Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
File:                     ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft (raw, json)
Hash identifier:          +G8UVdfV7jFonUtEWNR3xtBj6RuKHQsvwA+2GfRNtMM=
Subject key identifier:   DE:31:72:AD:67:44:BF:1D:5F:68:73:1B:86:1F:01:A7:CF:F0:A8:8B
Authority key identifier: 82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD
Certificate issuer:       /CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd
Certificate serial:       0198D47306E63995411E6BDE545ABC3D1B81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
Manifest number:          082F
Signing time:             Sat 23 Aug 2025 01:02:44 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:44 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:44 +0000
Files and hashes:         1: ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl (hash: GWipsMKiQkEpOosC7oNy18IMEGADIOJ1VHZKNIVtqks=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:06:e6:39:95:41:1e:6b:de:54:5a:bc:3d:1b:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd
        Validity
            Not Before: Aug 23 01:02:44 2025 GMT
            Not After : Aug 24 01:02:44 2025 GMT
        Subject: CN=de3172ad6744bf1d5f68731b861f01a7cff0a88b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:bb:4d:16:38:f4:34:2f:85:7c:6c:a7:08:20:
                    ac:5d:ea:02:b5:ae:e1:e8:44:a9:02:91:e3:85:c9:
                    e8:ea:b0:0a:c5:62:80:58:36:0d:ef:a4:cd:0e:27:
                    8c:84:61:6a:86:aa:5d:2d:7f:44:c8:fa:b1:d4:ea:
                    06:62:ae:36:24:11:36:15:07:54:1d:92:9e:d9:99:
                    d0:6b:e1:6e:28:16:a1:c4:09:f6:f2:4b:6e:1d:06:
                    72:42:03:99:f8:69:c6:61:ef:49:98:81:a9:be:1f:
                    e8:27:4f:b9:e2:5a:d2:ea:fc:81:fa:87:2c:03:ab:
                    cd:bd:bd:cf:bc:ac:b3:f5:61:6f:e0:dd:a3:eb:f8:
                    05:b1:53:ae:48:c6:f9:0a:b2:c6:f4:e9:66:3b:53:
                    bb:0b:90:50:28:c8:81:39:19:de:67:16:26:24:cd:
                    dc:b6:6b:f3:6e:6e:ee:97:cc:41:86:a7:91:96:68:
                    d5:d7:c4:65:b1:8d:db:b2:88:ec:8c:0a:9c:ba:eb:
                    a3:d8:35:cf:2f:26:33:9c:89:fd:f7:8c:b3:f1:6c:
                    f0:8e:6d:61:ea:ba:97:20:99:0d:81:40:86:1a:4b:
                    16:50:37:bd:08:4c:1d:b3:da:b9:de:80:45:4b:21:
                    92:8a:fb:2d:f1:4c:3e:49:f6:34:a1:39:1c:63:0f:
                    e1:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:31:72:AD:67:44:BF:1D:5F:68:73:1B:86:1F:01:A7:CF:F0:A8:8B
            X509v3 Authority Key Identifier:
                keyid:82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:b4:17:ea:3b:9b:41:d8:ed:dc:47:a8:74:fb:75:a8:5d:31:
         a7:64:fc:7d:b9:59:29:55:1b:3e:f7:21:c8:7d:b8:46:c8:d4:
         3c:a6:dc:80:c6:8b:b5:ac:a5:22:08:1f:69:b7:6c:04:f7:3b:
         c2:58:7b:8e:05:cb:d0:24:b7:19:7e:ed:c4:2b:42:35:21:15:
         01:08:43:2b:84:7e:d6:bd:0b:ac:86:87:4d:38:b2:d0:31:8b:
         70:8b:6c:f7:ab:86:dd:56:c1:12:47:15:23:6e:48:1c:c9:22:
         69:61:ff:c9:11:06:57:a1:0a:be:b1:6f:e8:6a:d9:3d:71:23:
         63:f1:be:4a:ea:c9:e1:dc:2b:40:b3:27:99:35:1b:05:9d:66:
         4f:09:e5:f5:35:ff:60:99:f1:a8:e3:28:e2:22:62:51:87:56:
         af:a8:82:46:49:58:01:0f:9c:ec:5e:02:a3:7c:fd:aa:21:9c:
         72:04:ab:79:a2:28:a4:63:d3:05:68:6a:a5:85:78:7b:2c:de:
         aa:49:00:48:14:27:74:87:71:19:90:37:7b:33:46:33:ea:a3:
         fe:42:21:aa:d9:a6:11:4e:c8:20:4f:1c:08:0a:db:77:ac:3a:
         77:48:b4:14:50:5f:a4:97:32:73:76:27:f0:3d:78:75:31:16:
         4f:0d:5a:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcwbmOZVBHmveVFq8PRuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMTRkYzQ4YjNlOTE5ZTU1Y2U4MTg0ZDNhOTY5MGQxNDky
NWJjYmQwHhcNMjUwODIzMDEwMjQ0WhcNMjUwODI0MDEwMjQ0WjAzMTEwLwYDVQQD
EyhkZTMxNzJhZDY3NDRiZjFkNWY2ODczMWI4NjFmMDFhN2NmZjBhODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbtNFjj0NC+FfGynCCCsXeoCta7h
6ESpApHjhcno6rAKxWKAWDYN76TNDieMhGFqhqpdLX9EyPqx1OoGYq42JBE2FQdU
HZKe2ZnQa+FuKBahxAn28ktuHQZyQgOZ+GnGYe9JmIGpvh/oJ0+54lrS6vyB+ocs
A6vNvb3PvKyz9WFv4N2j6/gFsVOuSMb5CrLG9OlmO1O7C5BQKMiBORneZxYmJM3c
tmvzbm7ul8xBhqeRlmjV18RlsY3bsojsjAqcuuuj2DXPLyYznIn994yz8Wzwjm1h
6rqXIJkNgUCGGksWUDe9CEwds9q53oBFSyGSivst8Uw+SfY0oTkcYw/h2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4xcq1nRL8dX2hzG4YfAafP8KiLMB8GA1UdIwQY
MBaAFIIU3Eiz6RnlXOgYTTqWkNFJJby9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAt
ZmJjMDI2OTE3ZjYyLzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAtZmJjMDI2OTE3ZjYy
LzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxrQX6jub
Qdjt3EeodPt1qF0xp2T8fblZKVUbPvchyH24RsjUPKbcgMaLtaylIggfabdsBPc7
wlh7jgXL0CS3GX7txCtCNSEVAQhDK4R+1r0LrIaHTTiy0DGLcIts96uG3VbBEkcV
I25IHMkiaWH/yREGV6EKvrFv6GrZPXEjY/G+SurJ4dwrQLMnmTUbBZ1mTwnl9TX/
YJnxqOMo4iJiUYdWr6iCRklYAQ+c7F4Co3z9qiGccgSreaIopGPTBWhqpYV4eyze
qkkASBQndIdxGZA3ezNGM+qj/kIhqtmmEU7IIE8cCArbd6w6d0i0FFBfpJcyc3Yn
8D14dTEWTw1aHg==
-----END CERTIFICATE-----