Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          yItfEiCP0saBO+dn3FWkxiDa/UgSn5kGFNXlgNWAj3U=
Subject key identifier:   D6:CD:D2:D5:FE:C6:9E:34:3E:77:90:17:7B:F4:6D:ED:2C:9E:F0:49
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       0198D5BBED4A139023FFEA748EF4ACA25058
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          0F7B
Signing time:             Sat 23 Aug 2025 07:01:59 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:59 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:59 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: /IZ0lHpjgaZA2IHEGslROz49E98D2/DWXsjqWxJoa20=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:ed:4a:13:90:23:ff:ea:74:8e:f4:ac:a2:50:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Aug 23 07:01:59 2025 GMT
            Not After : Aug 24 07:01:59 2025 GMT
        Subject: CN=d6cdd2d5fec69e343e7790177bf46ded2c9ef049
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:a1:f9:b9:41:66:70:5b:78:44:20:c1:3f:af:
                    54:d7:9f:f9:15:a5:1c:f9:6a:4b:d9:32:3a:ab:6e:
                    30:39:af:aa:55:06:df:1d:31:54:32:60:b7:d1:00:
                    f3:ea:2c:96:f8:62:12:60:1f:8a:51:79:aa:1e:28:
                    2f:5d:95:ab:90:36:13:17:f2:b3:4d:51:3d:27:cc:
                    5e:1d:ee:f4:31:75:f0:96:5d:bd:8e:45:de:34:8e:
                    6f:b6:68:a5:ed:4d:09:d7:b8:62:7b:91:00:07:8d:
                    d1:fa:67:09:6b:b6:1e:57:82:70:a2:ed:67:a9:d6:
                    ea:4b:20:fd:ee:3b:c8:df:15:3a:ad:7e:e7:a3:e2:
                    79:0d:e9:bd:b8:ab:ea:d1:2b:07:f6:01:2b:95:09:
                    f8:66:32:ee:09:21:d5:7c:3d:b7:3b:52:e6:f1:16:
                    ef:49:8a:0a:60:c0:4d:04:01:f6:34:46:f5:a0:c4:
                    94:22:2d:3f:b6:88:cb:1c:ab:e2:90:e3:7f:b1:f7:
                    3d:a3:69:4c:28:d5:cc:85:c3:f5:76:23:43:7c:52:
                    f5:0b:13:7e:08:84:e8:11:02:c6:83:68:8b:36:31:
                    99:45:6f:3e:30:42:c0:f0:83:7e:43:18:8b:0e:c0:
                    ae:8e:ea:65:1a:48:7a:5b:73:ed:39:a6:0d:7b:0e:
                    90:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:CD:D2:D5:FE:C6:9E:34:3E:77:90:17:7B:F4:6D:ED:2C:9E:F0:49
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:49:c7:f1:3a:85:89:0e:7c:be:6b:99:93:1e:4e:12:be:93:
         59:12:44:91:4c:ac:26:32:a2:04:ef:fa:b3:e8:f7:2c:e4:be:
         b4:46:c1:0a:0e:10:a2:6c:e3:44:e8:ad:61:ef:a1:85:26:8d:
         76:a8:cb:a9:73:cc:f2:c1:7e:91:a2:ca:de:44:77:fb:91:3d:
         6c:1e:ad:15:da:18:46:98:23:54:39:21:fb:84:ca:1f:fe:07:
         cc:8f:2c:21:57:f0:92:dc:e9:71:ff:ec:fe:43:4b:c1:ea:d3:
         13:0c:15:dd:55:aa:c1:f5:cd:7d:41:15:97:67:ae:d5:c2:66:
         86:3c:e3:38:62:f8:4a:f3:28:71:a7:b5:52:a3:4c:36:0e:00:
         d6:db:a7:d6:bd:c6:54:d2:c6:e4:7a:4e:89:81:f6:47:71:63:
         24:11:bb:9b:b9:0d:07:3a:f2:cf:5f:de:96:10:61:9f:d7:4a:
         b6:05:5b:fd:87:44:18:a8:c9:bf:3f:54:a1:4b:52:e8:f1:19:
         61:74:26:43:a4:0c:a4:fb:34:3c:00:92:af:aa:e7:73:3a:16:
         29:d1:58:ac:3b:cb:4e:34:c5:63:28:31:f1:3a:32:e8:69:e0:
         4b:5b:0b:72:e7:0a:84:17:f1:3c:a2:7b:2d:5c:43:60:32:bd:
         5f:fd:25:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu+1KE5Aj/+p0jvSsolBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjUwODIzMDcwMTU5WhcNMjUwODI0MDcwMTU5WjAzMTEwLwYDVQQD
EyhkNmNkZDJkNWZlYzY5ZTM0M2U3NzkwMTc3YmY0NmRlZDJjOWVmMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KH5uUFmcFt4RCDBP69U15/5FaUc
+WpL2TI6q24wOa+qVQbfHTFUMmC30QDz6iyW+GISYB+KUXmqHigvXZWrkDYTF/Kz
TVE9J8xeHe70MXXwll29jkXeNI5vtmil7U0J17hie5EAB43R+mcJa7YeV4Jwou1n
qdbqSyD97jvI3xU6rX7no+J5Dem9uKvq0SsH9gErlQn4ZjLuCSHVfD23O1Lm8Rbv
SYoKYMBNBAH2NEb1oMSUIi0/tojLHKvikON/sfc9o2lMKNXMhcP1diNDfFL1CxN+
CIToEQLGg2iLNjGZRW8+MELA8IN+QxiLDsCujuplGkh6W3PtOaYNew6QjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbN0tX+xp40PneQF3v0be0snvBJMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFEnH8TqF
iQ58vmuZkx5OEr6TWRJEkUysJjKiBO/6s+j3LOS+tEbBCg4QomzjROitYe+hhSaN
dqjLqXPM8sF+kaLK3kR3+5E9bB6tFdoYRpgjVDkh+4TKH/4HzI8sIVfwktzpcf/s
/kNLwerTEwwV3VWqwfXNfUEVl2eu1cJmhjzjOGL4SvMocae1UqNMNg4A1tun1r3G
VNLG5HpOiYH2R3FjJBG7m7kNBzryz1/elhBhn9dKtgVb/YdEGKjJvz9UoUtS6PEZ
YXQmQ6QMpPs0PACSr6rnczoWKdFYrDvLTjTFYygx8Toy6GngS1sLcucKhBfxPKJ7
LVxDYDK9X/0l0w==
-----END CERTIFICATE-----