Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          vFvFtR98GT3Xt9HhwLzz+UmYw1iWW3srGeDAfItwyTk=
Subject key identifier:   B2:21:16:CC:F1:B6:78:81:74:88:33:86:82:DF:19:E4:B9:97:6E:5F
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       0198D4724D7253318A7378D1D6C90910E2A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 01:01:57 +0000
Manifest this update:     Sat 23 Aug 2025 01:01:57 +0000
Manifest next update:     Sun 24 Aug 2025 01:01:57 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: kKgKtZ+5+45Ntz3swpdUzM6MHzJEKMyiEy297xNrNy0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:4d:72:53:31:8a:73:78:d1:d6:c9:09:10:e2:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Aug 23 01:01:57 2025 GMT
            Not After : Aug 24 01:01:57 2025 GMT
        Subject: CN=b22116ccf1b678817488338682df19e4b9976e5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:fd:f1:85:54:0e:ea:00:f9:66:97:89:86:48:
                    97:4b:00:b4:63:1b:d5:cf:49:58:5e:38:14:28:ff:
                    fb:cc:c1:4f:13:1c:3e:db:53:75:5d:55:13:48:93:
                    42:6f:c2:3e:bc:a8:85:b2:12:6d:9e:7c:53:37:e2:
                    59:c5:c8:34:c4:21:86:11:e4:3d:72:95:0f:06:cc:
                    7f:47:c2:16:f3:07:d4:ff:58:e1:0a:21:06:23:86:
                    1d:90:d1:56:c0:c9:b1:9b:87:4e:90:3e:cd:95:56:
                    83:f9:ab:6b:8a:95:4c:12:23:57:c0:26:ff:4e:c7:
                    c6:af:d9:c2:df:d2:7f:c1:0c:30:72:e2:93:e3:68:
                    11:26:ff:82:f3:ba:7a:8e:74:98:33:67:c4:10:69:
                    21:20:8a:85:2d:f8:28:06:df:3f:86:36:21:e7:2b:
                    8a:a6:00:62:6a:50:83:76:78:b5:35:72:7e:41:d4:
                    78:84:a7:61:c1:2d:a5:8e:16:d9:28:2c:95:61:e9:
                    e5:f5:c5:d4:d8:35:ba:67:ad:76:cb:06:18:07:1c:
                    4f:6d:31:d6:1f:c0:84:11:57:ff:be:a3:25:c1:b2:
                    bc:ff:2a:87:63:73:17:2d:98:b1:6f:f8:2f:2a:b7:
                    c9:0b:73:95:ce:c5:b9:11:3d:b6:76:44:39:37:54:
                    17:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:21:16:CC:F1:B6:78:81:74:88:33:86:82:DF:19:E4:B9:97:6E:5F
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:e8:5a:f0:41:ab:61:99:ff:36:54:50:02:84:fb:f0:eb:f4:
         8c:4f:03:12:5c:8f:b4:c7:92:a7:13:01:17:6c:ca:92:2c:25:
         31:fa:9e:87:57:17:ed:e3:6a:b0:43:9d:5e:09:86:2f:84:cb:
         79:dd:9b:f4:7f:b8:04:e1:08:c1:34:b5:41:0e:00:39:f5:77:
         24:11:6f:2b:62:c9:23:02:c4:77:7c:19:e9:e3:c3:b8:9b:26:
         e8:4e:80:41:3c:cf:f4:31:fe:db:5e:ba:c2:34:c2:d7:d5:53:
         f9:d0:66:f7:40:01:84:a9:a1:14:ef:fb:56:35:f5:57:4d:09:
         19:16:fd:6d:94:79:f4:a3:8f:fa:f4:23:3b:5d:82:4d:da:c8:
         13:0d:2e:e1:f7:ed:ce:cd:ce:b7:6c:6a:4c:9e:74:0a:b8:13:
         71:01:83:c5:11:2c:9c:cd:0d:9d:69:2a:6c:38:bc:52:2f:4f:
         bd:a8:27:9e:ba:08:bb:91:a1:42:4b:54:ea:3a:2a:03:9d:11:
         b1:9d:44:e4:28:22:24:97:f9:40:15:81:8a:1e:b9:ef:68:a7:
         18:32:ab:c8:00:cc:ed:ef:36:06:55:35:32:ab:f9:0c:01:ed:
         8c:3f:f9:00:3b:47:49:5c:23:57:47:fa:7c:8a:ab:2e:f9:88:
         f2:db:af:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUck1yUzGKc3jR1skJEOKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjUwODIzMDEwMTU3WhcNMjUwODI0MDEwMTU3WjAzMTEwLwYDVQQD
EyhiMjIxMTZjY2YxYjY3ODgxNzQ4ODMzODY4MmRmMTllNGI5OTc2ZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf3xhVQO6gD5ZpeJhkiXSwC0YxvV
z0lYXjgUKP/7zMFPExw+21N1XVUTSJNCb8I+vKiFshJtnnxTN+JZxcg0xCGGEeQ9
cpUPBsx/R8IW8wfU/1jhCiEGI4YdkNFWwMmxm4dOkD7NlVaD+atripVMEiNXwCb/
TsfGr9nC39J/wQwwcuKT42gRJv+C87p6jnSYM2fEEGkhIIqFLfgoBt8/hjYh5yuK
pgBialCDdni1NXJ+QdR4hKdhwS2ljhbZKCyVYenl9cXU2DW6Z612ywYYBxxPbTHW
H8CEEVf/vqMlwbK8/yqHY3MXLZixb/gvKrfJC3OVzsW5ET22dkQ5N1QX5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIhFszxtniBdIgzhoLfGeS5l25fMB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbOha8EGr
YZn/NlRQAoT78Ov0jE8DElyPtMeSpxMBF2zKkiwlMfqeh1cX7eNqsEOdXgmGL4TL
ed2b9H+4BOEIwTS1QQ4AOfV3JBFvK2LJIwLEd3wZ6ePDuJsm6E6AQTzP9DH+2166
wjTC19VT+dBm90ABhKmhFO/7VjX1V00JGRb9bZR59KOP+vQjO12CTdrIEw0u4fft
zs3Ot2xqTJ50CrgTcQGDxREsnM0NnWkqbDi8Ui9PvagnnroIu5GhQktU6joqA50R
sZ1E5CgiJJf5QBWBih6572inGDKryADM7e82BlU1Mqv5DAHtjD/5ADtHSVwjV0f6
fIqrLvmI8tuvVQ==
-----END CERTIFICATE-----