Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
File:                     4UYAGfiAaeNhThUQkhzH5E0cq-I.mft (raw, json)
Hash identifier:          0MD3lROJIFY4H6vZxr9sAYgCzLx02hmmMB8VzG1AMUM=
Subject key identifier:   CA:72:6C:89:09:74:41:AC:7E:C0:6E:69:0C:A0:E8:EC:93:37:9C:90
Authority key identifier: E1:46:00:19:F8:80:69:E3:61:4E:15:10:92:1C:C7:E4:4D:1C:AB:E2
Certificate issuer:       /CN=e1460019f88069e3614e1510921cc7e44d1cabe2
Certificate serial:       0198D515EA9B6AC890298D53B300D256C354
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 04:00:39 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:39 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:39 +0000
Files and hashes:         1: 4UYAGfiAaeNhThUQkhzH5E0cq-I.crl (hash: h+dpqfr8TonkoRLBlwBj1bPXxtdJhDZ+lTEM+95Xt34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:ea:9b:6a:c8:90:29:8d:53:b3:00:d2:56:c3:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1460019f88069e3614e1510921cc7e44d1cabe2
        Validity
            Not Before: Aug 23 04:00:39 2025 GMT
            Not After : Aug 24 04:00:39 2025 GMT
        Subject: CN=ca726c89097441ac7ec06e690ca0e8ec93379c90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:11:fe:d4:ba:b7:8d:6e:0a:59:2c:d5:ed:b9:
                    40:40:86:0c:8c:53:72:b6:89:4c:0f:3d:fe:cc:a6:
                    fd:35:44:b1:31:3f:87:cd:bb:ec:3d:02:5e:4c:72:
                    cc:dc:c9:ce:9a:6d:ec:bb:88:af:cc:5a:68:6f:6e:
                    6b:c4:fc:08:0e:34:c0:48:5a:07:b6:5e:98:d2:9c:
                    09:28:68:80:82:3c:75:f2:73:70:86:94:9a:70:5f:
                    7b:a6:ee:da:b6:02:a8:35:09:3a:5e:6b:78:a4:5f:
                    87:39:9f:26:73:6e:e8:75:a9:1a:ce:82:b4:12:38:
                    5f:9e:f5:2a:41:ef:3b:ad:09:46:28:a4:e7:77:74:
                    d4:f9:52:e8:ef:23:af:ee:db:31:90:4e:b2:9b:23:
                    99:1d:4a:1a:3e:16:92:6d:1c:a6:84:63:4b:7c:02:
                    3d:2e:6f:e8:1e:6f:6f:61:64:10:18:f5:53:a0:48:
                    03:37:1c:7d:25:d3:33:97:ce:57:22:ef:19:2a:20:
                    f8:eb:ec:50:a4:52:65:a2:2e:9c:47:53:45:df:de:
                    05:93:29:13:2d:10:31:cf:44:43:12:18:26:8a:c1:
                    e9:72:64:86:49:fd:77:46:f5:3a:7c:85:d6:11:de:
                    d5:b8:f2:b7:d6:46:a9:78:d2:c6:9a:39:77:86:67:
                    0f:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:72:6C:89:09:74:41:AC:7E:C0:6E:69:0C:A0:E8:EC:93:37:9C:90
            X509v3 Authority Key Identifier:
