
                    6a:90:9b:86:1e:f5:52:6c:bf:99:62:bf:13:a3:d3:
                    8d:d6:58:81:f7:88:5b:ec:d8:a8:c0:22:33:13:85:
                    45:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:40:19:B8:0F:7B:30:27:34:F5:56:D6:9F:0D:35:93:D6:F2:E9:32
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:3c:b7:f2:5b:f7:ee:f4:16:0f:3e:2b:b7:bf:d1:7b:31:ef:
         ce:c9:b5:11:fb:08:41:28:a4:7e:15:9d:d2:b0:d2:2e:03:8b:
         46:23:2a:03:26:ca:11:03:62:d6:14:25:21:e6:2e:d9:36:7f:
         a7:fe:74:57:2a:82:f0:35:0a:d4:a3:fe:f3:d9:ed:33:10:57:
         89:50:e2:e8:7e:e2:f6:f5:e8:8a:05:55:f2:15:07:0c:2c:70:
         1c:26:f1:2a:1a:81:1a:94:d5:17:67:41:6d:70:f4:be:f2:d9:
         70:84:0a:78:36:52:0d:69:db:f5:3e:ba:53:c5:b7:ff:d2:28:
         f2:2a:5d:4a:da:19:ee:85:a4:5e:ff:01:69:9d:6f:8f:b1:cd:
         f2:80:28:27:8f:50:ce:2d:86:a1:08:23:f3:d8:e6:8e:19:bd:
         25:33:0d:ae:0f:c6:90:0c:7e:4e:c1:8a:a1:2f:d2:19:72:ba:
         a5:d1:e7:ad:a1:19:5e:51:25:cb:fd:29:75:e2:45:e3:c6:c7:
         c0:de:fe:d8:41:23:dd:3d:41:4b:01:64:75:78:4b:1b:b7:b4:
         13:b4:c0:a3:1b:ef:38:3a:28:9c:ac:52:55:e4:e0:9d:2a:43:
         23:e2:9a:7d:9c:d3:da:0f:c3:01:87:f7:3b:62:f7:86:02:1f:
         a9:91:36:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBR7GGCTN3Ze/S+z+B5GXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjUxMDIwMTEwMTA2WhcNMjUxMDIxMTEwMTA2WjAzMTEwLwYDVQQD
Eyg2MDQwMTliODBmN2IzMDI3MzRmNTU2ZDY5ZjBkMzU5M2Q2ZjJlOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA572B/bu+vK9MLM1ekmo48Q3UaGI2
rm3kqGMkve8/M4scPYcpSxCOMAwUitYIG0dov2bBXAvrOGIv+8CBFdmtaYXi10tr
sOJXzUbSm8EFiqfZDZRu1uY6gtclrAG/WXAc4NH3kB007maQLJccyagc2IeqbO8M
enie2iqzFN0sw6el6y+UwHW7VGOomNXLyZaeRwTYmPSzv8yWjlDBALvS03VXwZeO
+RiyTLodlj/bwjB5YuoiuHAG9F8ASL+c2c9BuJd2Um7XA2SC7ycvAp5GdfsnlVQl
nOSrKPmfudTZk6FqkJuGHvVSbL+ZYr8To9ON1liB94hb7NiowCIzE4VFwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBAGbgPezAnNPVW1p8NNZPW8ukyMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATDy38lv3
7vQWDz4rt7/RezHvzsm1EfsIQSikfhWd0rDSLgOLRiMqAybKEQNi1hQlIeYu2TZ/
p/50VyqC8DUK1KP+89ntMxBXiVDi6H7i9vXoigVV8hUHDCxwHCbxKhqBGpTVF2dB
bXD0vvLZcIQKeDZSDWnb9T66U8W3/9Io8ipdStoZ7oWkXv8BaZ1vj7HN8oAoJ49Q
zi2GoQgj89jmjhm9JTMNrg/GkAx+TsGKoS/SGXK6pdHnraEZXlEly/0pdeJF48bH
wN7+2EEj3T1BSwFkdXhLG7e0E7TAoxvvODoonKxSVeTgnSpDI+KafZzT2g/DAYf3
O2L3hgIfqZE2sQ==
-----END CERTIFICATE-----