Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
File:                     4tY8oFQoMuZCZPOssVYZki_s-Ds.mft (raw, json)
Hash identifier:          KRfo++Nczzftke24j4lKewy3PivAbuYxNSGDRocf5h8=
Subject key identifier:   7E:5E:1E:93:F0:26:95:5F:E7:3E:F1:8D:BD:AB:F1:62:1E:8F:4C:B0
Authority key identifier: E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B
Certificate issuer:       /CN=e2d63ca0542832e64264f3acb15619922fecf83b
Certificate serial:       01984A418F7F0694F2DB8F1B5F768A465F38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
Manifest number:          0EDA
Signing time:             Sun 27 Jul 2025 05:01:07 +0000
Manifest this update:     Sun 27 Jul 2025 05:01:07 +0000
Manifest next update:     Mon 28 Jul 2025 05:01:07 +0000
Files and hashes:         1: 4tY8oFQoMuZCZPOssVYZki_s-Ds.crl (hash: VubzCRz+oHlhozHGAI1d9M9hG5L9HPd4aJ27WOpwFE0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:41:8f:7f:06:94:f2:db:8f:1b:5f:76:8a:46:5f:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d63ca0542832e64264f3acb15619922fecf83b
        Validity
            Not Before: Jul 27 05:01:07 2025 GMT
            Not After : Jul 28 05:01:07 2025 GMT
        Subject: CN=7e5e1e93f026955fe73ef18dbdabf1621e8f4cb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:9d:e9:b1:45:0f:b5:ad:72:18:00:92:ca:4e:
                    ea:33:03:a7:89:11:b4:ec:5f:a1:ae:48:89:a9:d3:
                    3f:51:64:1b:7c:b7:67:8a:14:33:cb:51:20:ce:3d:
                    d5:64:99:93:8c:b3:26:96:12:75:d4:7a:4e:13:70:
                    ac:28:e6:3e:be:03:4d:71:c5:57:d4:5b:ae:8f:3c:
                    2d:45:28:b4:5e:41:1e:be:f8:4c:45:1e:a6:cb:c6:
                    5d:5c:69:ed:97:4c:93:62:fc:b0:50:7a:9a:cb:08:
                    b1:df:71:a0:b9:2e:1f:7f:74:f6:ed:4c:ef:89:21:
                    60:43:ea:db:a8:f8:06:6c:a7:ab:ce:cf:f0:11:fe:
                    a1:e2:bf:0a:ee:fb:f3:50:4c:ab:7e:1e:46:65:e7:
                    80:b7:24:e0:51:de:12:30:64:07:13:60:9e:ec:e0:
                    70:fe:4d:45:c3:68:71:4d:3b:cf:6d:e2:1f:02:b6:
                    f3:17:a8:07:57:01:39:27:ad:7f:b8:5b:3f:6b:f6:
                    db:40:36:37:a6:ba:55:9b:04:a9:50:b5:40:73:86:
                    57:9e:20:60:4f:c9:e4:01:f6:83:b9:4f:de:68:77:
                    61:32:f8:11:58:cf:0e:9e:b4:fa:12:90:35:51:a8:
                    14:fd:e8:9f:69:79:df:ae:46:5e:a0:75:60:0d:2a:
                    c7:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:5E:1E:93:F0:26:95:5F:E7:3E:F1:8D:BD:AB:F1:62:1E:8F:4C:B0
            X509v3 Authority Key Identifier:
                keyid:E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:95:28:60:94:5c:b0:bc:f7:88:90:d4:d7:90:49:1e:00:ef:
         51:c4:7c:20:ac:e7:20:c7:ee:61:b0:35:17:9a:0f:57:07:3f:
         4a:e3:c1:93:00:53:f3:88:f7:49:e6:4d:00:39:de:a6:80:1b:
         6e:13:fd:7a:46:5b:9a:d7:2b:97:72:9a:a4:a9:31:e6:70:fe:
         09:d0:07:71:ce:cb:80:14:52:3c:d6:26:f3:2c:11:c5:63:b0:
         cc:ff:ab:23:e5:b4:6c:52:bf:3d:97:69:1a:81:f0:28:ec:2f:
         a6:19:4a:90:93:be:1a:22:9f:fc:ad:e4:b0:d8:98:ad:b6:11:
         32:63:a5:fe:21:f9:d1:08:cd:24:b2:1c:9a:ee:07:11:2e:f0:
         9c:6d:cb:06:f3:46:a7:27:0f:2b:ed:1e:89:40:0a:5b:5a:7a:
         4b:48:bd:e7:df:41:d4:e5:08:9f:d9:2d:c1:4e:b3:11:3b:c2:
         88:8a:c4:f1:bc:cc:38:31:e2:72:f1:e4:c8:5f:89:3c:8e:b1:
         de:0b:04:64:6e:e4:46:7a:68:ac:3e:ef:f3:cf:b1:2e:3f:53:
         bb:38:14:18:e8:68:c4:f3:7f:39:9e:31:8d:cc:a6:ff:44:c0:
         c9:85:51:ae:26:29:fd:e0:11:ea:20:18:c7:52:f7:95:89:4a:
         72:c2:1e:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKQY9/BpTy248bX3aKRl84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDYzY2EwNTQyODMyZTY0MjY0ZjNhY2IxNTYxOTkyMmZl
Y2Y4M2IwHhcNMjUwNzI3MDUwMTA3WhcNMjUwNzI4MDUwMTA3WjAzMTEwLwYDVQQD
Eyg3ZTVlMWU5M2YwMjY5NTVmZTczZWYxOGRiZGFiZjE2MjFlOGY0Y2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ3psUUPta1yGACSyk7qMwOniRG0
7F+hrkiJqdM/UWQbfLdnihQzy1Egzj3VZJmTjLMmlhJ11HpOE3CsKOY+vgNNccVX
1FuujzwtRSi0XkEevvhMRR6my8ZdXGntl0yTYvywUHqaywix33GguS4ff3T27Uzv
iSFgQ+rbqPgGbKerzs/wEf6h4r8K7vvzUEyrfh5GZeeAtyTgUd4SMGQHE2Ce7OBw
/k1Fw2hxTTvPbeIfArbzF6gHVwE5J61/uFs/a/bbQDY3prpVmwSpULVAc4ZXniBg
T8nkAfaDuU/eaHdhMvgRWM8OnrT6EpA1UagU/eifaXnfrkZeoHVgDSrHMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5eHpPwJpVf5z7xjb2r8WIej0ywMB8GA1UdIwQY
MBaAFOLWPKBUKDLmQmTzrLFWGZIv7Pg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEt
YzViMDBjYjhkOTE0LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEtYzViMDBjYjhkOTE0
LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOZUoYJRc
sLz3iJDU15BJHgDvUcR8IKznIMfuYbA1F5oPVwc/SuPBkwBT84j3SeZNADnepoAb
bhP9ekZbmtcrl3KapKkx5nD+CdAHcc7LgBRSPNYm8ywRxWOwzP+rI+W0bFK/PZdp
GoHwKOwvphlKkJO+GiKf/K3ksNiYrbYRMmOl/iH50QjNJLIcmu4HES7wnG3LBvNG
pycPK+0eiUAKW1p6S0i9599B1OUIn9ktwU6zETvCiIrE8bzMODHicvHkyF+JPI6x
3gsEZG7kRnporD7v88+xLj9TuzgUGOhoxPN/OZ4xjcym/0TAyYVRriYp/eAR6iAY
x1L3lYlKcsIeUg==
-----END CERTIFICATE-----