Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
File:                     PbbHfudmfXoeivbnKly0P5_DSA4.mft (raw, json)
Hash identifier:          7GRrFlqCX8fw28AIt0zHZ43oFExLp3ttp9hYHqqchuk=
Subject key identifier:   1F:B6:D1:C9:B7:23:02:89:13:81:8C:D5:0B:7D:1C:F1:50:8B:C0:C9
Authority key identifier: 3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E
Certificate issuer:       /CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
Certificate serial:       0198D5F1BD9099980D0EDC81B23120BBD05F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
Manifest number:          B4
Signing time:             Sat 23 Aug 2025 08:00:46 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:46 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:46 +0000
Files and hashes:         1: PbbHfudmfXoeivbnKly0P5_DSA4.crl (hash: Z3NYs1DaptZk31RWvTljLlktgqKi3iPD900vVb1JLKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:bd:90:99:98:0d:0e:dc:81:b2:31:20:bb:d0:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
        Validity
            Not Before: Aug 23 08:00:46 2025 GMT
            Not After : Aug 24 08:00:46 2025 GMT
        Subject: CN=1fb6d1c9b723028913818cd50b7d1cf1508bc0c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5b:ef:6e:f9:84:c3:80:24:75:56:1d:51:03:
                    89:19:9b:98:c8:2e:2f:af:cf:90:84:42:fb:ce:ae:
                    a2:6f:5c:65:83:a7:81:6d:7a:e3:4c:1e:6d:4d:a8:
                    58:2d:3e:76:da:7f:8b:11:14:55:fe:9e:9b:0d:c4:
                    13:9a:46:e2:1d:c8:11:d9:0f:aa:72:e6:cb:3b:0e:
                    a8:57:e8:c8:6c:65:fa:a9:2b:61:7a:82:53:de:6e:
                    9c:e5:13:82:18:38:32:1b:19:28:04:06:52:66:fd:
                    84:ce:bb:34:d4:9a:1b:7c:06:8a:55:0f:6b:e5:89:
                    12:3e:1f:fc:81:98:4a:98:de:be:02:32:ba:71:0b:
                    a9:cf:95:9e:05:7e:94:75:38:30:67:b3:54:20:62:
                    94:01:8e:f2:5a:1c:54:21:00:8e:21:9c:b5:5e:70:
                    1c:b7:62:14:23:95:57:1c:d6:a6:fb:b5:27:1f:84:
                    aa:c0:fc:f5:30:fb:8e:88:e4:0e:9f:30:1b:15:4a:
                    d8:cc:ef:ea:ed:ed:7a:cc:e6:9d:72:34:a0:ed:47:
                    a2:be:8c:0f:b4:b1:47:c2:af:98:23:3b:3e:72:81:
                    b0:ee:fb:44:72:3b:6f:55:ad:48:a0:8b:9c:8c:2c:
                    4c:12:13:78:fd:e9:e6:9b:f6:6f:33:0f:96:48:f5:
                    05:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:B6:D1:C9:B7:23:02:89:13:81:8C:D5:0B:7D:1C:F1:50:8B:C0:C9
            X509v3 Authority Key Identifier:
                keyid:3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:9e:b0:27:65:9a:09:90:92:03:5b:48:d6:57:00:b2:3d:c3:
         29:52:3d:27:f0:66:7d:21:fe:93:1e:51:f3:60:ed:ca:6d:1a:
         4d:89:00:3d:0a:91:83:5c:90:85:74:94:e0:af:89:73:84:5e:
         12:cc:5a:59:32:1d:03:50:7e:3b:44:70:c2:18:8c:83:d8:f9:
         f3:b1:35:9c:5c:c2:3d:17:11:88:83:39:14:96:e8:ab:85:35:
         ac:09:a2:cb:41:13:eb:ed:c4:f1:9b:4e:6f:dc:e7:d6:0a:f6:
         f1:77:31:36:b2:12:76:74:7c:26:55:0d:5f:b0:ea:b1:2a:7c:
         a7:b8:93:bb:be:cd:52:10:bf:df:8c:68:d1:6a:20:1b:55:cb:
         0d:22:4a:13:84:b8:4f:1d:33:98:84:0c:c6:8a:d5:10:51:23:
         6d:37:1c:d4:02:26:62:ff:61:9b:19:c6:3f:a0:79:44:c1:74:
         68:5c:f8:9c:0d:d0:d5:0e:dd:65:72:8b:26:45:59:0d:42:f9:
         02:2e:97:a3:71:d3:8f:07:52:7b:10:bb:c1:c7:2b:79:87:65:
         cf:1a:07:4b:84:2f:1c:90:8c:0d:67:d5:46:b9:62:90:16:ae:
         1e:fc:e8:ac:49:c9:7c:be:46:25:cf:bd:be:26:79:2e:18:96:
         fc:84:b8:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8b2QmZgNDtyBsjEgu9BfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZjNzdlZTc2NjdkN2ExZThhZjZlNzJhNWNiNDNmOWZj
MzQ4MGUwHhcNMjUwODIzMDgwMDQ2WhcNMjUwODI0MDgwMDQ2WjAzMTEwLwYDVQQD
EygxZmI2ZDFjOWI3MjMwMjg5MTM4MThjZDUwYjdkMWNmMTUwOGJjMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FvvbvmEw4AkdVYdUQOJGZuYyC4v
r8+QhEL7zq6ib1xlg6eBbXrjTB5tTahYLT522n+LERRV/p6bDcQTmkbiHcgR2Q+q
cubLOw6oV+jIbGX6qStheoJT3m6c5ROCGDgyGxkoBAZSZv2Ezrs01JobfAaKVQ9r
5YkSPh/8gZhKmN6+AjK6cQupz5WeBX6UdTgwZ7NUIGKUAY7yWhxUIQCOIZy1XnAc
t2IUI5VXHNam+7UnH4SqwPz1MPuOiOQOnzAbFUrYzO/q7e16zOadcjSg7UeivowP
tLFHwq+YIzs+coGw7vtEcjtvVa1IoIucjCxMEhN4/enmm/ZvMw+WSPUF8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+20cm3IwKJE4GM1Qt9HPFQi8DJMB8GA1UdIwQY
MBaAFD22x37nZn16Hor25ypctD+fw0gOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYt
ZGY2YmRhMzg5OTA1LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYtZGY2YmRhMzg5OTA1
LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU56wJ2Wa
CZCSA1tI1lcAsj3DKVI9J/BmfSH+kx5R82Dtym0aTYkAPQqRg1yQhXSU4K+Jc4Re
EsxaWTIdA1B+O0RwwhiMg9j587E1nFzCPRcRiIM5FJboq4U1rAmiy0ET6+3E8ZtO
b9zn1gr28XcxNrISdnR8JlUNX7DqsSp8p7iTu77NUhC/34xo0WogG1XLDSJKE4S4
Tx0zmIQMxorVEFEjbTcc1AImYv9hmxnGP6B5RMF0aFz4nA3Q1Q7dZXKLJkVZDUL5
Ai6Xo3HTjwdSexC7wccreYdlzxoHS4QvHJCMDWfVRrlikBauHvzorEnJfL5GJc+9
viZ5LhiW/IS4gQ==
-----END CERTIFICATE-----