Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
File:                     9PpnFz_1YpCIuXCWGuG-dGldxmE.mft (raw, json)
Hash identifier:          p1V0NVfzGvBy8eeQLwILMv7VALQTPH4P/8zTMzNoD4U=
Subject key identifier:   48:D7:00:52:46:48:E7:C6:B1:CD:EA:0E:92:8F:F4:5A:D9:97:03:C3
Authority key identifier: F4:FA:67:17:3F:F5:62:90:88:B9:70:96:1A:E1:BE:74:69:5D:C6:61
Certificate issuer:       /CN=f4fa67173ff5629088b970961ae1be74695dc661
Certificate serial:       0198D473F468393CE0DB0748D9638014AA67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 01:03:45 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:45 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:45 +0000
Files and hashes:         1: 9PpnFz_1YpCIuXCWGuG-dGldxmE.crl (hash: djSnwezpcnvUa3LChSUtLn5UiH9zPAXfviiSHpg4NOE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:f4:68:39:3c:e0:db:07:48:d9:63:80:14:aa:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4fa67173ff5629088b970961ae1be74695dc661
        Validity
            Not Before: Aug 23 01:03:45 2025 GMT
            Not After : Aug 24 01:03:45 2025 GMT
        Subject: CN=48d700524648e7c6b1cdea0e928ff45ad99703c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:4a:dd:3d:e8:0a:67:07:69:aa:07:af:88:6e:
                    c0:4e:f7:5b:5d:08:d1:b8:49:64:f7:f3:ec:f5:be:
                    53:80:53:82:88:4c:d9:0f:c2:5a:8e:ed:e2:36:c3:
                    99:62:33:ce:84:fd:64:98:ff:70:5c:92:d6:2b:23:
                    f3:08:bc:22:26:c8:de:75:89:ad:4b:84:20:15:d7:
                    81:87:cc:2e:f9:da:20:59:7f:d7:60:e5:d9:6d:19:
                    9c:7c:1b:d5:6e:90:86:a0:b2:1b:5c:da:c0:75:20:
                    c6:7d:13:de:16:c5:d8:7a:b7:ea:82:b4:f0:29:f6:
                    62:c7:72:5e:09:51:31:95:f2:b5:30:17:20:c7:1a:
                    16:c4:ab:ea:23:cd:4e:f9:4d:cc:6e:e4:96:6a:57:
                    21:a1:2e:c5:b6:22:12:07:94:a3:eb:da:da:81:f3:
                    ae:df:ac:d1:78:06:1b:e6:82:f0:31:a0:36:98:0c:
                    07:84:87:40:0b:1e:1a:9a:1a:e1:66:06:c6:71:74:
                    0a:a1:a6:83:6d:e3:4c:e9:b7:08:40:bf:88:07:20:
                    2b:c3:bb:ca:83:69:16:5d:bd:33:92:0e:a3:be:dc:
                    66:70:16:87:da:b8:4f:27:b2:f5:a6:52:a2:3c:6d:
                    63:8b:cc:80:19:63:c4:d0:91:24:db:e4:8f:f5:51:
                    97:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:D7:00:52:46:48:E7:C6:B1:CD:EA:0E:92:8F:F4:5A:D9:97:03:C3
            X509v3 Authority Key Identifier:
                keyid:F4:FA:67:17:3F:F5:62:90:88:B9:70:96:1A:E1:BE:74:69:5D:C6:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:d3:93:b5:0e:33:db:f7:7d:ab:85:f5:99:b3:d6:65:d0:56:
         ea:df:ac:37:29:9e:9e:5c:4c:4f:9c:82:c5:9d:c0:27:d6:af:
         1e:2b:5a:dd:9e:fb:71:da:6d:21:ea:49:47:02:b1:50:d4:53:
         17:5a:48:24:60:5d:d3:a2:2c:2b:9e:15:ee:63:0f:89:2c:54:
         c7:50:ef:16:19:8f:88:00:37:4b:f0:27:41:e1:67:a9:4d:cf:
         f2:c5:23:a4:e3:11:7f:13:76:76:ce:34:4f:5b:86:3b:f0:7b:
         b5:bf:11:a3:0b:76:a2:d4:46:10:ac:13:11:b6:87:12:52:23:
         12:d1:b6:06:90:71:9c:14:07:fc:8d:9d:11:14:e1:ed:e0:3e:
         89:5c:65:a1:2e:95:9a:b5:6a:b6:5c:70:97:b5:5d:ab:9c:55:
         c3:76:b9:22:b1:af:b5:45:d8:31:81:5c:b2:f5:74:b4:c0:73:
         35:a5:39:70:5c:73:6d:44:fb:df:5c:56:b3:9e:a6:9a:39:60:
         54:52:60:c0:1c:c4:ef:2b:71:3a:25:d3:93:6a:db:15:1c:eb:
         23:6d:35:71:04:89:31:37:48:bd:54:11:e3:08:df:f7:ac:f3:
         7e:60:a7:0c:28:98:f7:ff:95:c2:bb:14:a1:57:04:e1:41:67:
         39:b6:1a:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc/RoOTzg2wdI2WOAFKpnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZmE2NzE3M2ZmNTYyOTA4OGI5NzA5NjFhZTFiZTc0Njk1
ZGM2NjEwHhcNMjUwODIzMDEwMzQ1WhcNMjUwODI0MDEwMzQ1WjAzMTEwLwYDVQQD
Eyg0OGQ3MDA1MjQ2NDhlN2M2YjFjZGVhMGU5MjhmZjQ1YWQ5OTcwM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UrdPegKZwdpqgeviG7ATvdbXQjR
uElk9/Ps9b5TgFOCiEzZD8Jaju3iNsOZYjPOhP1kmP9wXJLWKyPzCLwiJsjedYmt
S4QgFdeBh8wu+dogWX/XYOXZbRmcfBvVbpCGoLIbXNrAdSDGfRPeFsXYerfqgrTw
KfZix3JeCVExlfK1MBcgxxoWxKvqI81O+U3MbuSWalchoS7FtiISB5Sj69ragfOu
36zReAYb5oLwMaA2mAwHhIdACx4amhrhZgbGcXQKoaaDbeNM6bcIQL+IByArw7vK
g2kWXb0zkg6jvtxmcBaH2rhPJ7L1plKiPG1ji8yAGWPE0JEk2+SP9VGXRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjXAFJGSOfGsc3qDpKP9FrZlwPDMB8GA1UdIwQY
MBaAFPT6Zxc/9WKQiLlwlhrhvnRpXcZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi82ODRkZjQtNzI1Ny00Y2NhLTgyNGUt
ZDg1ZWJjNWVhOThkLzEvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi82ODRkZjQtNzI1Ny00Y2NhLTgyNGUtZDg1ZWJjNWVhOThk
LzEvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAadOTtQ4z
2/d9q4X1mbPWZdBW6t+sNymenlxMT5yCxZ3AJ9avHita3Z77cdptIepJRwKxUNRT
F1pIJGBd06IsK54V7mMPiSxUx1DvFhmPiAA3S/AnQeFnqU3P8sUjpOMRfxN2ds40
T1uGO/B7tb8Rowt2otRGEKwTEbaHElIjEtG2BpBxnBQH/I2dERTh7eA+iVxloS6V
mrVqtlxwl7Vdq5xVw3a5IrGvtUXYMYFcsvV0tMBzNaU5cFxzbUT731xWs56mmjlg
VFJgwBzE7ytxOiXTk2rbFRzrI201cQSJMTdIvVQR4wjf96zzfmCnDCiY9/+VwrsU
oVcE4UFnObYa+w==
-----END CERTIFICATE-----