Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
File:                     hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft (raw, json)
Hash identifier:          0+sKqU8/OOXWLYBS0AHD7Ijw3dxMnuezAb44Cho/TLQ=
Subject key identifier:   9F:46:63:D5:9B:FA:34:4C:D7:F6:53:39:5B:46:F5:DF:87:90:65:4A
Authority key identifier: 85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4
Certificate issuer:       /CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
Certificate serial:       0198D4743B420E5BF891341D9DACA816DC89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 01:04:03 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:03 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:03 +0000
Files and hashes:         1: hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl (hash: qY4gkuSfq6sOY/Xegbp325LVwaYcnnDN8BRcPS+aqtg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:3b:42:0e:5b:f8:91:34:1d:9d:ac:a8:16:dc:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
        Validity
            Not Before: Aug 23 01:04:03 2025 GMT
            Not After : Aug 24 01:04:03 2025 GMT
        Subject: CN=9f4663d59bfa344cd7f653395b46f5df8790654a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:57:7b:c3:9e:ad:ce:a3:33:6c:dc:a9:18:17:
                    75:78:70:72:50:3c:37:4d:3b:dc:ef:0e:52:35:4a:
                    1b:c4:af:53:cd:70:9c:39:f4:8d:8f:f2:a6:4f:61:
                    62:27:91:a4:cb:1b:c4:9d:6e:e6:d5:9c:bb:09:39:
                    aa:94:57:bf:97:5a:9b:9d:05:d3:b7:c6:74:07:b3:
                    22:b8:d8:74:03:6f:74:37:8e:d0:1e:46:fa:4a:12:
                    5c:e2:22:54:3b:50:01:cd:36:e6:ae:d4:cd:90:42:
                    b1:b5:57:5d:0a:0d:70:20:99:53:10:f7:40:c2:d7:
                    ec:40:7a:74:fb:0a:63:95:f8:68:e7:0c:3e:fe:4d:
                    79:cd:1a:2c:f2:30:a9:15:25:1b:1e:52:9c:a4:66:
                    5d:81:11:ca:36:a7:16:ec:83:3a:2e:26:46:24:8a:
                    05:ad:f6:a7:23:b5:2f:9b:44:d6:5d:a5:29:7b:2d:
                    5f:fc:f0:f6:5e:e2:91:2c:f1:53:a4:c4:dc:6e:d9:
                    57:aa:3f:3c:4f:59:f8:58:6a:2c:11:40:4c:a3:c4:
                    f3:48:d3:ea:73:a1:57:e3:07:a8:3b:92:d6:c3:72:
                    bf:56:08:6d:f7:b7:1f:ea:cc:5e:18:44:0b:b0:0d:
                    21:5b:7d:02:d2:07:26:62:81:27:0e:6e:a8:1d:2d:
                    91:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:46:63:D5:9B:FA:34:4C:D7:F6:53:39:5B:46:F5:DF:87:90:65:4A
            X509v3 Authority Key Identifier:
                keyid:85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:66:60:c3:4e:e2:a7:56:4c:f0:d9:97:e8:09:7f:ce:9f:00:
         75:4c:9b:8d:47:ec:dd:69:8a:3a:12:bc:3d:e8:93:86:7d:19:
         7e:de:49:30:f6:3d:98:27:ee:56:e6:bc:7c:6a:f9:3a:c1:a9:
         c7:aa:93:17:de:05:73:cf:1b:fb:53:54:08:95:fb:9e:20:a2:
         31:ad:2e:1b:25:2b:35:57:74:4f:7c:c8:51:5b:82:54:70:45:
         c1:77:bf:58:81:87:b5:21:36:96:a6:f1:d2:35:8f:80:3c:0d:
         87:29:05:16:fa:53:c8:b7:17:76:a6:b6:30:5d:d3:1d:be:bb:
         68:c2:a3:76:81:20:7c:5f:29:d6:a7:fe:8d:cc:d1:3f:bf:82:
         67:5c:5e:23:6c:22:e5:ab:ab:1a:b9:54:ad:e4:c1:59:58:2b:
         38:6f:3f:2f:68:b2:fc:a4:43:63:84:48:4d:f8:78:29:45:1b:
         8a:a1:81:64:3f:50:67:48:6a:a6:63:bf:a0:a7:f1:d3:b5:7d:
         78:61:3a:1c:0d:7e:aa:ce:f4:59:88:59:81:67:4c:31:d0:c1:
         f8:e4:62:b3:6f:58:9b:bc:99:10:75:65:95:08:92:e6:9c:22:
         c3:41:bd:8d:28:59:17:ea:2a:29:c8:28:26:fe:57:8f:f6:2f:
         76:ee:45:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdDtCDlv4kTQdnayoFtyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDEyM2U0Y2UyYjgwZWJmMTJlNDNmZWU0YjFjMThjNWM3
M2QzYjQwHhcNMjUwODIzMDEwNDAzWhcNMjUwODI0MDEwNDAzWjAzMTEwLwYDVQQD
Eyg5ZjQ2NjNkNTliZmEzNDRjZDdmNjUzMzk1YjQ2ZjVkZjg3OTA2NTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1d7w56tzqMzbNypGBd1eHByUDw3
TTvc7w5SNUobxK9TzXCcOfSNj/KmT2FiJ5GkyxvEnW7m1Zy7CTmqlFe/l1qbnQXT
t8Z0B7MiuNh0A290N47QHkb6ShJc4iJUO1ABzTbmrtTNkEKxtVddCg1wIJlTEPdA
wtfsQHp0+wpjlfho5ww+/k15zRos8jCpFSUbHlKcpGZdgRHKNqcW7IM6LiZGJIoF
rfanI7Uvm0TWXaUpey1f/PD2XuKRLPFTpMTcbtlXqj88T1n4WGosEUBMo8TzSNPq
c6FX4weoO5LWw3K/Vght97cf6sxeGEQLsA0hW30C0gcmYoEnDm6oHS2RlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9GY9Wb+jRM1/ZTOVtG9d+HkGVKMB8GA1UdIwQY
MBaAFIUBI+TOK4Dr8S5D/uSxwYxcc9O0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEt
MTYzMjBkMDE0YzA0LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEtMTYzMjBkMDE0YzA0
LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWmZgw07i
p1ZM8NmX6Al/zp8AdUybjUfs3WmKOhK8PeiThn0Zft5JMPY9mCfuVua8fGr5OsGp
x6qTF94Fc88b+1NUCJX7niCiMa0uGyUrNVd0T3zIUVuCVHBFwXe/WIGHtSE2lqbx
0jWPgDwNhykFFvpTyLcXdqa2MF3THb67aMKjdoEgfF8p1qf+jczRP7+CZ1xeI2wi
5aurGrlUreTBWVgrOG8/L2iy/KRDY4RITfh4KUUbiqGBZD9QZ0hqpmO/oKfx07V9
eGE6HA1+qs70WYhZgWdMMdDB+ORis29Ym7yZEHVllQiS5pwiw0G9jShZF+oqKcgo
Jv5Xj/Yvdu5FTA==
-----END CERTIFICATE-----