Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          i2ILMbocw47CbWu9Am/SJfz0YY1CP66obc8DNhk6UzE=
Subject key identifier:   3F:B8:C3:73:BD:61:03:D5:1E:A0:F3:86:43:B8:07:65:84:BA:83:7F
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       0199233137E3015EACEEC909C2638D9C3926
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          0443
Signing time:             Sun 07 Sep 2025 08:00:52 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:52 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:52 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: /iVkfpIeJrYW3oGrCGevKFIyvmfvFl84J3H6H8FW96c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:37:e3:01:5e:ac:ee:c9:09:c2:63:8d:9c:39:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Sep  7 08:00:52 2025 GMT
            Not After : Sep  8 08:00:52 2025 GMT
        Subject: CN=3fb8c373bd6103d51ea0f38643b8076584ba837f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:19:27:77:53:40:61:2c:8c:eb:b8:15:c8:ad:
                    2f:a6:5d:47:18:43:63:1f:f3:a1:34:e8:d0:c1:2a:
                    f3:e3:ee:82:65:85:84:7e:1e:8c:1f:ab:5c:11:47:
                    0f:2a:35:8a:5e:7c:22:e7:c2:83:ba:ab:51:60:c5:
                    fa:97:e6:4a:e2:85:6a:eb:cd:1d:44:67:cb:36:d2:
                    a5:d9:28:5f:56:d3:42:08:54:d0:12:3f:1a:5d:24:
                    8a:cf:18:63:ad:e5:80:54:22:62:f0:21:fc:87:4a:
                    ba:40:8b:fa:4a:32:cf:8f:fa:bb:e3:ae:6e:75:37:
                    f0:9f:1c:dd:ea:64:d1:84:ac:8b:14:90:0e:04:99:
                    ec:42:9e:a7:65:f9:25:df:fc:bf:65:72:e3:64:52:
                    a7:f4:03:6d:ca:c1:67:91:af:42:d5:2b:2a:94:c6:
                    08:2c:13:e3:3b:bd:a5:5c:95:27:6c:55:74:45:c2:
                    cf:87:fb:f3:17:f9:5b:ac:b0:69:40:17:f7:c5:76:
                    f3:61:5b:9f:9b:0a:a4:0e:ae:c3:c8:8d:18:77:8d:
                    3e:04:51:83:f3:5f:9f:83:3d:aa:8c:9a:24:87:46:
                    f9:76:45:12:7d:18:e0:e8:33:3f:17:5e:e1:48:05:
                    73:6c:17:c8:7e:54:65:c2:d3:7e:92:7a:21:26:3f:
                    8a:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:B8:C3:73:BD:61:03:D5:1E:A0:F3:86:43:B8:07:65:84:BA:83:7F
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:4d:4b:95:0e:5d:bb:bf:74:40:12:74:a5:04:9f:14:bf:80:
         8a:bb:35:8d:fe:a6:a1:c4:99:8c:b6:9b:3b:75:62:86:f5:0d:
         f1:b8:23:64:48:c7:ee:9e:fd:57:af:ae:06:a8:f4:a2:40:a7:
         83:71:d1:37:c2:86:b4:ff:35:92:f9:30:90:be:54:77:2c:df:
         74:cc:83:ad:a2:19:65:f8:d5:51:54:0b:5f:78:15:cb:cb:d1:
         5b:c9:a2:65:82:5b:66:f7:59:81:30:81:d4:bf:50:ee:fb:3d:
         ba:46:ab:52:9c:be:d0:80:71:d4:77:40:e7:e4:c7:ae:d2:6c:
         72:3e:58:91:6c:aa:d0:be:6d:0d:a1:e5:a6:20:7d:ad:b5:ce:
         cb:f2:4d:8d:81:ab:51:cf:c0:7b:85:a7:2f:18:13:25:93:40:
         38:32:69:7d:4f:6b:f6:9e:3a:8f:fa:58:f9:f2:f5:64:9e:c1:
         35:ef:d1:db:04:6b:31:3a:9b:33:dc:ac:a8:90:28:ba:d3:c6:
         78:65:b6:5f:a2:bd:b0:18:c0:77:20:9b:37:5f:66:2a:c9:be:
         4d:34:16:0a:cf:78:d4:29:e1:ae:7a:4d:56:db:80:17:90:54:
         88:a2:28:57:6f:d4:93:81:b7:b5:4b:96:21:34:7c:35:8c:f9:
         cd:fb:0b:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMTfjAV6s7skJwmONnDkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjUwOTA3MDgwMDUyWhcNMjUwOTA4MDgwMDUyWjAzMTEwLwYDVQQD
EygzZmI4YzM3M2JkNjEwM2Q1MWVhMGYzODY0M2I4MDc2NTg0YmE4MzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Bknd1NAYSyM67gVyK0vpl1HGENj
H/OhNOjQwSrz4+6CZYWEfh6MH6tcEUcPKjWKXnwi58KDuqtRYMX6l+ZK4oVq680d
RGfLNtKl2ShfVtNCCFTQEj8aXSSKzxhjreWAVCJi8CH8h0q6QIv6SjLPj/q7465u
dTfwnxzd6mTRhKyLFJAOBJnsQp6nZfkl3/y/ZXLjZFKn9ANtysFnka9C1SsqlMYI
LBPjO72lXJUnbFV0RcLPh/vzF/lbrLBpQBf3xXbzYVufmwqkDq7DyI0Yd40+BFGD
81+fgz2qjJokh0b5dkUSfRjg6DM/F17hSAVzbBfIflRlwtN+knohJj+KGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+4w3O9YQPVHqDzhkO4B2WEuoN/MB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXU1LlQ5d
u790QBJ0pQSfFL+Airs1jf6mocSZjLabO3VihvUN8bgjZEjH7p79V6+uBqj0okCn
g3HRN8KGtP81kvkwkL5UdyzfdMyDraIZZfjVUVQLX3gVy8vRW8miZYJbZvdZgTCB
1L9Q7vs9ukarUpy+0IBx1HdA5+THrtJscj5YkWyq0L5tDaHlpiB9rbXOy/JNjYGr
Uc/Ae4WnLxgTJZNAODJpfU9r9p46j/pY+fL1ZJ7BNe/R2wRrMTqbM9ysqJAoutPG
eGW2X6K9sBjAdyCbN19mKsm+TTQWCs941CnhrnpNVtuAF5BUiKIoV2/Uk4G3tUuW
ITR8NYz5zfsLEA==
-----END CERTIFICATE-----