Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
File:                     2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft (raw, json)
Hash identifier:          9KvTJ5KBeCEuk6pUAUggqaApJfOMqMHz2BlvtHHdyo8=
Subject key identifier:   4D:E4:49:E9:65:F5:34:C9:11:07:24:44:51:8E:88:C0:45:58:4E:A0
Authority key identifier: DA:7D:CB:08:1C:73:80:2F:C1:89:5C:6E:B4:A2:72:66:6B:D4:27:9A
Certificate issuer:       /CN=da7dcb081c73802fc1895c6eb4a272666bd4279a
Certificate serial:       0198D47264E9C7E17663CEECFD04F97EF556
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 01:02:03 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:03 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:03 +0000
Files and hashes:         1: 2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl (hash: KcQNrECB3I/ljsQFoSwQWNwh5JjzBAxvpyX/gzUHlIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:64:e9:c7:e1:76:63:ce:ec:fd:04:f9:7e:f5:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da7dcb081c73802fc1895c6eb4a272666bd4279a
        Validity
            Not Before: Aug 23 01:02:03 2025 GMT
            Not After : Aug 24 01:02:03 2025 GMT
        Subject: CN=4de449e965f534c911072444518e88c045584ea0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:e3:10:27:42:ee:17:27:c9:71:c4:59:29:fd:
                    71:c2:1a:dc:13:fc:b6:88:27:0e:9d:7f:53:79:0c:
                    fd:80:72:5a:f4:01:f6:73:b7:45:a8:b7:58:b0:8e:
                    ab:0e:cc:9b:44:37:24:e6:25:ee:95:9c:9c:e4:fc:
                    5e:a7:4b:2a:f5:cd:7b:49:48:3a:b1:fc:78:5d:cb:
                    3b:eb:77:e5:1e:63:5e:0a:5e:03:00:59:65:8d:da:
                    24:0c:af:4e:b2:15:19:47:17:49:f4:2a:13:55:fe:
                    43:c3:3e:53:a9:8c:81:3a:6e:8e:3c:d0:ea:2e:01:
                    eb:67:e2:f1:9f:46:b1:69:ed:97:ca:54:35:dd:51:
                    bd:64:e3:4f:cc:cf:a9:d6:03:52:16:32:45:d2:24:
                    ff:3d:2c:66:2d:88:81:88:4c:bf:84:b8:d3:ef:6b:
                    df:96:86:6a:95:ed:6c:ba:b6:db:fa:0c:ce:1f:db:
                    b8:3f:f5:d2:7c:66:08:ec:6a:3c:4b:4a:be:72:07:
                    02:ae:39:b5:96:d4:21:a1:5b:91:0a:c3:95:2a:c8:
                    91:38:8f:bb:67:49:4d:52:9f:cf:d4:74:5b:41:8d:
                    da:81:8c:60:5d:77:c6:3e:e8:58:8c:3b:18:75:d9:
                    e0:1f:31:14:b8:ad:f9:78:2d:62:f5:9d:fe:0c:a7:
                    e6:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:E4:49:E9:65:F5:34:C9:11:07:24:44:51:8E:88:C0:45:58:4E:A0
            X509v3 Authority Key Identifier:
                keyid:DA:7D:CB:08:1C:73:80:2F:C1:89:5C:6E:B4:A2:72:66:6B:D4:27:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:63:f8:58:47:55:07:45:9f:94:b4:58:6c:83:c2:44:13:d4:
         53:28:6f:d9:96:19:ff:f7:94:e2:f2:f8:61:47:08:9a:4f:63:
         78:b5:47:aa:51:2b:d1:2e:fd:24:0f:59:5e:3c:b6:c9:f3:4f:
         c7:c6:83:2d:d9:e5:28:98:1d:04:66:65:cf:67:6b:95:72:4b:
         33:26:50:b3:74:92:70:6d:92:36:52:cb:17:a5:7e:9b:1c:bb:
         e4:d4:c3:78:18:41:04:61:80:4b:d6:62:09:e4:fb:2e:ce:55:
         99:4f:74:68:05:d0:6f:06:b0:e1:11:b2:4d:31:35:d3:b3:7b:
         59:10:c8:ed:72:65:a1:6d:48:96:b0:0f:02:ac:6b:ad:f8:80:
         2e:ef:d4:35:c7:4d:e2:62:61:79:2e:64:a1:47:d0:58:ff:be:
         90:90:94:2b:d9:89:48:6a:ab:60:89:15:c9:a1:0e:97:ca:a6:
         ed:83:6c:ca:41:3f:dd:04:af:dc:d9:9c:99:8e:81:0e:b4:4e:
         98:46:dd:0e:33:fe:6f:3b:09:6c:6f:5b:2f:78:19:aa:e9:53:
         ad:6e:71:b3:f2:c1:6d:6b:ff:d3:dc:c0:f2:95:41:bb:9e:b0:
         8a:21:5b:05:5b:4c:9f:d4:91:1b:df:b3:63:0c:ea:0b:58:73:
         ae:33:f1:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcmTpx+F2Y87s/QT5fvVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhN2RjYjA4MWM3MzgwMmZjMTg5NWM2ZWI0YTI3MjY2NmJk
NDI3OWEwHhcNMjUwODIzMDEwMjAzWhcNMjUwODI0MDEwMjAzWjAzMTEwLwYDVQQD
Eyg0ZGU0NDllOTY1ZjUzNGM5MTEwNzI0NDQ1MThlODhjMDQ1NTg0ZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OMQJ0LuFyfJccRZKf1xwhrcE/y2
iCcOnX9TeQz9gHJa9AH2c7dFqLdYsI6rDsybRDck5iXulZyc5Pxep0sq9c17SUg6
sfx4Xcs763flHmNeCl4DAFlljdokDK9OshUZRxdJ9CoTVf5Dwz5TqYyBOm6OPNDq
LgHrZ+Lxn0axae2XylQ13VG9ZONPzM+p1gNSFjJF0iT/PSxmLYiBiEy/hLjT72vf
loZqle1surbb+gzOH9u4P/XSfGYI7Go8S0q+cgcCrjm1ltQhoVuRCsOVKsiROI+7
Z0lNUp/P1HRbQY3agYxgXXfGPuhYjDsYddngHzEUuK35eC1i9Z3+DKfmFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3kSell9TTJEQckRFGOiMBFWE6gMB8GA1UdIwQY
MBaAFNp9ywgcc4AvwYlcbrSicmZr1CeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YWJmMTItNDVhNi00ZTJhLWJjODUt
NjhiNjhlNDk5YjRiLzEvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YWJmMTItNDVhNi00ZTJhLWJjODUtNjhiNjhlNDk5YjRi
LzEvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApmP4WEdV
B0WflLRYbIPCRBPUUyhv2ZYZ//eU4vL4YUcImk9jeLVHqlEr0S79JA9ZXjy2yfNP
x8aDLdnlKJgdBGZlz2drlXJLMyZQs3SScG2SNlLLF6V+mxy75NTDeBhBBGGAS9Zi
CeT7Ls5VmU90aAXQbwaw4RGyTTE107N7WRDI7XJloW1IlrAPAqxrrfiALu/UNcdN
4mJheS5koUfQWP++kJCUK9mJSGqrYIkVyaEOl8qm7YNsykE/3QSv3NmcmY6BDrRO
mEbdDjP+bzsJbG9bL3gZqulTrW5xs/LBbWv/09zA8pVBu56wiiFbBVtMn9SRG9+z
YwzqC1hzrjPxsw==
-----END CERTIFICATE-----