Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
File:                     D4jGhrHhIvzcFlwCN6D149mQvwE.mft (raw, json)
Hash identifier:          r5t5k8i0AhKdI9ZlmViTp7u2/c5c0AoAeuSnXp39br8=
Subject key identifier:   44:4B:C7:2F:68:6C:6F:6B:8A:38:29:D3:99:F6:02:18:88:24:D7:10
Authority key identifier: 0F:88:C6:86:B1:E1:22:FC:DC:16:5C:02:37:A0:F5:E3:D9:90:BF:01
Certificate issuer:       /CN=0f88c686b1e122fcdc165c0237a0f5e3d990bf01
Certificate serial:       0198D4739EC61078888A4E5EA174CE94EE7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
Manifest number:          0BF6
Signing time:             Sat 23 Aug 2025 01:03:23 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:23 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:23 +0000
Files and hashes:         1: D4jGhrHhIvzcFlwCN6D149mQvwE.crl (hash: Ye6Xmh9XuS+UAc1dvMa3uY1Z8/vnMbSrKjsZ/IQP6Q0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:9e:c6:10:78:88:8a:4e:5e:a1:74:ce:94:ee:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f88c686b1e122fcdc165c0237a0f5e3d990bf01
        Validity
            Not Before: Aug 23 01:03:23 2025 GMT
            Not After : Aug 24 01:03:23 2025 GMT
        Subject: CN=444bc72f686c6f6b8a3829d399f602188824d710
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:17:a9:39:f5:da:9c:02:2b:2a:ec:63:b1:07:
                    9c:c9:04:07:1f:68:95:24:fa:e7:f6:a7:5f:0c:73:
                    77:fa:71:2c:fd:9e:ce:55:4d:d9:a4:4c:11:1e:fe:
                    14:ae:fa:4c:c5:a7:e3:d6:51:37:27:69:23:45:ca:
                    bf:a0:e6:96:b7:b3:11:35:9d:b5:7e:8a:9c:ba:2a:
                    dd:ed:51:a6:41:8e:41:42:9d:3c:4f:d0:53:27:93:
                    7d:bb:a9:44:91:72:3d:21:b7:62:67:94:b9:f1:82:
                    6a:97:f0:d2:e1:a4:5f:57:84:92:19:e2:a1:7f:39:
                    22:c7:94:c7:e3:6c:71:0e:8b:a2:c1:ea:13:e0:0d:
                    3d:3b:e5:88:ce:da:de:7e:bc:78:85:c3:95:b0:99:
                    f6:f4:96:da:a0:b7:63:79:8a:91:c5:ce:a6:72:33:
                    5b:d0:7e:1d:86:b2:79:21:c5:9e:ae:7c:0f:58:0c:
                    4b:99:b7:04:a3:a2:57:6a:ed:b1:59:a3:2c:b0:3a:
                    69:62:46:de:0f:bf:5d:e5:e6:70:c1:56:14:17:db:
                    f3:e0:b6:17:41:21:0f:5c:b0:1f:f3:12:9a:11:4b:
                    ed:73:4d:d5:6d:62:75:9e:24:fd:a5:b8:6e:6e:d5:
                    da:0a:59:da:2b:90:e3:11:b3:40:51:3a:02:67:20:
                    fc:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:4B:C7:2F:68:6C:6F:6B:8A:38:29:D3:99:F6:02:18:88:24:D7:10
