Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
File:                     4iUB2aQBcJg48z0a4nm85xALPM8.mft (raw, json)
Hash identifier:          7E8vJmryrtWLrmYOu1o6zQIyeaiMZhrW+PhpzwiLyRs=
Subject key identifier:   C9:0A:CA:FF:EC:19:62:AA:9F:74:12:7E:88:88:50:2C:5C:BF:A2:8B
Authority key identifier: E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF
Certificate issuer:       /CN=e22501d9a401709838f33d1ae279bce7100b3ccf
Certificate serial:       0199FDD9B2B0F87D853BC1BDFDF0601C5BAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
Manifest number:          115A
Signing time:             Sun 19 Oct 2025 19:02:06 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:06 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:06 +0000
Files and hashes:         1: 4iUB2aQBcJg48z0a4nm85xALPM8.crl (hash: 9EaZw90mRWhC2zKMFpdW5OHgiiK6WiGHJhH0fZm9hPQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:b2:b0:f8:7d:85:3b:c1:bd:fd:f0:60:1c:5b:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e22501d9a401709838f33d1ae279bce7100b3ccf
        Validity
            Not Before: Oct 19 19:02:06 2025 GMT
            Not After : Oct 20 19:02:06 2025 GMT
        Subject: CN=c90acaffec1962aa9f74127e8888502c5cbfa28b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f6:33:48:0d:08:04:3a:a9:da:67:fb:6e:92:
                    82:b4:cc:21:40:dc:bf:cc:81:74:50:81:08:d2:bc:
                    0a:f0:37:63:29:44:cc:72:f1:cb:a9:1c:9a:a1:f2:
                    31:1f:f1:4e:03:17:a3:21:73:1f:a4:b5:95:8b:58:
                    eb:0a:95:52:03:81:de:87:20:7a:f6:ef:9d:78:e9:
                    1b:ff:91:6f:a6:c8:6e:6b:24:26:ea:8a:b1:20:0f:
                    33:7b:57:d4:22:fb:82:f6:4a:c3:1a:d5:d4:86:78:
                    c8:79:5a:a2:3f:f8:69:42:06:1a:96:0b:46:50:4e:
                    c2:dc:a0:14:7e:18:95:04:27:c4:e8:af:a5:63:07:
                    cb:9b:7f:f7:5d:29:f5:44:b1:8e:aa:94:10:3d:7c:
                    c1:3c:91:cf:ab:6f:db:d0:6b:46:1f:a0:9c:45:b4:
                    b5:68:ab:84:88:0d:75:68:e2:e9:15:08:f7:5d:59:
                    0e:38:2e:69:67:95:fe:9b:2d:89:11:64:d3:aa:d5:
                    87:db:e8:6c:43:38:52:41:1e:a6:2d:c3:93:0e:f5:
                    95:fd:1c:36:5f:26:91:4d:d4:fd:96:79:6f:67:e2:
                    34:6c:c6:2f:f3:31:c7:de:ad:5e:60:6b:f0:0a:43:
                    62:0c:f7:fd:64:94:b1:a5:79:4d:2e:7c:fd:48:53:
                    b9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:0A:CA:FF:EC:19:62:AA:9F:74:12:7E:88:88:50:2C:5C:BF:A2:8B
            X509v3 Authority Key Identifier:
                keyid:E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:bf:6e:c7:43:9f:44:89:0d:a5:fa:46:bb:a7:bb:39:55:80:
         40:da:d4:12:5b:fe:bc:ec:30:6e:fc:dd:5b:be:d4:38:90:4f:
         51:24:16:36:25:4d:b9:9a:7a:b1:81:ec:bf:64:d0:2d:88:25:
         75:36:45:91:a2:4b:e3:87:c5:97:7b:be:a2:da:8a:c8:f7:fd:
         18:33:4d:59:d5:0d:74:35:bc:2b:4c:97:d2:73:10:de:d7:da:
         3a:85:c5:7e:26:69:a0:ee:41:0f:f4:b5:de:c5:3b:5e:e6:eb:
         c2:95:a3:e9:b7:ea:85:7a:83:a2:91:9f:53:c2:82:3e:cc:bc:
         fa:73:ba:d1:5a:7d:20:ee:f3:7f:b5:0c:7d:3a:aa:00:5a:80:
         1d:96:61:4f:3e:52:e6:8b:64:e7:3d:41:0e:b0:5c:ce:ef:23:
         2b:db:f6:3e:7f:2f:58:06:52:b6:e7:e6:48:65:aa:a0:e0:d4:
         11:8a:1e:b8:93:79:f3:6b:2f:4d:b2:75:4f:5a:02:be:7c:a2:
         e2:c5:99:23:87:70:69:ba:5a:bd:94:94:b8:ff:17:3f:df:ea:
         23:38:60:3f:16:59:3f:6a:0e:7b:cb:b1:45:38:19:58:2e:ad:
         6f:35:35:14:21:6a:c8:04:3d:11:76:66:70:eb:be:82:06:4a:
         83:8b:99:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92bKw+H2FO8G9/fBgHFuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjUwMWQ5YTQwMTcwOTgzOGYzM2QxYWUyNzliY2U3MTAw
YjNjY2YwHhcNMjUxMDE5MTkwMjA2WhcNMjUxMDIwMTkwMjA2WjAzMTEwLwYDVQQD
EyhjOTBhY2FmZmVjMTk2MmFhOWY3NDEyN2U4ODg4NTAyYzVjYmZhMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfYzSA0IBDqp2mf7bpKCtMwhQNy/
zIF0UIEI0rwK8DdjKUTMcvHLqRyaofIxH/FOAxejIXMfpLWVi1jrCpVSA4HehyB6
9u+deOkb/5FvpshuayQm6oqxIA8ze1fUIvuC9krDGtXUhnjIeVqiP/hpQgYalgtG
UE7C3KAUfhiVBCfE6K+lYwfLm3/3XSn1RLGOqpQQPXzBPJHPq2/b0GtGH6CcRbS1
aKuEiA11aOLpFQj3XVkOOC5pZ5X+my2JEWTTqtWH2+hsQzhSQR6mLcOTDvWV/Rw2
XyaRTdT9lnlvZ+I0bMYv8zHH3q1eYGvwCkNiDPf9ZJSxpXlNLnz9SFO5oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkKyv/sGWKqn3QSfoiIUCxcv6KLMB8GA1UdIwQY
MBaAFOIlAdmkAXCYOPM9GuJ5vOcQCzzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3Njgt
Zjk4MTFlZTNmYTg3LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3NjgtZjk4MTFlZTNmYTg3
LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAar9ux0Of
RIkNpfpGu6e7OVWAQNrUElv+vOwwbvzdW77UOJBPUSQWNiVNuZp6sYHsv2TQLYgl
dTZFkaJL44fFl3u+otqKyPf9GDNNWdUNdDW8K0yX0nMQ3tfaOoXFfiZpoO5BD/S1
3sU7XubrwpWj6bfqhXqDopGfU8KCPsy8+nO60Vp9IO7zf7UMfTqqAFqAHZZhTz5S
5otk5z1BDrBczu8jK9v2Pn8vWAZStufmSGWqoODUEYoeuJN582svTbJ1T1oCvnyi
4sWZI4dwabpavZSUuP8XP9/qIzhgPxZZP2oOe8uxRTgZWC6tbzU1FCFqyAQ9EXZm
cOu+ggZKg4uZ7w==
-----END CERTIFICATE-----