Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          +H/5Xl/mL2Ao58M5sJssR/HL5AA2xlbaQBj3eObbZ8s=
Subject key identifier:   14:41:E8:9E:AE:6F:AF:E0:16:EA:FA:8C:53:FD:7B:D4:4C:8D:4B:03
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       0198D4E00A0841BC3C20252DDE26E8DB2CF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          0F72
Signing time:             Sat 23 Aug 2025 03:01:49 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:49 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:49 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: OxSB+hm5G3vXD+i86+mcDLAYkK03Ug5Z5NW1fcQrtFA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:0a:08:41:bc:3c:20:25:2d:de:26:e8:db:2c:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Aug 23 03:01:49 2025 GMT
            Not After : Aug 24 03:01:49 2025 GMT
        Subject: CN=1441e89eae6fafe016eafa8c53fd7bd44c8d4b03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:7b:37:e3:fe:dc:14:3f:54:f7:0c:6f:3f:5a:
                    0a:48:df:99:b0:57:74:64:d7:45:f6:23:48:d9:94:
                    a3:06:b3:b8:0f:4c:dd:55:e6:79:dd:10:c9:9b:3c:
                    c2:bf:f4:75:83:c6:83:6b:ea:a6:09:7b:7e:21:77:
                    3a:0d:4a:f1:85:6f:8a:3a:fe:3f:2a:78:6b:98:ec:
                    ce:95:dd:3f:f6:31:2d:e8:78:30:5c:cc:fe:ce:c3:
                    73:6d:2e:88:de:53:68:29:89:49:9f:3f:09:58:d5:
                    70:6b:8c:17:16:9c:e3:f9:59:86:ac:69:ff:4e:06:
                    49:2e:7f:8b:63:b4:d3:8c:3b:b6:14:82:2e:8e:8a:
                    8e:6b:cd:8c:4f:31:0e:c4:9e:72:00:f6:3d:bb:67:
                    e7:ab:ac:1e:52:9b:ec:6a:57:75:2d:2f:06:79:0f:
                    21:5a:1d:1c:98:f8:ed:11:83:64:c8:d1:d7:c1:9d:
                    e1:44:51:95:58:52:b4:47:fd:c9:59:2e:76:a0:14:
                    67:4a:54:8b:91:73:4c:7f:2a:d0:51:b7:74:87:47:
                    58:84:52:7d:6a:00:8a:f8:1b:98:98:cb:b1:84:36:
                    7b:3c:3b:14:e5:26:27:ca:e2:97:1d:2d:bc:9c:2a:
                    21:3d:63:0a:49:b8:3c:37:73:b8:6f:30:35:14:08:
                    91:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:41:E8:9E:AE:6F:AF:E0:16:EA:FA:8C:53:FD:7B:D4:4C:8D:4B:03
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:cb:45:9c:a3:2a:32:76:84:29:ea:ed:11:0e:d9:5f:0a:f9:
         72:d2:99:bc:87:ab:3c:f3:c1:32:63:ef:6e:68:9d:cb:b1:18:
         74:c7:d3:9a:d2:7c:5f:9a:6d:df:b8:7c:76:31:d4:ec:7f:83:
         73:84:1f:f0:b0:29:00:fc:36:e0:06:8c:ee:9a:10:8e:80:e0:
         15:67:38:89:df:7c:ab:f6:d6:44:41:aa:80:de:50:bf:fc:8f:
         0d:12:20:7a:9b:e0:36:32:25:bc:08:d1:fc:e1:5b:e3:f8:7b:
         27:5d:48:e9:36:58:50:d3:c8:9c:c4:bd:87:17:ef:58:11:ac:
         ba:77:e6:73:97:ea:d2:18:25:b0:75:c8:24:3b:f5:8f:58:62:
         ae:e7:27:b1:c5:a6:4d:d7:01:ba:bb:2b:a3:b0:cd:f8:22:c8:
         28:86:00:4f:07:b7:0e:94:de:1a:a1:df:5f:b6:c9:08:e0:81:
         3b:38:3e:3e:5b:f6:cd:df:9e:ca:db:80:4c:f6:9a:eb:fb:03:
         5e:ff:97:5d:be:13:9d:1d:cd:af:37:3e:8c:34:63:08:86:6a:
         30:79:e1:8e:51:42:3c:01:43:6a:21:1d:fa:3b:bb:9c:b9:69:
         bc:03:14:a2:72:7c:e4:21:99:49:0e:af:e7:39:3c:01:6e:44:
         8b:b2:9e:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4AoIQbw8ICUt3ibo2yz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjUwODIzMDMwMTQ5WhcNMjUwODI0MDMwMTQ5WjAzMTEwLwYDVQQD
EygxNDQxZTg5ZWFlNmZhZmUwMTZlYWZhOGM1M2ZkN2JkNDRjOGQ0YjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXs34/7cFD9U9wxvP1oKSN+ZsFd0
ZNdF9iNI2ZSjBrO4D0zdVeZ53RDJmzzCv/R1g8aDa+qmCXt+IXc6DUrxhW+KOv4/
KnhrmOzOld0/9jEt6HgwXMz+zsNzbS6I3lNoKYlJnz8JWNVwa4wXFpzj+VmGrGn/
TgZJLn+LY7TTjDu2FIIujoqOa82MTzEOxJ5yAPY9u2fnq6weUpvsald1LS8GeQ8h
Wh0cmPjtEYNkyNHXwZ3hRFGVWFK0R/3JWS52oBRnSlSLkXNMfyrQUbd0h0dYhFJ9
agCK+BuYmMuxhDZ7PDsU5SYnyuKXHS28nCohPWMKSbg8N3O4bzA1FAiRvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRB6J6ub6/gFur6jFP9e9RMjUsDMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASstFnKMq
MnaEKertEQ7ZXwr5ctKZvIerPPPBMmPvbmidy7EYdMfTmtJ8X5pt37h8djHU7H+D
c4Qf8LApAPw24AaM7poQjoDgFWc4id98q/bWREGqgN5Qv/yPDRIgepvgNjIlvAjR
/OFb4/h7J11I6TZYUNPInMS9hxfvWBGsunfmc5fq0hglsHXIJDv1j1hirucnscWm
TdcBursro7DN+CLIKIYATwe3DpTeGqHfX7bJCOCBOzg+Plv2zd+eytuATPaa6/sD
Xv+XXb4TnR3Nrzc+jDRjCIZqMHnhjlFCPAFDaiEd+ju7nLlpvAMUonJ85CGZSQ6v
5zk8AW5Ei7KeHw==
-----END CERTIFICATE-----