            X509v3 Authority Key Identifier:
                keyid:0F:88:C6:86:B1:E1:22:FC:DC:16:5C:02:37:A0:F5:E3:D9:90:BF:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:4c:30:f5:9c:2c:f6:58:b9:f8:74:2e:c9:18:35:77:ac:df:
         04:f3:ae:3f:ea:ce:ec:c7:09:45:2a:4b:6f:1a:68:1f:69:09:
         51:d3:8c:5e:0e:70:f5:90:5d:3e:9e:45:63:d7:cc:69:26:1a:
         b5:a5:48:d8:a6:46:c2:ee:42:cc:d2:45:1e:44:24:35:be:89:
         eb:8b:3b:78:4c:86:bb:69:6b:7e:6e:f1:0c:08:d3:2c:79:b4:
         24:54:b1:7f:b4:26:fa:1d:72:62:b7:aa:76:d1:1b:3d:ec:95:
         2b:45:8f:d9:3d:28:0f:b6:0e:df:bf:f7:2d:9c:f5:34:10:6a:
         fe:56:ee:df:49:33:fa:44:b3:49:1c:6a:ed:99:26:9a:40:e1:
         86:68:fa:3e:da:36:97:9e:e1:9c:b2:ae:d5:35:48:b3:c1:d8:
         c1:20:27:05:76:19:1a:33:71:0b:51:91:39:94:d9:6b:6e:2e:
         bc:08:2f:de:22:bc:2c:69:45:60:86:18:04:27:ed:d9:89:07:
         74:07:31:fe:92:9f:9f:e9:09:a2:ac:3b:68:72:82:8c:b4:6c:
         a4:e9:49:cb:f0:fc:df:1c:06:1b:3d:c6:7f:34:a1:5f:aa:c4:
         c0:4f:4d:9e:70:36:76:29:28:0b:87:ac:ca:8e:fa:de:e7:2b:
         28:de:12:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc57GEHiIik5eoXTOlO59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmODhjNjg2YjFlMTIyZmNkYzE2NWMwMjM3YTBmNWUzZDk5
MGJmMDEwHhcNMjUwODIzMDEwMzIzWhcNMjUwODI0MDEwMzIzWjAzMTEwLwYDVQQD
Eyg0NDRiYzcyZjY4NmM2ZjZiOGEzODI5ZDM5OWY2MDIxODg4MjRkNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRepOfXanAIrKuxjsQecyQQHH2iV
JPrn9qdfDHN3+nEs/Z7OVU3ZpEwRHv4UrvpMxafj1lE3J2kjRcq/oOaWt7MRNZ21
foqcuird7VGmQY5BQp08T9BTJ5N9u6lEkXI9IbdiZ5S58YJql/DS4aRfV4SSGeKh
fzkix5TH42xxDouiweoT4A09O+WIztrefrx4hcOVsJn29JbaoLdjeYqRxc6mcjNb
0H4dhrJ5IcWernwPWAxLmbcEo6JXau2xWaMssDppYkbeD79d5eZwwVYUF9vz4LYX
QSEPXLAf8xKaEUvtc03VbWJ1niT9pbhubtXaClnaK5DjEbNAUToCZyD8KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERLxy9obG9rijgp05n2AhiIJNcQMB8GA1UdIwQY
MBaAFA+Ixoax4SL83BZcAjeg9ePZkL8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lNmYwYzQtNzk5ZC00NjIwLWFiN2It
YjQyMjVkZTI3MjNhLzEvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lNmYwYzQtNzk5ZC00NjIwLWFiN2ItYjQyMjVkZTI3MjNh
LzEvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmUww9Zws
9li5+HQuyRg1d6zfBPOuP+rO7McJRSpLbxpoH2kJUdOMXg5w9ZBdPp5FY9fMaSYa
taVI2KZGwu5CzNJFHkQkNb6J64s7eEyGu2lrfm7xDAjTLHm0JFSxf7Qm+h1yYreq
dtEbPeyVK0WP2T0oD7YO37/3LZz1NBBq/lbu30kz+kSzSRxq7ZkmmkDhhmj6Pto2
l57hnLKu1TVIs8HYwSAnBXYZGjNxC1GROZTZa24uvAgv3iK8LGlFYIYYBCft2YkH
dAcx/pKfn+kJoqw7aHKCjLRspOlJy/D83xwGGz3GfzShX6rEwE9NnnA2dikoC4es
yo763ucrKN4S0A==
-----END CERTIFICATE-----