Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
File:                     4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft (raw, json)
Hash identifier:          3WtrwzyjMKtfNtCBHsOmevYnFCfhzFTa50BUjNwMyIY=
Subject key identifier:   45:51:DB:09:20:05:57:AE:26:27:0E:D1:FC:6B:53:53:57:E4:23:CB
Authority key identifier: E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7
Certificate issuer:       /CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
Certificate serial:       0198D5BBFD9EA657BB82A96650C4587F7830
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
Manifest number:          117B
Signing time:             Sat 23 Aug 2025 07:02:03 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:03 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:03 +0000
Files and hashes:         1: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl (hash: 8ok5VjfeXBjjrTQ8jdlcIhNp0Xm7HUmGhdnyP17aDng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 07:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:fd:9e:a6:57:bb:82:a9:66:50:c4:58:7f:78:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
        Validity
            Not Before: Aug 23 07:02:03 2025 GMT
            Not After : Aug 24 07:02:03 2025 GMT
        Subject: CN=4551db09200557ae26270ed1fc6b535357e423cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d7:58:01:19:66:1a:30:bf:af:00:dd:53:8e:
                    b9:5a:6f:0f:8a:9e:ca:c4:c0:39:fb:49:eb:4b:5d:
                    e7:fb:f0:e8:cc:27:09:48:c8:bf:50:7d:e0:f7:b1:
                    5f:46:28:05:51:18:6f:e6:d0:cc:47:c4:b0:4f:64:
                    f5:52:7c:59:78:90:9b:1d:01:a9:40:20:c0:59:f1:
                    4d:62:05:f5:f3:79:c8:5b:ce:ad:d3:0b:06:e9:dc:
                    5c:ee:7d:77:b9:ff:5d:bc:8a:09:7c:3a:f6:68:2d:
                    68:63:cf:1b:8f:3b:80:ae:f5:ea:4f:da:95:82:10:
                    58:04:09:27:6f:97:ac:a3:dc:62:4d:81:27:2f:c8:
                    ad:a6:a6:a4:b0:54:9d:0a:a2:87:72:04:45:6d:46:
                    f8:93:17:c6:d0:6f:2c:b5:19:ce:88:9a:58:c0:53:
                    7c:85:06:12:84:25:f1:ab:db:5e:f8:2f:c2:da:35:
                    11:2c:bc:39:4a:0c:e9:8c:28:4b:3d:f7:a2:ce:87:
                    fd:cc:70:0d:55:14:fe:6a:94:73:ee:5d:96:8f:05:
                    5e:1b:da:bb:91:27:a8:00:c3:02:66:3a:b7:c0:50:
                    9e:b4:a7:c0:dc:3a:24:a2:6a:e9:1f:ec:d3:ff:53:
                    06:86:ad:d0:39:61:9c:64:3f:d8:5d:45:c6:45:48:
                    90:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:51:DB:09:20:05:57:AE:26:27:0E:D1:FC:6B:53:53:57:E4:23:CB
            X509v3 Authority Key Identifier:
                keyid:E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:24:91:8d:ad:9f:c3:ca:90:6c:ff:66:29:87:9a:e5:e2:bd:
         8e:88:3c:75:60:97:fe:38:3f:b8:c4:9a:3d:92:31:f2:0e:9f:
         fe:ec:61:2b:68:04:81:fb:b1:ba:ee:a3:c2:70:da:63:35:97:
         9a:7f:c9:72:e2:8f:fb:ed:ba:35:80:19:c6:30:63:ee:1d:d5:
         a5:b9:e6:cd:76:6d:c7:3a:5b:30:b3:3d:e7:45:16:6e:f4:a2:
         2b:89:61:0f:4e:ed:3f:40:03:3b:5c:c4:d6:e7:e3:bd:fb:e8:
         16:5f:02:f2:1c:70:28:2f:a7:f1:e6:5a:a6:5a:0f:42:0f:de:
         0d:c0:36:3e:b0:74:cf:06:7f:4b:a9:e2:51:61:20:99:67:37:
         f1:2b:57:ba:8c:65:0a:e4:94:0a:8f:96:6b:e9:8c:f2:48:17:
         55:80:8d:e8:21:fa:f6:20:3e:f9:63:a7:33:86:26:3c:f1:7c:
         40:9c:6b:56:dc:87:2d:e0:70:12:6e:df:f3:0b:9d:2f:b0:80:
         0a:ca:87:ec:f7:f9:e8:c8:86:3d:c0:62:7b:d4:db:c3:f1:08:
         99:23:ff:e3:f9:b5:4e:d3:e8:4c:20:14:1e:35:1b:92:c3:38:
         48:e2:0d:01:4b:3f:75:33:02:96:68:a0:d3:d1:52:2f:00:3e:
         5d:7e:14:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu/2eple7gqlmUMRYf3gwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTE0YTMwYTY3ZTNjZmIzY2FkYjYzNjhlZDIwMmM0OGNk
MjliYTcwHhcNMjUwODIzMDcwMjAzWhcNMjUwODI0MDcwMjAzWjAzMTEwLwYDVQQD
Eyg0NTUxZGIwOTIwMDU1N2FlMjYyNzBlZDFmYzZiNTM1MzU3ZTQyM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtddYARlmGjC/rwDdU465Wm8Pip7K
xMA5+0nrS13n+/DozCcJSMi/UH3g97FfRigFURhv5tDMR8SwT2T1UnxZeJCbHQGp
QCDAWfFNYgX183nIW86t0wsG6dxc7n13uf9dvIoJfDr2aC1oY88bjzuArvXqT9qV
ghBYBAknb5eso9xiTYEnL8itpqaksFSdCqKHcgRFbUb4kxfG0G8stRnOiJpYwFN8
hQYShCXxq9te+C/C2jURLLw5SgzpjChLPfeizof9zHANVRT+apRz7l2WjwVeG9q7
kSeoAMMCZjq3wFCetKfA3DokomrpH+zT/1MGhq3QOWGcZD/YXUXGRUiQrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVR2wkgBVeuJicO0fxrU1NX5CPLMB8GA1UdIwQY
MBaAFOIRSjCmfjz7PK22No7SAsSM0punMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMt
NTIzNmFjYzBhMTY2LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMtNTIzNmFjYzBhMTY2
LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiCSRja2f
w8qQbP9mKYea5eK9jog8dWCX/jg/uMSaPZIx8g6f/uxhK2gEgfuxuu6jwnDaYzWX
mn/JcuKP++26NYAZxjBj7h3VpbnmzXZtxzpbMLM950UWbvSiK4lhD07tP0ADO1zE
1ufjvfvoFl8C8hxwKC+n8eZaploPQg/eDcA2PrB0zwZ/S6niUWEgmWc38StXuoxl
CuSUCo+Wa+mM8kgXVYCN6CH69iA++WOnM4YmPPF8QJxrVtyHLeBwEm7f8wudL7CA
CsqH7Pf56MiGPcBie9Tbw/EImSP/4/m1TtPoTCAUHjUbksM4SOINAUs/dTMClmig
09FSLwA+XX4UdA==
-----END CERTIFICATE-----