Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          g3JZADangRDPJ9EP+Z0U+S03OQtAI8/2cxQ5IeL90Lg=
Subject key identifier:   5D:62:B3:FD:2F:61:BA:82:6B:2E:39:DB:1E:AD:CE:78:37:30:4A:95
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       0198D5F1869310A1EBFBB2256D1FD63B0F6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          041B
Signing time:             Sat 23 Aug 2025 08:00:32 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:32 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:32 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: 209Fa2YOBTv1FX+xWLTL0AQDGKZMsuiFYa4xKhi3XD4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:86:93:10:a1:eb:fb:b2:25:6d:1f:d6:3b:0f:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Aug 23 08:00:32 2025 GMT
            Not After : Aug 24 08:00:32 2025 GMT
        Subject: CN=5d62b3fd2f61ba826b2e39db1eadce7837304a95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5b:98:a2:30:40:7a:56:d8:09:02:ac:f6:32:
                    11:85:ed:32:4f:d0:81:f3:a1:b1:9a:9c:43:48:d3:
                    02:af:ad:55:3a:e3:eb:d1:69:06:e0:6b:7a:09:f2:
                    d9:a6:eb:9f:77:19:31:68:db:4a:1d:26:d5:d8:c7:
                    63:bd:8c:aa:73:1d:6a:87:b7:f3:cf:3d:82:f0:89:
                    ae:74:3b:97:06:c1:81:eb:66:24:4a:d4:56:bb:fe:
                    58:28:d3:2c:8b:71:72:c5:fb:29:0f:8c:45:a8:0d:
                    c9:b2:08:c8:cc:77:76:6f:ec:ac:87:75:d4:04:3e:
                    4d:95:5d:6e:a0:e2:a1:52:2a:ef:07:bd:6f:93:f2:
                    7c:48:51:a4:bc:1b:28:e3:70:24:d4:7a:d5:c2:bd:
                    74:7c:e9:48:b0:c2:02:3c:9b:68:88:88:70:37:03:
                    2e:9a:d1:f7:0d:fb:27:47:14:b7:62:90:e9:47:9e:
                    a0:1a:71:e7:00:15:0a:f8:f0:df:78:63:29:d9:89:
                    67:a5:95:f7:a0:5e:cd:a5:33:c7:7d:9b:1f:3b:fe:
                    ec:57:f2:7c:82:59:f9:41:2d:de:8e:ff:8e:24:78:
                    b0:a9:59:4c:ac:21:63:e9:ea:3a:61:ec:03:4e:7e:
                    d2:b6:56:d8:1c:a9:89:a3:8b:a6:a7:c1:27:b0:0d:
                    12:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:62:B3:FD:2F:61:BA:82:6B:2E:39:DB:1E:AD:CE:78:37:30:4A:95
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:6e:c6:13:a1:37:42:8d:9e:42:31:3a:81:1e:6e:7b:6d:52:
         62:b0:7d:4c:de:05:ac:83:b9:b8:9b:e0:4a:14:d2:4e:3f:d7:
         85:d5:fa:c6:98:e2:10:fe:7d:5c:e4:ff:c1:15:b2:e5:aa:dd:
         62:a2:ce:ac:50:24:ee:79:09:ab:78:c4:a7:6b:67:c4:dc:ab:
         44:86:d9:dd:3e:bd:ed:7f:4c:fc:2a:46:2d:c2:67:a4:5c:9e:
         9d:d1:26:5c:6f:08:34:ad:c8:42:f5:1a:3d:d6:6c:c7:a5:5f:
         5c:f8:7c:3b:05:0c:c0:f4:83:68:35:c9:b6:e9:6d:bb:56:f3:
         fa:6e:48:38:ee:ac:f5:08:e8:98:1c:ea:69:40:8d:16:1c:c0:
         d8:c3:ba:4b:1c:a4:2d:ff:57:aa:05:4d:dd:1a:b7:86:bb:6c:
         37:13:29:c2:62:ec:a2:bb:c2:7f:b1:5b:55:79:d4:c4:f0:80:
         2e:ee:f7:03:a4:ef:eb:b5:d0:e1:d8:8c:ad:40:8e:26:37:e7:
         bc:d7:68:e9:41:3b:05:ec:73:81:33:e1:f8:32:40:13:05:16:
         df:96:f5:35:06:07:c1:c9:71:81:1c:ac:6e:ed:ae:1c:c9:52:
         73:f8:d3:1a:d7:60:cf:7b:18:21:e4:c6:a3:b1:f6:89:bc:c6:
         a0:41:e9:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8YaTEKHr+7IlbR/WOw9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjUwODIzMDgwMDMyWhcNMjUwODI0MDgwMDMyWjAzMTEwLwYDVQQD
Eyg1ZDYyYjNmZDJmNjFiYTgyNmIyZTM5ZGIxZWFkY2U3ODM3MzA0YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnluYojBAelbYCQKs9jIRhe0yT9CB
86GxmpxDSNMCr61VOuPr0WkG4Gt6CfLZpuufdxkxaNtKHSbV2MdjvYyqcx1qh7fz
zz2C8ImudDuXBsGB62YkStRWu/5YKNMsi3FyxfspD4xFqA3JsgjIzHd2b+ysh3XU
BD5NlV1uoOKhUirvB71vk/J8SFGkvBso43Ak1HrVwr10fOlIsMICPJtoiIhwNwMu
mtH3DfsnRxS3YpDpR56gGnHnABUK+PDfeGMp2YlnpZX3oF7NpTPHfZsfO/7sV/J8
gln5QS3ejv+OJHiwqVlMrCFj6eo6YewDTn7StlbYHKmJo4ump8EnsA0SeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1is/0vYbqCay452x6tzng3MEqVMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJW7GE6E3
Qo2eQjE6gR5ue21SYrB9TN4FrIO5uJvgShTSTj/XhdX6xpjiEP59XOT/wRWy5ard
YqLOrFAk7nkJq3jEp2tnxNyrRIbZ3T697X9M/CpGLcJnpFyendEmXG8INK3IQvUa
PdZsx6VfXPh8OwUMwPSDaDXJtultu1bz+m5IOO6s9QjomBzqaUCNFhzA2MO6Sxyk
Lf9XqgVN3Rq3hrtsNxMpwmLsorvCf7FbVXnUxPCALu73A6Tv67XQ4diMrUCOJjfn
vNdo6UE7BexzgTPh+DJAEwUW35b1NQYHwclxgRysbu2uHMlSc/jTGtdgz3sYIeTG
o7H2ibzGoEHpXw==
-----END CERTIFICATE-----