Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          CIGmCz+i4yBeugmb9n/q6QuE5JzoWMn3uDVzYw9c7NY=
Subject key identifier:   8C:48:30:3F:96:D6:68:86:D6:3A:9A:8D:2E:61:D8:15:FB:0B:C5:DC
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       0198D47400865C9EA4C73F5D3D3688F26746
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0BD3
Signing time:             Sat 23 Aug 2025 01:03:48 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:48 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:48 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: 2M0a+T4nlusRiB3+ykDisxglbZ0et6gKkWCjwcvvMV4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:00:86:5c:9e:a4:c7:3f:5d:3d:36:88:f2:67:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: Aug 23 01:03:48 2025 GMT
            Not After : Aug 24 01:03:48 2025 GMT
        Subject: CN=8c48303f96d66886d63a9a8d2e61d815fb0bc5dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:24:8c:a7:bc:fd:07:47:94:fb:b0:4e:b5:8f:
                    be:1b:a7:c6:cb:d0:a8:63:af:3d:fd:ec:69:d7:7c:
                    29:f1:4d:13:98:d4:e4:57:85:db:0f:64:7d:f7:63:
                    d7:a0:13:ce:d5:4c:eb:19:7a:ca:a7:4f:47:39:4f:
                    34:d7:00:63:25:96:b3:40:7d:d4:43:93:66:a3:59:
                    20:67:10:9d:2f:00:b3:97:5f:0d:d9:63:5d:48:83:
                    3a:ad:f8:51:90:42:ef:0f:a6:d4:84:8e:ef:d2:db:
                    f9:c0:05:59:e5:71:c3:c6:e7:c1:2e:a8:0b:ce:26:
                    06:df:a1:0f:ce:3e:03:82:92:00:0d:d5:05:ba:7e:
                    58:e1:cd:36:01:91:1c:21:0b:a5:5b:9a:c1:18:be:
                    c4:13:df:9b:a2:26:30:ae:a2:60:a5:9a:a7:5f:0e:
                    7d:bb:8b:12:09:45:23:5d:0d:dc:5b:c9:cf:89:10:
                    1f:e2:84:0e:28:f0:3e:71:f4:cb:ac:5a:42:09:dc:
                    bd:f9:5d:b4:30:a3:ed:59:2f:b4:a3:c0:03:3e:1b:
                    dc:c3:97:42:0a:4a:ed:9b:d4:e3:c2:f0:7d:04:8c:
                    b1:29:8d:68:68:3d:1f:af:41:f2:cf:fe:7e:57:6f:
                    d1:a7:0e:52:13:24:4e:62:86:de:51:e7:49:58:c2:
                    f9:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:48:30:3F:96:D6:68:86:D6:3A:9A:8D:2E:61:D8:15:FB:0B:C5:DC
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:29:a4:1f:04:6b:07:1c:0e:7f:a7:ca:73:8a:95:61:3d:ad:
         fd:60:83:9d:0f:85:69:9c:c7:3a:1b:02:7c:5d:4d:3e:13:04:
         a1:cd:a0:96:2a:51:68:ed:30:3a:6d:c6:60:b5:6f:d9:c9:02:
         1e:cb:6e:7e:e0:6f:2c:b3:30:8f:e0:7b:55:8b:df:1d:ba:14:
         75:75:30:9f:96:87:4d:6e:41:e0:d2:fd:8b:fc:c8:bc:7b:86:
         df:19:08:c4:72:5f:42:15:22:c7:9c:ad:d9:32:84:40:e9:0e:
         17:d1:14:01:a0:e3:1d:2d:d5:e3:dc:9b:e2:5e:4b:1e:9e:ae:
         93:5c:34:32:56:9f:4b:84:4e:56:39:ef:9e:5d:51:14:27:87:
         80:cb:e8:bd:d3:d5:85:cd:66:ba:22:88:08:de:c9:1a:36:dd:
         2a:8b:5e:45:10:63:77:0a:3f:f0:3a:42:1d:90:d8:e6:59:80:
         51:b5:de:a1:be:b4:4c:74:02:0d:52:8e:73:04:dd:e0:ed:23:
         69:55:4d:7c:8b:0d:1a:cb:22:3b:40:87:e7:82:41:b1:9d:fd:
         42:30:eb:f0:80:46:36:bf:9b:a2:24:eb:d1:0b:42:9d:92:90:
         c0:0f:e4:f1:f6:03:92:a0:95:f7:e0:53:db:ee:7d:04:4b:3e:
         b9:8a:76:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdACGXJ6kxz9dPTaI8mdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjUwODIzMDEwMzQ4WhcNMjUwODI0MDEwMzQ4WjAzMTEwLwYDVQQD
Eyg4YzQ4MzAzZjk2ZDY2ODg2ZDYzYTlhOGQyZTYxZDgxNWZiMGJjNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ySMp7z9B0eU+7BOtY++G6fGy9Co
Y689/exp13wp8U0TmNTkV4XbD2R992PXoBPO1UzrGXrKp09HOU801wBjJZazQH3U
Q5Nmo1kgZxCdLwCzl18N2WNdSIM6rfhRkELvD6bUhI7v0tv5wAVZ5XHDxufBLqgL
ziYG36EPzj4DgpIADdUFun5Y4c02AZEcIQulW5rBGL7EE9+boiYwrqJgpZqnXw59
u4sSCUUjXQ3cW8nPiRAf4oQOKPA+cfTLrFpCCdy9+V20MKPtWS+0o8ADPhvcw5dC
Ckrtm9TjwvB9BIyxKY1oaD0fr0Hyz/5+V2/Rpw5SEyROYobeUedJWML5DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxIMD+W1miG1jqajS5h2BX7C8XcMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhymkHwRr
BxwOf6fKc4qVYT2t/WCDnQ+FaZzHOhsCfF1NPhMEoc2glipRaO0wOm3GYLVv2ckC
HstufuBvLLMwj+B7VYvfHboUdXUwn5aHTW5B4NL9i/zIvHuG3xkIxHJfQhUix5yt
2TKEQOkOF9EUAaDjHS3V49yb4l5LHp6uk1w0MlafS4ROVjnvnl1RFCeHgMvovdPV
hc1muiKICN7JGjbdKoteRRBjdwo/8DpCHZDY5lmAUbXeob60THQCDVKOcwTd4O0j
aVVNfIsNGssiO0CH54JBsZ39QjDr8IBGNr+boiTr0QtCnZKQwA/k8fYDkqCV9+BT
2+59BEs+uYp2dA==
-----END CERTIFICATE-----