Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File:                     Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier:          r1C3z0HVz4YU9ZtL8aVpbvftJBZaCE8xOdEyXEpOQWg=
Subject key identifier:   4E:4E:3A:71:04:5E:D3:22:52:35:67:D2:67:FC:F3:32:87:C9:E9:38
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer:       /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial:       0198D73BD1CF16A4EC819B5F95B16F36ECCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 14:01:18 +0000
Manifest this update:     Sat 23 Aug 2025 14:01:18 +0000
Manifest next update:     Sun 24 Aug 2025 14:01:18 +0000
Files and hashes:         1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: dCBpvtiuAvIzLUnCu1tCkI8P9iYNTc+Rocy03GswhX8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3b:d1:cf:16:a4:ec:81:9b:5f:95:b1:6f:36:ec:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
        Validity
            Not Before: Aug 23 14:01:18 2025 GMT
            Not After : Aug 24 14:01:18 2025 GMT
        Subject: CN=4e4e3a71045ed322523567d267fcf33287c9e938
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:33:f7:ad:02:ce:df:ab:04:4d:b7:6f:ed:56:
                    70:06:1e:86:9e:32:b3:58:49:1b:7c:97:4a:b5:a2:
                    ec:ea:1d:b3:b5:5f:67:51:21:79:1b:be:29:9a:b1:
                    a9:37:9b:05:56:8d:ca:f5:fe:d5:a1:7a:ec:4c:7a:
                    d3:26:a7:fe:76:00:9f:57:a7:07:84:46:83:f5:08:
                    43:f2:69:a5:68:49:16:6d:bc:2a:c9:58:d7:d8:0e:
                    a2:9d:84:44:c5:52:a9:65:5e:03:54:77:a3:7f:5d:
                    cb:d5:93:d6:c8:eb:06:87:2e:23:bb:c4:14:fb:2a:
                    c9:d3:a9:7c:a5:67:ea:1e:5d:f8:9c:a7:de:89:c2:
                    5c:e0:5c:4d:4d:dd:9e:95:86:31:75:0a:fb:35:7e:
                    42:98:d8:e0:aa:85:6f:66:21:6e:9a:bf:1b:cb:f8:
                    55:d8:69:1a:38:1c:a8:78:5e:5f:f3:af:ed:8e:db:
                    39:7b:20:3b:5c:e9:4b:0f:3f:38:62:80:99:2b:6d:
                    97:2f:8d:2c:78:45:ef:9e:88:51:89:ce:e8:c6:b8:
                    f3:0c:e0:c0:45:e6:6b:33:63:a8:a3:31:cb:53:62:
                    e2:ab:cd:18:d9:28:c2:4d:63:7c:a8:fa:48:66:55:
                    fd:a7:db:5c:75:15:d9:2b:07:c5:ff:94:ab:fa:d2:
                    0b:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:4E:3A:71:04:5E:D3:22:52:35:67:D2:67:FC:F3:32:87:C9:E9:38
            X509v3 Authority Key Identifier:
                keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:70:7e:1f:e7:1f:18:0d:94:b2:7b:36:85:47:9a:9a:1a:fc:
         3c:34:1e:c0:04:0e:59:94:d4:3f:ef:e6:b4:62:06:c5:75:50:
         f9:e7:4f:5d:bd:cd:e4:d0:83:61:b1:6a:9e:38:12:e8:e9:2e:
         fe:c1:aa:69:ae:d6:e2:64:35:92:0a:6a:89:d5:ca:79:fc:e6:
         ea:c4:77:4e:28:b6:c8:dc:ce:c7:47:4a:44:40:cc:58:7e:9d:
         bc:0e:f7:41:64:0a:a3:3c:7c:4f:4b:65:17:eb:9b:16:f6:ac:
         e3:21:9e:69:47:f8:af:13:40:8b:cb:0f:54:34:65:40:60:5e:
         56:d3:7e:a8:77:bf:38:d8:f1:d4:9d:56:fe:57:8b:05:a4:13:
         bb:e1:90:81:bb:df:44:8f:dd:5d:b4:bc:bf:66:dc:08:cc:fd:
         b9:b5:3c:63:20:99:5f:54:d5:15:9d:a7:61:5e:ac:18:23:ba:
         00:d6:53:39:34:34:ee:39:0a:84:49:0c:98:b5:2e:91:f2:9b:
         81:8e:21:3c:c7:b6:ff:0f:10:5f:f7:f6:0c:19:9f:d6:27:e1:
         a9:32:71:56:8a:5c:82:ab:0e:78:c7:5a:11:06:25:02:b5:fb:
         81:3b:ba:11:5f:f6:6b:30:ff:15:a3:2a:32:59:31:f2:22:30:
         79:94:a5:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXO9HPFqTsgZtflbFvNuzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjUwODIzMTQwMTE4WhcNMjUwODI0MTQwMTE4WjAzMTEwLwYDVQQD
Eyg0ZTRlM2E3MTA0NWVkMzIyNTIzNTY3ZDI2N2ZjZjMzMjg3YzllOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzP3rQLO36sETbdv7VZwBh6GnjKz
WEkbfJdKtaLs6h2ztV9nUSF5G74pmrGpN5sFVo3K9f7VoXrsTHrTJqf+dgCfV6cH
hEaD9QhD8mmlaEkWbbwqyVjX2A6inYRExVKpZV4DVHejf13L1ZPWyOsGhy4ju8QU
+yrJ06l8pWfqHl34nKfeicJc4FxNTd2elYYxdQr7NX5CmNjgqoVvZiFumr8by/hV
2GkaOByoeF5f86/tjts5eyA7XOlLDz84YoCZK22XL40seEXvnohRic7oxrjzDODA
ReZrM2OoozHLU2Liq80Y2SjCTWN8qPpIZlX9p9tcdRXZKwfF/5Sr+tILrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5OOnEEXtMiUjVn0mf88zKHyek4MB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf3B+H+cf
GA2Usns2hUeamhr8PDQewAQOWZTUP+/mtGIGxXVQ+edPXb3N5NCDYbFqnjgS6Oku
/sGqaa7W4mQ1kgpqidXKefzm6sR3Tii2yNzOx0dKREDMWH6dvA73QWQKozx8T0tl
F+ubFvas4yGeaUf4rxNAi8sPVDRlQGBeVtN+qHe/ONjx1J1W/leLBaQTu+GQgbvf
RI/dXbS8v2bcCMz9ubU8YyCZX1TVFZ2nYV6sGCO6ANZTOTQ07jkKhEkMmLUukfKb
gY4hPMe2/w8QX/f2DBmf1ifhqTJxVopcgqsOeMdaEQYlArX7gTu6EV/2azD/FaMq
Mlkx8iIweZSlcw==
-----END CERTIFICATE-----