Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
File:                     2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft (raw, json)
Hash identifier:          773eUN+wwMPztLaTyrNrKksgEWx6nGeE+9HXi2UqwVE=
Subject key identifier:   5E:FA:64:EE:98:2E:7B:2B:D5:08:9D:BE:9D:3D:7B:6F:CB:6D:8C:9D
Authority key identifier: D9:18:7C:9A:C1:0F:20:51:52:B1:28:EC:DC:21:57:C9:02:49:16:A4
Certificate issuer:       /CN=d9187c9ac10f205152b128ecdc2157c9024916a4
Certificate serial:       0198D65F72D9EEB77C6E65158EEA5B0467E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 10:00:36 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:36 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:36 +0000
Files and hashes:         1: 2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl (hash: I9qUu48ZEcG5b8Fzx0IW6D+SQzxKOSxZ5Szg3V8Ya+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:72:d9:ee:b7:7c:6e:65:15:8e:ea:5b:04:67:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9187c9ac10f205152b128ecdc2157c9024916a4
        Validity
            Not Before: Aug 23 10:00:36 2025 GMT
            Not After : Aug 24 10:00:36 2025 GMT
        Subject: CN=5efa64ee982e7b2bd5089dbe9d3d7b6fcb6d8c9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:1d:78:36:22:d9:0e:e8:a7:58:cd:12:99:58:
                    a9:b0:54:ce:f8:94:b7:4a:3e:6f:15:04:2c:db:26:
                    d7:cc:56:8a:7a:99:75:9a:4d:55:29:10:1e:1a:50:
                    65:39:a4:89:b4:89:58:44:3e:44:42:16:7e:3b:30:
                    d0:b0:49:4e:18:f3:79:f8:e9:3d:b4:61:eb:5f:b6:
                    b5:1e:bc:6b:24:9d:88:66:c4:4e:8d:dc:a0:3c:29:
                    4b:1b:10:68:16:24:21:e0:08:24:64:a8:36:e7:42:
                    80:c6:b1:d5:6b:73:6e:01:84:c5:cf:ef:51:ea:6c:
                    db:10:b2:3e:80:48:51:b4:b2:ab:87:8c:0b:4b:a2:
                    9c:c4:a5:cc:2d:ce:27:31:1d:85:8a:e2:fa:fe:4e:
                    f2:b4:65:aa:84:53:01:dd:f2:33:f8:68:e2:33:3d:
                    1a:b6:10:d0:ea:c4:93:14:3a:38:12:aa:c5:8b:4a:
                    84:9a:93:3b:90:f0:23:18:97:85:05:c3:dd:8a:0b:
                    8d:a4:37:81:7b:67:01:7c:81:e2:c6:36:b4:3b:f1:
                    58:59:93:22:1c:c1:1c:41:78:07:da:3d:15:ad:53:
                    6d:20:85:9b:b7:83:ca:60:5f:c8:72:fa:bf:3b:91:
                    56:39:52:e0:6f:87:a3:10:7a:94:62:5b:68:39:51:
                    f3:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:FA:64:EE:98:2E:7B:2B:D5:08:9D:BE:9D:3D:7B:6F:CB:6D:8C:9D
            X509v3 Authority Key Identifier:
                keyid:D9:18:7C:9A:C1:0F:20:51:52:B1:28:EC:DC:21:57:C9:02:49:16:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:25:43:b6:51:55:db:d5:99:3e:38:c4:5d:0b:d9:98:47:34:
         f2:2d:f8:46:ea:c5:9c:b1:d7:f5:a4:c1:f6:1c:16:8f:7a:4f:
         96:12:bc:c8:b9:e8:28:7f:94:21:8f:88:ac:6b:fe:6c:01:5b:
         4f:55:15:0f:06:27:0c:1f:c1:15:27:1c:b5:73:65:5c:3c:0a:
         f2:f3:f4:7c:77:5c:3d:3c:15:6b:2e:2d:34:7c:7f:67:92:6c:
         93:96:14:0a:72:44:e7:cf:af:5a:d1:d7:e8:a3:e8:47:21:2a:
         f5:08:55:96:a7:6c:14:72:5b:35:d8:dc:7c:d1:f5:7b:7c:1b:
         e6:ab:ef:3a:c1:cd:63:42:d8:9d:66:3f:f9:08:17:c1:92:1b:
         8c:b4:e0:34:29:e7:92:78:63:6b:50:2f:60:65:d5:ad:63:0c:
         db:79:1c:20:8f:b3:61:74:bd:21:4b:d1:e2:ac:06:36:5d:9f:
         4a:6e:db:6b:a0:d3:3e:55:4d:e6:8e:f7:f9:3c:fc:8c:3f:65:
         f5:6a:b8:88:1f:52:30:b7:33:8e:89:9a:8a:4d:6e:80:4d:a1:
         c3:24:c1:95:81:7d:f2:30:58:fb:69:a9:03:9d:7b:f3:7a:af:
         d2:5b:69:bd:2b:9d:61:87:65:3e:af:ea:8d:bd:bc:dc:e7:b6:
         89:15:4c:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX3LZ7rd8bmUVjupbBGfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTg3YzlhYzEwZjIwNTE1MmIxMjhlY2RjMjE1N2M5MDI0
OTE2YTQwHhcNMjUwODIzMTAwMDM2WhcNMjUwODI0MTAwMDM2WjAzMTEwLwYDVQQD
Eyg1ZWZhNjRlZTk4MmU3YjJiZDUwODlkYmU5ZDNkN2I2ZmNiNmQ4YzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB14NiLZDuinWM0SmVipsFTO+JS3
Sj5vFQQs2ybXzFaKepl1mk1VKRAeGlBlOaSJtIlYRD5EQhZ+OzDQsElOGPN5+Ok9
tGHrX7a1HrxrJJ2IZsROjdygPClLGxBoFiQh4AgkZKg250KAxrHVa3NuAYTFz+9R
6mzbELI+gEhRtLKrh4wLS6KcxKXMLc4nMR2FiuL6/k7ytGWqhFMB3fIz+GjiMz0a
thDQ6sSTFDo4EqrFi0qEmpM7kPAjGJeFBcPdiguNpDeBe2cBfIHixja0O/FYWZMi
HMEcQXgH2j0VrVNtIIWbt4PKYF/Icvq/O5FWOVLgb4ejEHqUYltoOVHz0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF76ZO6YLnsr1Qidvp09e2/LbYydMB8GA1UdIwQY
MBaAFNkYfJrBDyBRUrEo7NwhV8kCSRakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80YWQ0NTQtMDA0OC00MTFhLWIxZWEt
MjRiMzA2MDZlMjE5LzEvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80YWQ0NTQtMDA0OC00MTFhLWIxZWEtMjRiMzA2MDZlMjE5
LzEvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoyVDtlFV
29WZPjjEXQvZmEc08i34RurFnLHX9aTB9hwWj3pPlhK8yLnoKH+UIY+IrGv+bAFb
T1UVDwYnDB/BFScctXNlXDwK8vP0fHdcPTwVay4tNHx/Z5Jsk5YUCnJE58+vWtHX
6KPoRyEq9QhVlqdsFHJbNdjcfNH1e3wb5qvvOsHNY0LYnWY/+QgXwZIbjLTgNCnn
knhja1AvYGXVrWMM23kcII+zYXS9IUvR4qwGNl2fSm7ba6DTPlVN5o73+Tz8jD9l
9Wq4iB9SMLczjomaik1ugE2hwyTBlYF98jBY+2mpA51783qv0ltpvSudYYdlPq/q
jb283Oe2iRVMdg==
-----END CERTIFICATE-----