Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
File:                     2ma78NRZYjYmqZu-JCXgIHIJC08.mft (raw, json)
Hash identifier:          W1GFwtTiZFRC/BZtVrdUnf+RpB9/vh3iSoqast0c4Ro=
Subject key identifier:   CE:02:67:D9:BE:3A:26:D8:6E:0E:2B:2F:2D:B8:F0:A4:9B:68:8B:07
Authority key identifier: DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F
Certificate issuer:       /CN=da66bbf0d459623626a99bbe2425e02072090b4f
Certificate serial:       01984777ED3FB1E3962B4F01996E2A2A492B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
Manifest number:          B4
Signing time:             Sat 26 Jul 2025 16:01:38 +0000
Manifest this update:     Sat 26 Jul 2025 16:01:38 +0000
Manifest next update:     Sun 27 Jul 2025 16:01:38 +0000
Files and hashes:         1: 2ma78NRZYjYmqZu-JCXgIHIJC08.crl (hash: dCozvDR/kCa/hN7gTeJNceU76J5FlKkOUWMGITG5K60=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:77:ed:3f:b1:e3:96:2b:4f:01:99:6e:2a:2a:49:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da66bbf0d459623626a99bbe2425e02072090b4f
        Validity
            Not Before: Jul 26 16:01:38 2025 GMT
            Not After : Jul 27 16:01:38 2025 GMT
        Subject: CN=ce0267d9be3a26d86e0e2b2f2db8f0a49b688b07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:4f:0c:ca:51:65:17:ef:f2:b9:b6:f0:48:cd:
                    e3:8b:f6:e6:0a:b8:05:94:d6:02:8e:9a:57:64:08:
                    63:90:6a:f7:bf:19:fe:fd:c7:e0:42:65:6f:f0:39:
                    9d:9a:9e:2e:04:c7:96:1d:b4:25:84:75:74:3a:24:
                    21:14:52:3c:7c:44:a5:c0:d8:e1:48:28:eb:0c:d0:
                    78:14:58:70:5a:57:ba:46:30:3e:79:dd:e5:96:92:
                    53:ed:14:0c:77:10:cb:45:17:f4:b0:c7:ac:d5:75:
                    ff:d4:0a:c4:a0:76:f1:e8:f7:54:cd:02:6a:b3:53:
                    27:ea:bb:93:57:0f:00:0d:5b:2e:d1:c8:f7:bf:ca:
                    c8:3f:e2:dd:54:b0:9c:c4:65:22:bf:15:e0:22:08:
                    e0:83:41:0a:21:3b:40:ed:51:c9:94:7d:dc:6d:dc:
                    7c:0a:2c:a6:f0:6a:13:7d:09:95:6c:a2:cc:d5:2a:
                    36:02:62:2b:2f:be:07:ab:bb:c4:5e:5d:e0:b1:c3:
                    83:92:19:45:ca:ff:38:74:93:98:0b:ae:6a:d6:92:
                    54:a0:5b:33:06:67:62:10:8f:b9:5f:3c:48:c0:b2:
                    af:48:c8:4a:cd:cc:6b:e4:c1:d8:6f:f4:8b:fd:a0:
                    86:99:45:a6:7a:c5:39:15:1a:be:53:41:05:64:7b:
                    1a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:02:67:D9:BE:3A:26:D8:6E:0E:2B:2F:2D:B8:F0:A4:9B:68:8B:07
            X509v3 Authority Key Identifier:
                keyid:DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:e2:5a:5c:e4:46:cb:f6:6d:2c:3a:16:ec:8b:49:b7:50:3e:
         80:30:e3:ff:95:f7:ae:9f:8f:db:c7:40:60:40:15:34:48:2d:
         65:2e:9a:c3:23:db:e1:f6:07:a6:88:70:4a:33:91:26:8f:d6:
         09:f5:4d:84:9e:53:98:7b:68:2b:d2:58:dc:99:96:47:3b:fe:
         5b:09:54:8d:49:c6:d6:52:d2:45:e3:bd:f7:27:9e:28:f4:dc:
         9b:31:b0:80:22:76:03:db:44:eb:af:6e:0a:30:17:c2:ea:84:
         84:cc:d4:24:c9:05:40:8b:86:d8:35:ac:79:20:8f:ce:65:ab:
         a3:ff:76:28:77:4b:7a:b0:27:35:14:59:f0:97:f4:ec:e4:b9:
         0c:29:95:ae:e6:70:36:32:d2:b3:01:39:59:1c:e4:92:f4:45:
         1d:1b:47:8f:66:ba:62:4a:5b:63:fb:03:d8:0d:ec:55:b6:76:
         3b:ab:b8:c1:d8:5d:04:21:c1:bc:c9:79:ff:4f:62:26:7e:23:
         82:8e:a6:3e:7d:d7:86:f3:6a:83:45:ad:e9:13:c3:fd:43:32:
         d0:e9:f6:35:df:3c:a1:db:5d:54:99:5d:42:d6:04:e4:a6:0e:
         5e:f5:96:1c:00:14:13:ac:c4:79:33:bc:a7:4e:14:ee:7e:31:
         f4:e2:b9:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHd+0/seOWK08BmW4qKkkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjZiYmYwZDQ1OTYyMzYyNmE5OWJiZTI0MjVlMDIwNzIw
OTBiNGYwHhcNMjUwNzI2MTYwMTM4WhcNMjUwNzI3MTYwMTM4WjAzMTEwLwYDVQQD
EyhjZTAyNjdkOWJlM2EyNmQ4NmUwZTJiMmYyZGI4ZjBhNDliNjg4YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9E8MylFlF+/yubbwSM3ji/bmCrgF
lNYCjppXZAhjkGr3vxn+/cfgQmVv8Dmdmp4uBMeWHbQlhHV0OiQhFFI8fESlwNjh
SCjrDNB4FFhwWle6RjA+ed3llpJT7RQMdxDLRRf0sMes1XX/1ArEoHbx6PdUzQJq
s1Mn6ruTVw8ADVsu0cj3v8rIP+LdVLCcxGUivxXgIgjgg0EKITtA7VHJlH3cbdx8
Ciym8GoTfQmVbKLM1So2AmIrL74Hq7vEXl3gscODkhlFyv84dJOYC65q1pJUoFsz
BmdiEI+5XzxIwLKvSMhKzcxr5MHYb/SL/aCGmUWmesU5FRq+U0EFZHsakQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4CZ9m+OibYbg4rLy248KSbaIsHMB8GA1UdIwQY
MBaAFNpmu/DUWWI2JqmbviQl4CByCQtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAt
NWE0NzFlZGI4MDE4LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAtNWE0NzFlZGI4MDE4
LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk+JaXORG
y/ZtLDoW7ItJt1A+gDDj/5X3rp+P28dAYEAVNEgtZS6awyPb4fYHpohwSjORJo/W
CfVNhJ5TmHtoK9JY3JmWRzv+WwlUjUnG1lLSReO99yeeKPTcmzGwgCJ2A9tE669u
CjAXwuqEhMzUJMkFQIuG2DWseSCPzmWro/92KHdLerAnNRRZ8Jf07OS5DCmVruZw
NjLSswE5WRzkkvRFHRtHj2a6YkpbY/sD2A3sVbZ2O6u4wdhdBCHBvMl5/09iJn4j
go6mPn3XhvNqg0Wt6RPD/UMy0On2Nd88odtdVJldQtYE5KYOXvWWHAAUE6zEeTO8
p04U7n4x9OK5wQ==
-----END CERTIFICATE-----