Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
File:                     4UYAGfiAaeNhThUQkhzH5E0cq-I.mft (raw, json)
Hash identifier:          cvUxoAv0eyMJmzNIpQWUhb1bW3iMeXSMI0v9LiaS1Sk=
Subject key identifier:   14:EF:54:77:14:AA:E3:09:8A:F3:2C:77:F4:52:B0:84:C3:A5:FF:B5
Authority key identifier: E1:46:00:19:F8:80:69:E3:61:4E:15:10:92:1C:C7:E4:4D:1C:AB:E2
Certificate issuer:       /CN=e1460019f88069e3614e1510921cc7e44d1cabe2
Certificate serial:       0197B745A3448211B7C680AF7673B21BBCF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 16:01:23 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:23 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:23 +0000
Files and hashes:         1: 4UYAGfiAaeNhThUQkhzH5E0cq-I.crl (hash: H7mNJWMOKYyrYVhI5Y1Nvy3AIMnn4LVryNTyQa2b0A0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:a3:44:82:11:b7:c6:80:af:76:73:b2:1b:bc:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1460019f88069e3614e1510921cc7e44d1cabe2
        Validity
            Not Before: Jun 28 16:01:23 2025 GMT
            Not After : Jun 29 16:01:23 2025 GMT
        Subject: CN=14ef547714aae3098af32c77f452b084c3a5ffb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:64:6c:f0:23:71:e2:a6:da:65:96:cf:89:be:
                    80:ad:7b:65:37:5d:bd:e9:49:04:50:a0:9c:87:ba:
                    ec:1d:8b:c8:47:b7:be:80:48:6e:5d:2d:a1:14:f2:
                    21:99:b6:02:b5:94:86:3b:8e:bf:2c:ce:a5:7d:fb:
                    bf:6f:a9:05:bc:26:a9:cf:a7:c1:5c:6c:f2:04:6f:
                    5d:c1:2e:66:76:a0:2c:c3:89:ee:a6:fb:82:d2:23:
                    6c:a1:14:b2:60:b4:24:30:fd:c0:85:48:36:9e:b3:
                    a3:b8:76:3c:dd:13:fa:2d:0a:a9:90:d1:e7:05:76:
                    44:98:3b:f0:22:0b:60:7b:60:74:17:90:41:b8:e4:
                    61:21:bd:b7:5f:26:cb:78:2d:3e:77:56:5f:9a:ce:
                    9a:35:3d:55:96:97:85:c3:35:05:20:2f:10:84:21:
                    23:08:88:24:a3:77:b0:25:e9:1f:f1:98:41:c3:00:
                    4e:73:cb:ef:74:8e:3a:2b:3c:30:06:26:f1:4f:9c:
                    b5:b3:0a:c9:c9:16:5a:ad:5f:22:8a:6e:6d:4b:98:
                    5b:42:a0:68:c1:b2:8a:4b:e2:50:1c:40:63:1d:e4:
                    65:f5:2d:95:ee:f7:20:f9:ae:cb:f6:74:18:d4:47:
                    1b:d7:9d:99:02:bb:ee:ff:fb:cb:64:bc:54:ef:a4:
                    d5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:EF:54:77:14:AA:E3:09:8A:F3:2C:77:F4:52:B0:84:C3:A5:FF:B5
            X509v3 Authority Key Identifier:
