Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
File:                     RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft (raw, json)
Hash identifier:          4h/osxviQUS6ykc+nMcyEoTy20jst15gwSsemv4dVJI=
Subject key identifier:   41:35:04:E1:C8:EA:53:7E:DC:F9:F7:F4:8F:79:F7:C7:9A:D2:14:54
Authority key identifier: 45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE
Certificate issuer:       /CN=4501e85c0025c4ae29528058e232d737c2f495ce
Certificate serial:       0197B7B2E323B60F99A54804E7A1A03BC4DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
Manifest number:          0217
Signing time:             Sat 28 Jun 2025 18:00:43 +0000
Manifest this update:     Sat 28 Jun 2025 18:00:43 +0000
Manifest next update:     Sun 29 Jun 2025 18:00:43 +0000
Files and hashes:         1: RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl (hash: c3s2Pjz/JETRAkLP/wOhY8Ves/33U6Vyflo4CpD66W8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b2:e3:23:b6:0f:99:a5:48:04:e7:a1:a0:3b:c4:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4501e85c0025c4ae29528058e232d737c2f495ce
        Validity
            Not Before: Jun 28 18:00:43 2025 GMT
            Not After : Jun 29 18:00:43 2025 GMT
        Subject: CN=413504e1c8ea537edcf9f7f48f79f7c79ad21454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:06:ff:9a:ea:0f:fb:58:f0:9f:9e:b6:36:4f:
                    bd:17:e5:09:04:81:e0:ec:85:6d:93:bf:93:a1:8b:
                    ce:a1:2d:5b:b9:a3:65:54:a4:02:4a:eb:66:a2:49:
                    86:b0:64:9d:bb:eb:bf:6e:6c:df:5c:26:22:23:89:
                    42:a8:1b:29:0f:45:e2:6e:17:50:1f:26:f0:39:c7:
                    57:88:25:6d:d3:d2:d3:60:56:08:3c:83:2f:bc:55:
                    f5:73:b1:15:82:37:9f:50:2f:4f:04:48:76:69:bd:
                    12:4c:50:66:ad:9d:07:05:59:86:19:56:ae:75:3e:
                    60:21:84:78:4b:e6:10:ac:49:05:f8:57:ff:14:66:
                    e2:e8:c8:52:62:05:60:b8:4f:57:27:2d:b0:07:cc:
                    cc:29:41:d5:e6:39:4b:17:c4:f7:c7:f5:e7:e6:59:
                    14:12:6f:46:d7:b5:3f:31:71:33:72:d5:9e:11:a9:
                    de:0f:e0:35:63:54:80:7e:b4:36:3e:71:97:20:29:
                    f1:5a:48:10:7e:e9:c0:f9:08:4d:10:0f:91:76:82:
                    a3:f7:fc:e4:dd:2f:7e:f8:09:c8:1d:85:37:b7:b2:
                    b8:75:ee:46:8a:d5:59:8b:30:5e:8a:5b:9d:4d:f0:
                    f6:39:71:16:f7:82:31:bb:39:4a:6e:07:c9:91:83:
                    70:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:35:04:E1:C8:EA:53:7E:DC:F9:F7:F4:8F:79:F7:C7:9A:D2:14:54
            X509v3 Authority Key Identifier:
