Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft
File:                     t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft (raw, json)
Hash identifier:          tC5iC3+XnIcfiHXrdtKHlmNoIRJWpvl6LDvuOmy+P50=
Subject key identifier:   ED:C2:5D:70:E2:BE:D4:24:AB:EF:87:EF:C9:12:98:0A:55:C2:50:0B
Authority key identifier: B7:85:EC:73:DC:18:1F:99:35:65:9F:58:AE:D2:08:53:2A:2C:2A:6A
Certificate issuer:       /CN=b785ec73dc181f9935659f58aed208532a2c2a6a
Certificate serial:       0198D660E71262733A318F005287E8C228C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft
Manifest number:          01D6
Signing time:             Sat 23 Aug 2025 10:02:11 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:11 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:11 +0000
Files and hashes:         1: t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl (hash: Gw7XWsc+ZsEzaZr/Q/w/8g3qkoT+WnLArG+Z29/DQOQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:e7:12:62:73:3a:31:8f:00:52:87:e8:c2:28:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b785ec73dc181f9935659f58aed208532a2c2a6a
        Validity
            Not Before: Aug 23 10:02:11 2025 GMT
            Not After : Aug 24 10:02:11 2025 GMT
        Subject: CN=edc25d70e2bed424abef87efc912980a55c2500b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f8:3d:c5:19:cb:03:4f:62:00:70:fd:86:e3:
                    f3:14:6f:fb:d7:37:2b:78:34:48:e0:00:84:01:a2:
                    cd:83:a6:c3:d6:76:57:5c:01:16:91:e5:fa:35:b6:
                    f6:7a:d4:1e:6e:bc:06:8a:b0:93:90:8f:5b:61:73:
                    a3:ce:5b:ca:12:5f:39:69:22:c4:12:b1:a0:c4:0a:
                    40:26:18:98:1f:fe:e5:7b:e5:6c:b0:bf:38:0f:82:
                    e6:cc:3b:20:ba:3a:95:9d:7a:3f:7b:44:f0:9c:7a:
                    02:6b:61:93:b1:b4:d3:a9:94:e3:26:fe:e2:04:a7:
                    e1:34:aa:83:c8:2d:3f:cc:c5:f8:98:93:05:a9:38:
                    df:cc:ab:75:f9:9a:52:4d:87:14:e3:ed:18:2b:56:
                    4b:24:05:d6:de:b5:89:cd:ed:c1:78:68:3d:23:e1:
                    63:4f:1d:c7:3f:10:d2:15:49:ac:f1:40:d8:f2:6b:
                    0d:75:70:62:26:65:55:ff:34:a9:8f:7d:e0:f1:34:
                    f9:cb:7f:67:e8:01:ac:ae:53:18:e4:79:bd:c9:3f:
                    b3:10:11:4a:f2:93:36:d2:93:ea:2b:6e:38:60:82:
                    f4:c5:9f:c3:56:08:88:f0:37:14:a2:85:67:8a:7e:
                    33:67:95:7d:61:23:16:eb:f4:e5:66:8c:cb:f1:65:
                    61:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:C2:5D:70:E2:BE:D4:24:AB:EF:87:EF:C9:12:98:0A:55:C2:50:0B
            X509v3 Authority Key Identifier:
                keyid:B7:85:EC:73:DC:18:1F:99:35:65:9F:58:AE:D2:08:53:2A:2C:2A:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:c4:39:47:ee:7f:ab:f4:1a:a0:69:28:8b:b3:78:92:f2:1a:
         5a:aa:dd:44:12:7b:21:95:37:98:4f:bd:5e:55:8b:e8:4f:8d:
         4d:a2:ae:e7:d7:13:60:59:a8:b4:9d:64:98:ee:7e:66:ec:f5:
         73:48:14:ff:61:a3:86:41:e0:4c:53:d5:47:7b:ef:25:5b:b8:
         88:57:78:98:0f:0c:41:41:0d:36:82:05:26:19:7f:22:30:c5:
         f1:fd:92:bc:f0:97:43:b1:f4:01:eb:3b:c6:73:1a:ed:56:97:
         a3:9b:fa:40:7d:5e:ed:11:b3:a6:e5:92:f3:1e:6a:26:66:d0:
         5c:28:70:63:1d:c6:2b:13:d0:e5:7e:bd:77:1d:87:ea:25:9d:
         27:8c:18:94:85:41:d4:d8:68:d8:1b:e6:a0:05:c4:4b:59:b3:
         b5:2c:f9:5a:d0:2d:8f:ab:f7:e5:d6:8b:74:1c:19:63:d7:0e:
         ee:c2:f4:c6:55:d8:7e:dd:3f:57:62:1d:d3:57:88:23:60:45:
         d9:fb:a7:38:cf:21:c4:a9:cf:6c:f7:ac:e2:54:49:5c:ac:a3:
         d9:89:48:db:c5:19:2a:5c:74:d8:1e:a0:15:eb:36:2f:b6:6e:
         1d:1d:e5:63:14:0c:93:22:84:78:4b:82:44:af:bb:a4:e9:77:
         40:75:91:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYOcSYnM6MY8AUofowijCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODVlYzczZGMxODFmOTkzNTY1OWY1OGFlZDIwODUzMmEy
YzJhNmEwHhcNMjUwODIzMTAwMjExWhcNMjUwODI0MTAwMjExWjAzMTEwLwYDVQQD
EyhlZGMyNWQ3MGUyYmVkNDI0YWJlZjg3ZWZjOTEyOTgwYTU1YzI1MDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/g9xRnLA09iAHD9huPzFG/71zcr
eDRI4ACEAaLNg6bD1nZXXAEWkeX6Nbb2etQebrwGirCTkI9bYXOjzlvKEl85aSLE
ErGgxApAJhiYH/7le+VssL84D4LmzDsgujqVnXo/e0TwnHoCa2GTsbTTqZTjJv7i
BKfhNKqDyC0/zMX4mJMFqTjfzKt1+ZpSTYcU4+0YK1ZLJAXW3rWJze3BeGg9I+Fj
Tx3HPxDSFUms8UDY8msNdXBiJmVV/zSpj33g8TT5y39n6AGsrlMY5Hm9yT+zEBFK
8pM20pPqK244YIL0xZ/DVgiI8DcUooVnin4zZ5V9YSMW6/TlZozL8WVhdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3CXXDivtQkq++H78kSmApVwlALMB8GA1UdIwQY
MBaAFLeF7HPcGB+ZNWWfWK7SCFMqLCpqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lODU0MTgtNjRiMy00NDRiLTkxM2Et
NjNjMmJhNGM5OTZjLzEvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lODU0MTgtNjRiMy00NDRiLTkxM2EtNjNjMmJhNGM5OTZj
LzEvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh8Q5R+5/
q/QaoGkoi7N4kvIaWqrdRBJ7IZU3mE+9XlWL6E+NTaKu59cTYFmotJ1kmO5+Zuz1
c0gU/2GjhkHgTFPVR3vvJVu4iFd4mA8MQUENNoIFJhl/IjDF8f2SvPCXQ7H0Aes7
xnMa7VaXo5v6QH1e7RGzpuWS8x5qJmbQXChwYx3GKxPQ5X69dx2H6iWdJ4wYlIVB
1Nho2BvmoAXES1mztSz5WtAtj6v35daLdBwZY9cO7sL0xlXYft0/V2Id01eII2BF
2funOM8hxKnPbPes4lRJXKyj2YlI28UZKlx02B6gFes2L7ZuHR3lYxQMkyKEeEuC
RK+7pOl3QHWR3g==
-----END CERTIFICATE-----