                keyid:E1:46:00:19:F8:80:69:E3:61:4E:15:10:92:1C:C7:E4:4D:1C:AB:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UYAGfiAaeNhThUQkhzH5E0cq-I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3e444d-6720-444a-ae54-fcd1a63c5c45/1/4UYAGfiAaeNhThUQkhzH5E0cq-I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:27:49:36:35:ac:a3:73:c5:6e:7b:05:54:e7:a3:69:3b:86:
         77:d6:e6:03:38:58:e5:b6:17:77:09:53:f8:35:bb:72:a5:2a:
         17:0a:ab:ae:c1:7d:f7:46:0d:d5:7b:d1:b7:8b:34:ab:00:21:
         73:92:ea:89:d4:4e:1c:e6:9e:4d:98:9d:83:f0:cc:5e:1c:a6:
         31:af:7b:ff:41:22:0e:0f:76:47:f8:9b:8d:86:7c:66:1d:81:
         bc:d8:2c:c2:ff:24:d1:59:f0:67:c6:c8:9c:0a:0a:22:31:bb:
         4e:cb:66:42:b0:ee:51:91:b0:3a:5d:35:a7:a0:be:d2:ea:74:
         42:9f:6d:0b:f7:24:f1:72:ee:31:0c:ae:68:d7:3a:39:27:5b:
         f3:3e:36:a3:e5:03:c7:46:24:a8:c3:f6:16:e4:81:16:a2:a2:
         60:07:ef:ba:62:17:8e:c2:bd:6a:28:61:11:74:a1:7a:d1:4f:
         e7:55:78:23:8f:4e:1f:34:fe:e4:d3:fe:07:dc:54:f5:ce:c4:
         9c:b4:fc:22:f0:66:31:ad:ac:f3:f4:ae:b8:b3:3d:36:dc:bd:
         c1:43:2d:f2:50:6c:d9:b3:66:08:2e:5e:18:0e:92:89:2a:f2:
         80:ed:f5:cd:fc:8b:f6:e6:de:c1:e5:43:cc:45:7a:6b:dc:b6:
         02:e0:4f:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFeqbasiQKY1TswDSVsNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNDYwMDE5Zjg4MDY5ZTM2MTRlMTUxMDkyMWNjN2U0NGQx
Y2FiZTIwHhcNMjUwODIzMDQwMDM5WhcNMjUwODI0MDQwMDM5WjAzMTEwLwYDVQQD
EyhjYTcyNmM4OTA5NzQ0MWFjN2VjMDZlNjkwY2EwZThlYzkzMzc5YzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBH+1Lq3jW4KWSzV7blAQIYMjFNy
tolMDz3+zKb9NUSxMT+HzbvsPQJeTHLM3MnOmm3su4ivzFpob25rxPwIDjTASFoH
tl6Y0pwJKGiAgjx18nNwhpSacF97pu7atgKoNQk6Xmt4pF+HOZ8mc27odakazoK0
EjhfnvUqQe87rQlGKKTnd3TU+VLo7yOv7tsxkE6ymyOZHUoaPhaSbRymhGNLfAI9
Lm/oHm9vYWQQGPVToEgDNxx9JdMzl85XIu8ZKiD46+xQpFJloi6cR1NF394FkykT
LRAxz0RDEhgmisHpcmSGSf13RvU6fIXWEd7VuPK31kapeNLGmjl3hmcPswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpybIkJdEGsfsBuaQyg6OyTN5yQMB8GA1UdIwQY
MBaAFOFGABn4gGnjYU4VEJIcx+RNHKviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8zZTQ0NGQtNjcyMC00NDRhLWFlNTQt
ZmNkMWE2M2M1YzQ1LzEvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8zZTQ0NGQtNjcyMC00NDRhLWFlNTQtZmNkMWE2M2M1YzQ1
LzEvNFVZQUdmaUFhZU5oVGhVUWtoekg1RTBjcS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmCdJNjWs
o3PFbnsFVOejaTuGd9bmAzhY5bYXdwlT+DW7cqUqFwqrrsF990YN1XvRt4s0qwAh
c5LqidROHOaeTZidg/DMXhymMa97/0EiDg92R/ibjYZ8Zh2BvNgswv8k0VnwZ8bI
nAoKIjG7TstmQrDuUZGwOl01p6C+0up0Qp9tC/ck8XLuMQyuaNc6OSdb8z42o+UD
x0YkqMP2FuSBFqKiYAfvumIXjsK9aihhEXShetFP51V4I49OHzT+5NP+B9xU9c7E
nLT8IvBmMa2s8/SuuLM9Nty9wUMt8lBs2bNmCC5eGA6SiSrygO31zfyL9ubeweVD
zEV6a9y2AuBPuw==
-----END CERTIFICATE-----