Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
File:                     R0NPTmaYKfhsbea6PrDo9m2piLY.mft (raw, json)
Hash identifier:          f0FTIwfkwM7kD4XrO/jxQETmyjELjjO7R6b4k5FD5QA=
Subject key identifier:   98:44:75:A7:89:DB:35:31:D7:B6:0B:E2:94:AE:86:38:57:CB:1C:84
Authority key identifier: 47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6
Certificate issuer:       /CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
Certificate serial:       019923A009810AB585E32329B47CDE0804B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
Manifest number:          A4
Signing time:             Sun 07 Sep 2025 10:01:54 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:54 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:54 +0000
Files and hashes:         1: R0NPTmaYKfhsbea6PrDo9m2piLY.crl (hash: 2dv8ZrlGl0gKWgs6YvBIhx4q9jtbdxdWn2wImBGlM1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:09:81:0a:b5:85:e3:23:29:b4:7c:de:08:04:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
        Validity
            Not Before: Sep  7 10:01:54 2025 GMT
            Not After : Sep  8 10:01:54 2025 GMT
        Subject: CN=984475a789db3531d7b60be294ae863857cb1c84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:50:3f:0d:4e:55:10:75:13:be:28:28:3c:62:
                    dc:2d:6b:c8:4f:3c:cc:a9:72:b6:1d:77:08:6d:ad:
                    be:d6:9b:93:67:ac:71:61:f8:d1:27:24:06:ba:32:
                    3d:a7:ba:58:2d:26:c6:cc:db:1e:1e:10:59:ea:6d:
                    06:e8:81:d5:5f:3b:c4:d6:17:a8:2f:16:a7:c6:be:
                    d1:ed:a4:da:ba:79:31:70:48:db:19:65:b0:80:7a:
                    fd:48:f4:b4:45:64:65:e7:58:5c:5a:5f:c2:f2:1a:
                    84:62:b2:1d:a1:1a:ea:08:2a:27:59:e8:d0:b3:07:
                    1e:4b:3b:b7:72:b3:ba:54:a5:dc:22:ac:a5:90:bc:
                    a5:d1:38:49:e3:e7:73:e5:76:94:50:c2:d3:ec:2e:
                    2b:19:5a:6c:b7:dd:ca:29:9b:28:ee:a9:fc:e7:0a:
                    2a:1c:0c:99:92:a5:0b:88:ee:85:c7:68:d5:49:4a:
                    87:3c:a1:5f:97:a6:9f:20:b3:8f:1c:b5:b6:0f:91:
                    fb:ae:79:bc:33:94:93:72:fe:b4:96:2b:72:04:a0:
                    15:30:0e:b7:eb:0d:a6:b9:c3:aa:f6:7c:49:40:07:
                    9c:87:4a:fd:dc:1c:dc:a2:19:03:49:e5:e6:49:2e:
                    c0:a8:18:a7:e0:7f:9c:b4:e3:63:57:f7:1f:2b:c2:
                    81:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:44:75:A7:89:DB:35:31:D7:B6:0B:E2:94:AE:86:38:57:CB:1C:84
            X509v3 Authority Key Identifier:
                keyid:47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:f5:1e:16:d1:da:00:4c:6f:be:e1:b2:31:22:68:95:3b:31:
         f5:6a:d8:58:71:24:27:86:c0:51:cf:1a:0f:e2:4d:f2:35:95:
         7a:58:6c:7d:bb:4f:3f:94:a4:b4:a0:5c:f5:ea:1f:8e:3e:dd:
         0a:2b:07:43:bc:c4:1c:2e:26:98:31:38:5f:e1:a5:d4:b6:b2:
         8e:3e:b1:bd:86:81:40:0f:88:0e:b5:19:de:85:9e:ea:e9:d2:
         72:9f:7f:00:5c:46:78:b9:04:fe:76:a5:b8:ac:d4:36:63:03:
         48:5e:3e:cb:87:32:7d:03:1e:1d:08:f8:cf:86:5f:d2:04:4b:
         ce:ed:da:13:f7:a9:fb:0e:d1:ba:e4:ab:8a:6c:3e:9b:a1:77:
         a5:83:ce:82:ce:53:ea:98:8a:3a:c5:d7:ff:ee:97:d5:1e:f4:
         c1:17:54:3c:72:d4:87:2c:23:d8:c2:1a:a9:22:ca:d5:22:28:
         37:09:d3:3b:c3:64:e4:49:e4:52:fa:ae:ab:96:52:5c:59:c9:
         21:2d:f6:63:ed:23:36:8b:ea:5b:ef:d6:df:eb:c0:62:74:62:
         13:a2:00:d0:65:a7:32:7f:6c:78:83:d5:8e:8a:2b:ee:f4:9b:
         64:cf:e4:e6:7c:1c:ec:c4:c4:7a:a2:d4:e0:3a:3b:70:21:72:
         13:27:e8:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoAmBCrWF4yMptHzeCAS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NDM0ZjRlNjY5ODI5Zjg2YzZkZTZiYTNlYjBlOGY2NmRh
OTg4YjYwHhcNMjUwOTA3MTAwMTU0WhcNMjUwOTA4MTAwMTU0WjAzMTEwLwYDVQQD
Eyg5ODQ0NzVhNzg5ZGIzNTMxZDdiNjBiZTI5NGFlODYzODU3Y2IxYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFA/DU5VEHUTvigoPGLcLWvITzzM
qXK2HXcIba2+1puTZ6xxYfjRJyQGujI9p7pYLSbGzNseHhBZ6m0G6IHVXzvE1heo
Lxanxr7R7aTaunkxcEjbGWWwgHr9SPS0RWRl51hcWl/C8hqEYrIdoRrqCConWejQ
swceSzu3crO6VKXcIqylkLyl0ThJ4+dz5XaUUMLT7C4rGVpst93KKZso7qn85woq
HAyZkqULiO6Fx2jVSUqHPKFfl6afILOPHLW2D5H7rnm8M5STcv60lityBKAVMA63
6w2mucOq9nxJQAech0r93BzcohkDSeXmSS7AqBin4H+ctONjV/cfK8KBuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhEdaeJ2zUx17YL4pSuhjhXyxyEMB8GA1UdIwQY
MBaAFEdDT05mmCn4bG3muj6w6PZtqYi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODkt
NWI5ZmZmZjA4MmYxLzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODktNWI5ZmZmZjA4MmYx
LzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdfUeFtHa
AExvvuGyMSJolTsx9WrYWHEkJ4bAUc8aD+JN8jWVelhsfbtPP5SktKBc9eofjj7d
CisHQ7zEHC4mmDE4X+Gl1Layjj6xvYaBQA+IDrUZ3oWe6unScp9/AFxGeLkE/nal
uKzUNmMDSF4+y4cyfQMeHQj4z4Zf0gRLzu3aE/ep+w7RuuSrimw+m6F3pYPOgs5T
6piKOsXX/+6X1R70wRdUPHLUhywj2MIaqSLK1SIoNwnTO8Nk5EnkUvquq5ZSXFnJ
IS32Y+0jNovqW+/W3+vAYnRiE6IA0GWnMn9seIPVjoor7vSbZM/k5nwc7MTEeqLU
4Do7cCFyEyfoQA==
-----END CERTIFICATE-----