                keyid:E1:46:00:19:F8:80:69:E3:61:4E:15:10:92:1C:C7:E4:4D:1C:AB:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:87:c7:15:9c:0e:4b:cf:a3:8c:d5:de:92:ff:fe:44:36:58:
         7c:50:32:3a:c1:95:31:3d:8f:f4:36:29:a7:07:7b:86:25:69:
         52:ca:82:79:1f:cd:f0:89:02:3b:6e:2b:46:b5:9e:58:2f:19:
         4d:63:0f:ae:14:1e:52:de:7d:14:6f:83:b2:07:4a:4f:31:e1:
         93:71:94:d9:d5:fc:f3:50:6d:ab:66:2c:d3:7c:be:b2:a4:ce:
         97:97:21:bb:12:26:90:ac:fe:e5:36:37:9a:d5:3f:94:89:34:
         bd:4c:36:f7:13:04:35:03:0a:6b:8b:16:b0:14:40:2d:7c:3f:
         47:c6:29:56:f3:68:b1:e6:2d:9f:84:27:16:c3:ae:53:49:bd:
         55:60:6f:18:b5:5b:23:21:4b:66:cc:be:66:c2:65:ef:d2:15:
         4a:7b:4c:e7:a1:b7:bb:8b:87:db:63:0b:db:36:ad:c2:64:1d:
         4e:20:4a:3d:05:82:be:f6:a0:a1:f8:73:52:fc:55:7e:87:89:
         e1:9d:33:c9:70:47:cc:63:c6:16:5d:f4:b4:27:12:78:27:27:
         f1:89:ce:21:0f:ea:98:26:db:6d:5a:49:71:83:45:51:e7:ce:
         8f:c4:42:d8:6e:fc:d8:a3:0c:ae:d9:c0:7f:61:5b:ae:48:43:
         2b:ff:cf:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RaNEghG3xoCvdnOyG7zzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNDYwMDE5Zjg4MDY5ZTM2MTRlMTUxMDkyMWNjN2U0NGQx
Y2FiZTIwHhcNMjUwNjI4MTYwMTIzWhcNMjUwNjI5MTYwMTIzWjAzMTEwLwYDVQQD
EygxNGVmNTQ3NzE0YWFlMzA5OGFmMzJjNzdmNDUyYjA4NGMzYTVmZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWRs8CNx4qbaZZbPib6ArXtlN129
6UkEUKCch7rsHYvIR7e+gEhuXS2hFPIhmbYCtZSGO46/LM6lffu/b6kFvCapz6fB
XGzyBG9dwS5mdqAsw4nupvuC0iNsoRSyYLQkMP3AhUg2nrOjuHY83RP6LQqpkNHn
BXZEmDvwIgtge2B0F5BBuORhIb23XybLeC0+d1Zfms6aNT1VlpeFwzUFIC8QhCEj
CIgko3ewJekf8ZhBwwBOc8vvdI46KzwwBibxT5y1swrJyRZarV8iim5tS5hbQqBo
wbKKS+JQHEBjHeRl9S2V7vcg+a7L9nQY1Ecb152ZArvu//vLZLxU76TV3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTvVHcUquMJivMsd/RSsITDpf+1MB8GA1UdIwQY
MBaAFOFGABn4gGnjYU4VEJIcx+RNHKviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8zZTQ0NGQtNjcyMC00NDRhLWFlNTQt
ZmNkMWE2M2M1YzQ1LzEvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8zZTQ0NGQtNjcyMC00NDRhLWFlNTQtZmNkMWE2M2M1YzQ1
LzEvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYfHFZwO
S8+jjNXekv/+RDZYfFAyOsGVMT2P9DYppwd7hiVpUsqCeR/N8IkCO24rRrWeWC8Z
TWMPrhQeUt59FG+DsgdKTzHhk3GU2dX881Btq2Ys03y+sqTOl5chuxImkKz+5TY3
mtU/lIk0vUw29xMENQMKa4sWsBRALXw/R8YpVvNoseYtn4QnFsOuU0m9VWBvGLVb
IyFLZsy+ZsJl79IVSntM56G3u4uH22ML2zatwmQdTiBKPQWCvvagofhzUvxVfoeJ
4Z0zyXBHzGPGFl30tCcSeCcn8YnOIQ/qmCbbbVpJcYNFUefOj8RC2G782KMMrtnA
f2FbrkhDK//PKA==
-----END CERTIFICATE-----