Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/39adc9-db28-4b1e-bf6e-a08bf2c43460/1/iKslD4208gR6QBWFwmTzjA4ih_4.mft
File:                     iKslD4208gR6QBWFwmTzjA4ih_4.mft (raw, json)
Hash identifier:          rl3jUaF4gQ6hd1YuEKus0UmVAY3EX9MLbh6nxcsgHRA=
Subject key identifier:   A4:17:DD:40:55:45:05:2D:B7:27:FE:54:B1:C0:CC:AF:79:93:69:4B
Authority key identifier: 88:AB:25:0F:8D:B4:F2:04:7A:40:15:85:C2:64:F3:8C:0E:22:87:FE
Certificate issuer:       /CN=88ab250f8db4f2047a401585c264f38c0e2287fe
Certificate serial:       0198D54E44284BE6BBA3565829EB05B864B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iKslD4208gR6QBWFwmTzjA4ih_4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/39adc9-db28-4b1e-bf6e-a08bf2c43460/1/iKslD4208gR6QBWFwmTzjA4ih_4.mft
Manifest number:          1476
Signing time:             Sat 23 Aug 2025 05:02:12 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:12 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:12 +0000
Files and hashes:         1: iKslD4208gR6QBWFwmTzjA4ih_4.crl (hash: DP1CxlQT85XSrX0vJy7049rnH91Ou44jwdttXJTOBe0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/39adc9-db28-4b1e-bf6e-a08bf2c43460/1/iKslD4208gR6QBWFwmTzjA4ih_4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/39adc9-db28-4b1e-bf6e-a08bf2c43460/1/iKslD4208gR6QBWFwmTzjA4ih_4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iKslD4208gR6QBWFwmTzjA4ih_4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:44:28:4b:e6:bb:a3:56:58:29:eb:05:b8:64:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88ab250f8db4f2047a401585c264f38c0e2287fe
        Validity
            Not Before: Aug 23 05:02:12 2025 GMT
            Not After : Aug 24 05:02:12 2025 GMT
        Subject: CN=a417dd405545052db727fe54b1c0ccaf7993694b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:1c:16:82:b0:70:20:57:58:87:87:8f:21:15:
                    e0:b5:89:a6:8f:7b:cb:2c:43:a2:75:29:d2:e5:d8:
                    45:1d:bd:72:d1:df:e8:d6:50:9a:62:ab:6a:ea:f1:
                    e2:2c:58:0a:e7:bf:fe:38:4b:1e:1d:9e:a6:f0:f8:
                    65:d9:b0:73:2f:7e:a4:72:de:ea:2f:2b:20:4c:af:
                    48:b1:d8:d0:23:c1:33:19:5c:d8:b9:65:2b:ae:c4:
                    d5:0b:ea:af:5a:1e:bb:24:da:a8:66:d1:d3:94:27:
                    47:ce:62:0e:50:80:11:b8:8c:a1:2a:fc:1e:06:d8:
                    55:c7:21:93:60:3b:87:3d:92:e5:a5:dd:2b:1d:78:
                    34:2a:d5:b7:62:3d:15:70:08:20:aa:3e:5f:23:d8:
                    ce:b3:3f:11:cc:3a:c7:ce:09:59:33:92:87:bf:69:
                    4d:bb:cf:ae:8a:21:b6:47:7c:da:4a:38:ab:20:dd:
                    01:1f:47:e4:e1:e7:fb:5d:68:89:81:fe:26:e8:27:
                    ce:52:32:2b:05:af:5e:a2:06:ff:7d:17:10:eb:20:
                    0e:21:bc:8c:fb:30:6c:22:fe:02:fb:7b:97:b5:e9:
                    7a:80:80:f2:33:c4:32:8d:2e:d9:be:bf:1e:0c:57:
                    5a:97:dd:4f:8d:d2:a9:62:df:e9:f3:4e:f1:f7:a6:
                    29:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:17:DD:40:55:45:05:2D:B7:27:FE:54:B1:C0:CC:AF:79:93:69:4B
