Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
File:                     FLklHG89i7aaegPOrN0q58LIzjc.mft (raw, json)
Hash identifier:          YlV5NJQ9p1adXzKv0+LSqR67mD+9hVglLQFCps+LyqM=
Subject key identifier:   5A:D9:49:5D:20:59:AF:1B:81:59:68:66:A3:A3:DA:18:6B:12:37:FE
Authority key identifier: 14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37
Certificate issuer:       /CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
Certificate serial:       0198D6608E280849368EB3449C65D7BFCEBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
Manifest number:          01B4
Signing time:             Sat 23 Aug 2025 10:01:48 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:48 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:48 +0000
Files and hashes:         1: FLklHG89i7aaegPOrN0q58LIzjc.crl (hash: of5Flr092DdUINbO5NXUdYzGcMKapG7tF+peyRu8tZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:8e:28:08:49:36:8e:b3:44:9c:65:d7:bf:ce:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
        Validity
            Not Before: Aug 23 10:01:48 2025 GMT
            Not After : Aug 24 10:01:48 2025 GMT
        Subject: CN=5ad9495d2059af1b81596866a3a3da186b1237fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:2c:10:73:2e:01:b7:ee:0f:ba:62:65:1c:c6:
                    94:4d:e8:e2:a6:87:9b:ba:93:7a:f0:cf:59:9e:a1:
                    3f:af:be:bb:ac:32:76:1e:23:f2:f2:ea:13:22:ae:
                    82:cd:98:ed:25:9f:ab:13:a5:8e:bc:3a:9e:bb:cd:
                    0e:12:a3:f5:fd:29:3b:04:f3:c8:0c:7b:e3:83:2b:
                    e0:f1:80:1e:3d:7b:31:b6:ce:15:31:11:45:ca:d4:
                    e0:b4:f2:27:22:8b:6a:97:64:ba:ad:e7:46:56:b2:
                    32:d7:db:58:90:f2:24:d0:2d:09:08:27:4e:73:30:
                    eb:86:93:1b:64:a0:08:9d:e0:5d:79:3d:41:bf:15:
                    9a:a0:3f:c4:20:31:09:fc:31:67:6c:53:fb:ba:07:
                    62:60:d5:93:e7:77:72:88:61:a2:1e:b0:f1:06:6b:
                    fc:e1:a4:a2:ac:70:c6:b2:96:cc:74:37:c2:9a:ea:
                    87:2d:b6:6a:42:29:ca:a4:eb:a0:53:3b:81:5d:74:
                    f9:bf:68:73:6c:e1:52:fe:6d:88:cf:e5:6a:33:05:
                    a8:ea:2b:53:08:d7:bd:fb:4c:ba:b1:24:64:92:e5:
                    a7:5d:89:48:7e:0b:de:f5:b7:e7:7e:58:b9:4d:66:
                    46:b2:c7:26:c4:63:32:0c:de:9b:60:22:71:af:2f:
                    20:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:D9:49:5D:20:59:AF:1B:81:59:68:66:A3:A3:DA:18:6B:12:37:FE
            X509v3 Authority Key Identifier:
                keyid:14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:a6:f1:6b:20:f3:1d:e3:f4:81:e4:ca:2a:8b:66:28:33:8d:
         67:e4:f9:f1:8e:a3:fc:d9:4e:70:0b:2c:0b:f5:41:67:ed:70:
         67:38:7b:6a:6b:8e:68:94:1d:0d:ab:40:64:2e:d9:b9:e9:ac:
         9d:11:f8:32:f3:c6:8d:08:e1:d9:04:39:68:8e:cc:cb:25:ec:
         e6:ef:3f:74:68:60:90:5f:50:8e:8f:b2:4f:14:75:ea:d7:e5:
         b8:8a:b0:73:18:d5:cb:86:d0:4c:b4:73:45:78:ed:e4:46:c4:
         7d:35:b3:0f:42:d5:9e:4f:4e:ec:f1:5e:e0:14:55:32:23:da:
         4a:b2:86:e5:f7:f3:1e:95:30:d3:72:5b:fc:f1:e4:6b:02:c2:
         7f:77:e2:f2:c5:72:12:a8:0d:31:2b:5f:16:c9:08:50:cc:14:
         de:ff:50:88:3a:e6:80:61:80:4f:d0:f3:f8:17:3a:6f:66:f1:
         ff:a8:af:ef:48:da:cb:7a:fb:ac:d8:fa:c1:c3:77:7b:ee:40:
         d9:eb:09:b0:ca:6e:2f:bf:b2:41:17:27:5e:8f:0d:ea:2a:fd:
         ee:2b:b3:26:c5:33:bd:37:93:4c:58:f0:7f:32:b0:03:d6:1e:
         19:3b:32:d5:8c:42:7f:37:79:8e:af:91:bf:ee:67:35:30:7e:
         d6:d9:db:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYI4oCEk2jrNEnGXXv868MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YjkyNTFjNmYzZDhiYjY5YTdhMDNjZWFjZGQyYWU3YzJj
OGNlMzcwHhcNMjUwODIzMTAwMTQ4WhcNMjUwODI0MTAwMTQ4WjAzMTEwLwYDVQQD
Eyg1YWQ5NDk1ZDIwNTlhZjFiODE1OTY4NjZhM2EzZGExODZiMTIzN2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSwQcy4Bt+4PumJlHMaUTejipoeb
upN68M9ZnqE/r767rDJ2HiPy8uoTIq6CzZjtJZ+rE6WOvDqeu80OEqP1/Sk7BPPI
DHvjgyvg8YAePXsxts4VMRFFytTgtPInIotql2S6redGVrIy19tYkPIk0C0JCCdO
czDrhpMbZKAIneBdeT1BvxWaoD/EIDEJ/DFnbFP7ugdiYNWT53dyiGGiHrDxBmv8
4aSirHDGspbMdDfCmuqHLbZqQinKpOugUzuBXXT5v2hzbOFS/m2Iz+VqMwWo6itT
CNe9+0y6sSRkkuWnXYlIfgve9bfnfli5TWZGsscmxGMyDN6bYCJxry8g2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrZSV0gWa8bgVloZqOj2hhrEjf+MB8GA1UdIwQY
MBaAFBS5JRxvPYu2mnoDzqzdKufCyM43MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMt
YzJkOGE1OWIwMGQzLzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMtYzJkOGE1OWIwMGQz
LzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnKbxayDz
HeP0geTKKotmKDONZ+T58Y6j/NlOcAssC/VBZ+1wZzh7amuOaJQdDatAZC7Zuems
nRH4MvPGjQjh2QQ5aI7MyyXs5u8/dGhgkF9Qjo+yTxR16tfluIqwcxjVy4bQTLRz
RXjt5EbEfTWzD0LVnk9O7PFe4BRVMiPaSrKG5ffzHpUw03Jb/PHkawLCf3fi8sVy
EqgNMStfFskIUMwU3v9QiDrmgGGAT9Dz+Bc6b2bx/6iv70jay3r7rNj6wcN3e+5A
2esJsMpuL7+yQRcnXo8N6ir97iuzJsUzvTeTTFjwfzKwA9YeGTsy1YxCfzd5jq+R
v+5nNTB+1tnbfQ==
-----END CERTIFICATE-----