                keyid:45:01:E8:5C:00:25:C4:AE:29:52:80:58:E2:32:D7:37:C2:F4:95:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQHoXAAlxK4pUoBY4jLXN8L0lc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d3e8a8-58ef-4630-bf35-cee64195533c/1/RQHoXAAlxK4pUoBY4jLXN8L0lc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:48:52:39:88:52:a3:57:36:22:2d:9e:8f:ed:1f:f4:47:e2:
         c9:5a:e6:45:2c:8d:50:c5:59:fd:07:83:ff:aa:1d:41:5c:f6:
         a1:64:69:be:bf:99:74:d2:ef:b2:89:d5:ab:5a:a9:88:50:06:
         bc:8a:0e:9f:a1:9b:c9:3e:5e:3e:c9:c7:cc:e9:ad:15:69:3c:
         5b:65:34:36:cb:77:a4:66:ae:43:dc:e7:e4:36:2f:3c:bd:25:
         61:7f:fd:b8:22:25:49:bf:a7:0b:93:44:fb:db:09:c7:f6:2d:
         b9:2b:0f:1a:e5:28:16:0d:9e:90:fa:1c:c8:77:80:f0:5c:9b:
         59:7d:44:56:18:59:a5:89:3d:5e:ac:73:ca:88:54:0e:b3:11:
         3f:0a:4c:b8:18:eb:30:92:a1:de:af:c9:fd:c3:73:ee:f0:69:
         12:ed:f7:03:e3:b0:47:07:0c:5d:ba:76:ae:a4:cc:e0:f2:8d:
         84:c6:58:83:d1:16:31:2e:aa:30:6e:71:59:72:b0:e1:8e:04:
         ef:92:9c:bd:21:25:fd:80:b8:83:30:e6:04:c9:95:0b:33:cb:
         d2:71:54:00:bc:49:9a:d8:00:f0:84:b0:13:98:84:5b:e0:da:
         93:b2:00:5a:56:b9:cb:f4:1a:af:a4:e8:21:f6:bb:d8:9e:92:
         92:e1:21:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3suMjtg+ZpUgE56GgO8TcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MDFlODVjMDAyNWM0YWUyOTUyODA1OGUyMzJkNzM3YzJm
NDk1Y2UwHhcNMjUwNjI4MTgwMDQzWhcNMjUwNjI5MTgwMDQzWjAzMTEwLwYDVQQD
Eyg0MTM1MDRlMWM4ZWE1MzdlZGNmOWY3ZjQ4Zjc5ZjdjNzlhZDIxNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Qb/muoP+1jwn562Nk+9F+UJBIHg
7IVtk7+ToYvOoS1buaNlVKQCSutmokmGsGSdu+u/bmzfXCYiI4lCqBspD0XibhdQ
HybwOcdXiCVt09LTYFYIPIMvvFX1c7EVgjefUC9PBEh2ab0STFBmrZ0HBVmGGVau
dT5gIYR4S+YQrEkF+Ff/FGbi6MhSYgVguE9XJy2wB8zMKUHV5jlLF8T3x/Xn5lkU
Em9G17U/MXEzctWeEaneD+A1Y1SAfrQ2PnGXICnxWkgQfunA+QhNEA+RdoKj9/zk
3S9++AnIHYU3t7K4de5GitVZizBeiludTfD2OXEW94IxuzlKbgfJkYNwDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEE1BOHI6lN+3Pn39I9598ea0hRUMB8GA1UdIwQY
MBaAFEUB6FwAJcSuKVKAWOIy1zfC9JXOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUt
Y2VlNjQxOTU1MzNjLzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kM2U4YTgtNThlZi00NjMwLWJmMzUtY2VlNjQxOTU1MzNj
LzEvUlFIb1hBQWx4SzRwVW9CWTRqTFhOOEwwbGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADkhSOYhS
o1c2Ii2ej+0f9EfiyVrmRSyNUMVZ/QeD/6odQVz2oWRpvr+ZdNLvsonVq1qpiFAG
vIoOn6GbyT5ePsnHzOmtFWk8W2U0Nst3pGauQ9zn5DYvPL0lYX/9uCIlSb+nC5NE
+9sJx/YtuSsPGuUoFg2ekPocyHeA8FybWX1EVhhZpYk9XqxzyohUDrMRPwpMuBjr
MJKh3q/J/cNz7vBpEu33A+OwRwcMXbp2rqTM4PKNhMZYg9EWMS6qMG5xWXKw4Y4E
75KcvSEl/YC4gzDmBMmVCzPL0nFUALxJmtgA8ISwE5iEW+Dak7IAWla5y/Qar6To
Ifa72J6SkuEhCw==
-----END CERTIFICATE-----