            X509v3 Authority Key Identifier:
                keyid:88:AB:25:0F:8D:B4:F2:04:7A:40:15:85:C2:64:F3:8C:0E:22:87:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKslD4208gR6QBWFwmTzjA4ih_4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/39adc9-db28-4b1e-bf6e-a08bf2c43460/1/iKslD4208gR6QBWFwmTzjA4ih_4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/39adc9-db28-4b1e-bf6e-a08bf2c43460/1/iKslD4208gR6QBWFwmTzjA4ih_4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:a1:2a:ba:2f:62:6d:d3:9f:ec:2d:79:1e:f7:b7:03:12:82:
         c6:9b:70:e7:90:d2:94:34:69:4a:31:05:bc:bc:fe:95:d8:67:
         aa:90:f6:81:22:b9:38:d3:24:19:2a:97:4f:f7:e9:8d:cc:32:
         27:32:4e:e0:93:a0:d3:02:69:55:77:51:65:f2:dd:d1:25:f2:
         11:69:ef:95:84:8b:b9:6a:74:09:42:02:d4:da:b7:6d:12:2d:
         55:21:ce:3b:9d:80:3e:18:d0:83:93:19:ee:9f:44:15:70:c6:
         6b:40:9d:92:8f:6a:5a:61:f3:07:b5:72:08:aa:91:bd:88:21:
         8c:90:06:66:ff:e5:a7:e0:2f:97:69:cc:4b:ea:77:c2:86:aa:
         0e:2c:c6:27:55:62:b5:8e:99:ed:2f:b6:ba:dd:d1:27:c6:4e:
         7c:fc:25:d4:82:3c:41:f1:a5:27:d2:c6:55:8e:0b:e7:a2:4c:
         95:4b:42:fd:eb:98:2a:17:85:fb:2f:ba:a7:ec:23:2f:10:a2:
         34:9f:8c:1a:7e:6d:20:c5:12:78:c1:ff:80:8d:ce:4c:9a:54:
         a2:94:2d:54:0c:09:f4:da:3d:e0:a6:6c:74:00:f6:54:5f:e0:
         ce:15:e0:83:1e:45:ad:80:79:e6:52:20:c0:61:f6:ad:a4:40:
         0b:66:b1:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTkQoS+a7o1ZYKesFuGS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWIyNTBmOGRiNGYyMDQ3YTQwMTU4NWMyNjRmMzhjMGUy
Mjg3ZmUwHhcNMjUwODIzMDUwMjEyWhcNMjUwODI0MDUwMjEyWjAzMTEwLwYDVQQD
EyhhNDE3ZGQ0MDU1NDUwNTJkYjcyN2ZlNTRiMWMwY2NhZjc5OTM2OTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BwWgrBwIFdYh4ePIRXgtYmmj3vL
LEOidSnS5dhFHb1y0d/o1lCaYqtq6vHiLFgK57/+OEseHZ6m8Phl2bBzL36kct7q
LysgTK9IsdjQI8EzGVzYuWUrrsTVC+qvWh67JNqoZtHTlCdHzmIOUIARuIyhKvwe
BthVxyGTYDuHPZLlpd0rHXg0KtW3Yj0VcAggqj5fI9jOsz8RzDrHzglZM5KHv2lN
u8+uiiG2R3zaSjirIN0BH0fk4ef7XWiJgf4m6CfOUjIrBa9eogb/fRcQ6yAOIbyM
+zBsIv4C+3uXtel6gIDyM8QyjS7Zvr8eDFdal91PjdKpYt/p807x96YpfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQX3UBVRQUttyf+VLHAzK95k2lLMB8GA1UdIwQY
MBaAFIirJQ+NtPIEekAVhcJk84wOIof+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtzbEQ0MjA4Z1I2UUJXRndtVHpqQTRpaF80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zOWFkYzktZGIyOC00YjFlLWJmNmUt
YTA4YmYyYzQzNDYwLzEvaUtzbEQ0MjA4Z1I2UUJXRndtVHpqQTRpaF80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zOWFkYzktZGIyOC00YjFlLWJmNmUtYTA4YmYyYzQzNDYw
LzEvaUtzbEQ0MjA4Z1I2UUJXRndtVHpqQTRpaF80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKaEqui9i
bdOf7C15Hve3AxKCxptw55DSlDRpSjEFvLz+ldhnqpD2gSK5ONMkGSqXT/fpjcwy
JzJO4JOg0wJpVXdRZfLd0SXyEWnvlYSLuWp0CUIC1Nq3bRItVSHOO52APhjQg5MZ
7p9EFXDGa0Cdko9qWmHzB7VyCKqRvYghjJAGZv/lp+Avl2nMS+p3woaqDizGJ1Vi
tY6Z7S+2ut3RJ8ZOfPwl1II8QfGlJ9LGVY4L56JMlUtC/euYKheF+y+6p+wjLxCi
NJ+MGn5tIMUSeMH/gI3OTJpUopQtVAwJ9No94KZsdAD2VF/gzhXggx5FrYB55lIg
wGH2raRAC2axDQ==
-----END CERTIFICATE-----