Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          Zon0LNzI6ZfAKQ6sB3oDMhrp/VuWS6UOnEpYQHagN2w=
Subject key identifier:   29:65:63:41:5C:82:7B:9D:A7:6E:A1:9D:C9:50:27:F3:31:1E:CA:9F
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       019921B04F67AC919C5232CBCDC6335CE840
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0BBB
Signing time:             Sun 07 Sep 2025 01:00:26 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:26 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:26 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: gk/0PAYLd3QB9HGgFXmj6vqW6S7sgSy4x83/XNidwSI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:4f:67:ac:91:9c:52:32:cb:cd:c6:33:5c:e8:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Sep  7 01:00:26 2025 GMT
            Not After : Sep  8 01:00:26 2025 GMT
        Subject: CN=296563415c827b9da76ea19dc95027f3311eca9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:34:ef:5c:f7:90:c5:f3:3c:aa:13:63:6a:82:
                    0b:cf:af:94:98:45:8c:48:cd:07:dc:a6:fb:d7:69:
                    4f:bd:38:9c:62:b9:4f:9b:c9:36:92:ec:3c:e9:4d:
                    f9:c0:82:12:e0:a4:42:2c:a7:a9:d3:b2:70:31:f4:
                    fa:e8:b2:a4:50:98:3c:5e:d7:5a:bf:f0:0e:b4:bf:
                    a3:8d:a7:27:3e:47:f0:41:eb:1e:1e:51:53:70:1e:
                    92:4f:34:eb:74:ab:d4:d0:61:f5:24:f9:7d:af:54:
                    d5:95:77:a1:21:d9:1b:29:fa:5f:f0:49:e1:73:13:
                    fe:de:ea:a8:f1:c0:01:c6:a7:a3:98:e9:5b:c6:29:
                    b6:ef:2a:48:85:d3:1a:92:6a:5a:b2:43:90:b5:9f:
                    e0:6d:79:c4:bf:f2:69:57:13:75:a2:cf:a5:00:5f:
                    32:0b:da:14:76:5f:a6:68:b6:ed:83:ae:ca:84:4e:
                    de:c7:76:24:0a:65:40:2d:5a:de:ca:b8:c6:19:6f:
                    b7:81:3c:f0:5f:65:bf:0d:ce:39:ac:9e:b3:a7:d4:
                    f3:3f:f0:b1:38:f4:6f:60:d6:41:d7:ee:fa:e8:a5:
                    09:0b:04:30:bc:dd:fb:3d:08:5d:04:04:44:f5:51:
                    3e:e5:25:0e:71:4f:69:78:71:9b:b1:ca:2e:c8:a8:
                    76:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:65:63:41:5C:82:7B:9D:A7:6E:A1:9D:C9:50:27:F3:31:1E:CA:9F
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:36:fd:5c:1c:30:c6:7a:53:29:a4:a5:7b:40:93:5c:f4:cb:
         38:14:b6:93:a7:75:95:18:fb:ad:21:09:4d:54:3e:7a:ef:95:
         b9:65:c4:d5:03:47:be:d9:35:70:3c:21:9e:bb:cb:10:83:d1:
         0b:d5:91:cc:51:53:08:9d:6a:f0:05:9d:70:0e:50:ef:84:13:
         75:b0:ab:c2:5e:f1:e2:d9:e3:5a:d4:3c:24:6f:2b:3f:ca:b1:
         f4:6a:bf:41:5f:31:5b:80:4a:41:b6:ea:31:29:1c:72:37:0b:
         f0:2e:72:fd:37:33:5c:16:0c:e9:54:67:d8:c4:e0:b2:82:99:
         28:55:b8:be:b0:f4:a7:11:1e:d8:74:9c:a7:b0:b5:bd:09:ea:
         a5:d3:ee:c4:99:74:37:e0:07:ab:2a:03:e7:2e:9b:d3:c5:ca:
         0d:0b:bf:14:49:4e:57:41:e5:bd:0d:55:a5:77:0b:b8:db:78:
         f2:18:b9:5c:13:f5:5b:fb:ba:27:3c:3c:4d:f7:36:e6:51:68:
         6a:ea:99:56:6c:75:d2:f1:2c:d7:95:c2:66:27:73:46:6b:0d:
         b7:88:bc:1b:a3:82:4a:d7:30:ae:34:a2:36:95:d1:ed:f7:ac:
         ba:05:56:df:ef:50:f8:6a:3e:26:e3:f4:f2:1f:6e:03:21:91:
         79:2b:92:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsE9nrJGcUjLLzcYzXOhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjUwOTA3MDEwMDI2WhcNMjUwOTA4MDEwMDI2WjAzMTEwLwYDVQQD
EygyOTY1NjM0MTVjODI3YjlkYTc2ZWExOWRjOTUwMjdmMzMxMWVjYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDTvXPeQxfM8qhNjaoILz6+UmEWM
SM0H3Kb712lPvTicYrlPm8k2kuw86U35wIIS4KRCLKep07JwMfT66LKkUJg8Xtda
v/AOtL+jjacnPkfwQeseHlFTcB6STzTrdKvU0GH1JPl9r1TVlXehIdkbKfpf8Enh
cxP+3uqo8cABxqejmOlbxim27ypIhdMakmpaskOQtZ/gbXnEv/JpVxN1os+lAF8y
C9oUdl+maLbtg67KhE7ex3YkCmVALVreyrjGGW+3gTzwX2W/Dc45rJ6zp9TzP/Cx
OPRvYNZB1+766KUJCwQwvN37PQhdBARE9VE+5SUOcU9peHGbscouyKh2CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCllY0Fcgnudp26hnclQJ/MxHsqfMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKDb9XBww
xnpTKaSle0CTXPTLOBS2k6d1lRj7rSEJTVQ+eu+VuWXE1QNHvtk1cDwhnrvLEIPR
C9WRzFFTCJ1q8AWdcA5Q74QTdbCrwl7x4tnjWtQ8JG8rP8qx9Gq/QV8xW4BKQbbq
MSkccjcL8C5y/TczXBYM6VRn2MTgsoKZKFW4vrD0pxEe2HScp7C1vQnqpdPuxJl0
N+AHqyoD5y6b08XKDQu/FElOV0HlvQ1VpXcLuNt48hi5XBP1W/u6Jzw8Tfc25lFo
auqZVmx10vEs15XCZidzRmsNt4i8G6OCStcwrjSiNpXR7fesugVW3+9Q+Go+JuP0
8h9uAyGReSuSyg==
-----END CERTIFICATE-----