Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
File:                     4iUB2aQBcJg48z0a4nm85xALPM8.mft (raw, json)
Hash identifier:          Je01Fzo25hWXc0IhYG4WhKKFzMG0brDJ0HQpOSCu0Qk=
Subject key identifier:   92:DB:6A:8F:AE:B5:FF:16:3E:2F:BC:5D:EF:64:9E:DF:E8:F0:85:D3
Authority key identifier: E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF
Certificate issuer:       /CN=e22501d9a401709838f33d1ae279bce7100b3ccf
Certificate serial:       0197B88F7E3F4F662C5D1EEF2E0638C03F35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
Manifest number:          102D
Signing time:             Sat 28 Jun 2025 22:01:41 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:41 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:41 +0000
Files and hashes:         1: 4iUB2aQBcJg48z0a4nm85xALPM8.crl (hash: Ba5r9urIWTYpbPr3PjjOGrtoEU1lSKivtZOW4cobZvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:7e:3f:4f:66:2c:5d:1e:ef:2e:06:38:c0:3f:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e22501d9a401709838f33d1ae279bce7100b3ccf
        Validity
            Not Before: Jun 28 22:01:41 2025 GMT
            Not After : Jun 29 22:01:41 2025 GMT
        Subject: CN=92db6a8faeb5ff163e2fbc5def649edfe8f085d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:75:4f:05:28:d6:94:a5:e1:4c:1d:8e:3e:ce:
                    48:10:f3:ca:18:37:69:c4:e2:54:46:75:a4:87:be:
                    e8:76:48:9e:b7:5d:32:f0:b7:8f:f3:88:72:0e:d0:
                    52:1f:e4:f3:9a:c2:28:30:76:f1:fc:c0:8e:e3:85:
                    6c:bb:ff:d7:07:02:33:51:b0:fe:8b:61:78:98:26:
                    f0:43:ef:da:ea:50:36:74:89:dd:f7:7b:cf:30:45:
                    29:fc:d5:b0:66:06:03:c9:6f:3d:9f:63:a1:56:97:
                    bf:89:fd:5f:94:d6:cd:85:65:39:ad:15:df:21:cc:
                    39:2e:b3:06:40:e5:fb:c0:6c:ff:f9:e1:59:e1:fa:
                    dd:f8:94:2b:42:ba:66:e0:af:b3:ea:e0:24:e9:b7:
                    b5:96:c9:6f:b4:f2:8c:7a:a0:26:4e:8d:9d:c5:74:
                    1d:07:1d:ec:07:f4:e3:27:63:f2:c2:26:c9:c9:71:
                    7d:ac:e4:c0:b8:18:48:9f:66:f4:c9:15:8f:90:23:
                    3f:a1:66:c6:e8:c4:c7:76:8f:98:8a:0f:b5:72:73:
                    28:84:e6:48:b5:26:bc:51:05:9a:ab:3e:6a:55:49:
                    5b:0d:66:47:52:43:20:c6:b8:e8:12:ee:98:a6:d9:
                    1a:17:ce:82:02:d2:1c:a1:15:cc:20:e9:e0:b4:56:
                    a5:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:DB:6A:8F:AE:B5:FF:16:3E:2F:BC:5D:EF:64:9E:DF:E8:F0:85:D3
            X509v3 Authority Key Identifier:
                keyid:E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:71:1a:27:ef:dc:10:88:b5:38:04:05:9a:d7:5e:68:75:fa:
         3c:82:5a:5f:73:65:f8:77:e9:89:94:b1:6c:c6:97:ca:e0:a0:
         67:b4:ba:d8:8d:ec:7e:b3:6a:31:ba:e3:28:0a:06:d4:49:1f:
         90:d5:37:6e:f0:87:07:13:c7:de:8f:54:e4:40:3e:04:fc:95:
         a2:93:4d:b5:0f:3a:f7:9d:0c:56:9f:59:3b:ca:5c:e3:73:0f:
         fe:2b:66:0f:bf:25:27:90:b4:ed:d2:6c:73:a4:4a:0a:41:ff:
         01:1a:b9:62:a1:04:f6:84:c9:fa:72:db:7a:42:bb:72:84:6e:
         a9:1e:ed:a0:6e:6d:8a:06:52:f7:99:11:d5:a7:94:56:25:47:
         f4:5a:6a:c6:70:ea:cd:38:9b:10:e3:b4:e8:89:c0:04:cc:8d:
         3e:e7:26:4d:87:1d:68:73:04:79:c8:67:a2:f8:a4:c6:c3:46:
         3b:74:c2:ca:fb:bb:63:21:24:30:34:83:a0:75:9b:12:cf:d6:
         92:b3:59:e1:bc:29:f3:ce:a3:fb:29:7f:d3:2b:33:fc:49:83:
         65:66:b2:81:50:a0:25:7e:95:5c:6d:65:bc:13:0c:a9:bb:95:
         90:b4:0c:2c:9c:7b:48:6e:ae:aa:df:7d:91:ec:a4:b1:da:59:
         51:ef:20:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j34/T2YsXR7vLgY4wD81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjUwMWQ5YTQwMTcwOTgzOGYzM2QxYWUyNzliY2U3MTAw
YjNjY2YwHhcNMjUwNjI4MjIwMTQxWhcNMjUwNjI5MjIwMTQxWjAzMTEwLwYDVQQD
Eyg5MmRiNmE4ZmFlYjVmZjE2M2UyZmJjNWRlZjY0OWVkZmU4ZjA4NWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHVPBSjWlKXhTB2OPs5IEPPKGDdp
xOJURnWkh77odkiet10y8LeP84hyDtBSH+TzmsIoMHbx/MCO44Vsu//XBwIzUbD+
i2F4mCbwQ+/a6lA2dInd93vPMEUp/NWwZgYDyW89n2OhVpe/if1flNbNhWU5rRXf
Icw5LrMGQOX7wGz/+eFZ4frd+JQrQrpm4K+z6uAk6be1lslvtPKMeqAmTo2dxXQd
Bx3sB/TjJ2PywibJyXF9rOTAuBhIn2b0yRWPkCM/oWbG6MTHdo+Yig+1cnMohOZI
tSa8UQWaqz5qVUlbDWZHUkMgxrjoEu6YptkaF86CAtIcoRXMIOngtFalOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJLbao+utf8WPi+8Xe9knt/o8IXTMB8GA1UdIwQY
MBaAFOIlAdmkAXCYOPM9GuJ5vOcQCzzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3Njgt
Zjk4MTFlZTNmYTg3LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3NjgtZjk4MTFlZTNmYTg3
LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAonEaJ+/c
EIi1OAQFmtdeaHX6PIJaX3Nl+HfpiZSxbMaXyuCgZ7S62I3sfrNqMbrjKAoG1Ekf
kNU3bvCHBxPH3o9U5EA+BPyVopNNtQ86950MVp9ZO8pc43MP/itmD78lJ5C07dJs
c6RKCkH/ARq5YqEE9oTJ+nLbekK7coRuqR7toG5tigZS95kR1aeUViVH9FpqxnDq
zTibEOO06InABMyNPucmTYcdaHMEechnovikxsNGO3TCyvu7YyEkMDSDoHWbEs/W
krNZ4bwp886j+yl/0ysz/EmDZWaygVCgJX6VXG1lvBMMqbuVkLQMLJx7SG6uqt99
keyksdpZUe8gqw==
-----END CERTIFICATE-----