Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          gDM3FbF6OUGjeTHMmXKU3OiRzMhV9u3Hvo5j0m0cAa0=
Subject key identifier:   77:1E:75:8A:91:93:71:DD:68:9C:EA:7A:99:AA:4E:CF:21:2F:17:7B
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       019A7149DDB9C1E18FBCBB61FDBEF0D8EFB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          04F0
Signing time:             Tue 11 Nov 2025 05:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 05:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 05:00:57 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: kV7fSp7cm1No9w7H5mH/jk3MxlpSHikStqV8FQLcKKE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:dd:b9:c1:e1:8f:bc:bb:61:fd:be:f0:d8:ef:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Nov 11 05:00:57 2025 GMT
            Not After : Nov 12 05:00:57 2025 GMT
        Subject: CN=771e758a919371dd689cea7a99aa4ecf212f177b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:62:6b:52:9f:50:92:ae:bb:23:7e:9a:37:ea:
                    86:71:8f:0b:bb:a2:fb:7c:17:86:f7:59:53:8e:45:
                    5a:eb:e0:41:3d:89:a9:68:09:3c:85:53:b3:d0:b3:
                    b8:6b:71:a9:1f:ed:a7:b5:1c:f1:e9:8d:4a:94:97:
                    eb:a5:91:0b:d7:d9:65:b7:5c:02:f5:f4:44:1d:17:
                    33:ae:77:23:b0:10:3e:8a:0e:0d:20:50:14:02:41:
                    2e:35:1f:c1:bc:34:cd:8c:a3:65:1b:a8:ea:04:cc:
                    a6:ae:b3:4e:9f:18:78:07:9f:aa:90:ce:a8:2b:f0:
                    62:95:f7:9e:2b:2b:78:0e:44:48:3e:0f:b2:47:1c:
                    96:0d:a4:21:2b:40:9d:3c:95:f0:78:0c:8f:af:62:
                    18:4c:b5:10:08:df:d9:ff:91:a7:9d:ed:bf:00:44:
                    04:c2:20:aa:d9:ec:cb:c3:a6:97:81:61:24:66:8c:
                    de:81:ac:ee:2a:1c:ee:d3:a9:41:30:d5:4f:69:b8:
                    1b:ad:2f:28:ef:2c:1b:77:1f:8e:7c:32:dc:7f:bb:
                    ef:81:7f:63:e6:05:09:eb:e1:c8:ac:e9:27:ac:bd:
                    5c:b6:0f:cd:96:8c:2c:47:fa:e0:f6:51:6c:8a:8e:
                    c6:4c:44:3e:10:af:e5:5c:34:c1:e2:1f:58:3a:38:
                    e9:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:1E:75:8A:91:93:71:DD:68:9C:EA:7A:99:AA:4E:CF:21:2F:17:7B
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:51:3e:3d:75:2b:28:cb:de:91:9f:f6:f9:52:21:26:68:7a:
         9a:f1:2a:86:2d:ee:1c:14:f0:08:46:a4:ab:be:a8:4e:f7:b2:
         c2:d1:0e:44:6d:c6:f9:2f:2a:ae:6b:19:2b:38:d1:f7:b0:c3:
         27:32:09:0d:44:32:3e:7e:7a:1a:9d:df:1c:54:fc:8a:6c:21:
         25:00:7b:c9:a1:f6:76:00:b5:10:6a:ac:12:ae:aa:f1:50:85:
         40:13:06:1f:48:24:e3:28:66:08:9f:aa:50:05:50:e1:66:4d:
         65:eb:1f:fc:ef:1e:5c:2c:72:3d:37:03:45:6e:cf:ef:eb:c2:
         6a:1f:8f:72:f2:a2:dc:3f:f1:d5:56:8c:b8:89:1b:da:8b:d9:
         9f:e9:ef:d8:95:17:69:65:5d:01:7c:c3:3b:bf:72:fe:68:05:
         82:63:8f:58:f4:34:ec:ca:e4:c7:f9:41:8d:d6:a7:4c:91:fd:
         d3:c7:d0:25:81:02:22:cc:06:9e:0c:a5:99:83:7d:fd:d5:f4:
         47:a1:ef:e7:14:fd:18:28:02:c9:90:a9:7d:ce:3f:bb:19:d6:
         60:72:e2:bd:cc:ac:69:50:68:d1:5c:42:9d:2a:ba:90:14:ab:
         2e:3e:ae:49:52:2c:ca:9f:6f:9f:85:b5:c8:5d:3a:c2:0c:5e:
         e4:f8:dc:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSd25weGPvLth/b7w2O+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjUxMTExMDUwMDU3WhcNMjUxMTEyMDUwMDU3WjAzMTEwLwYDVQQD
Eyg3NzFlNzU4YTkxOTM3MWRkNjg5Y2VhN2E5OWFhNGVjZjIxMmYxNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2JrUp9Qkq67I36aN+qGcY8Lu6L7
fBeG91lTjkVa6+BBPYmpaAk8hVOz0LO4a3GpH+2ntRzx6Y1KlJfrpZEL19llt1wC
9fREHRczrncjsBA+ig4NIFAUAkEuNR/BvDTNjKNlG6jqBMymrrNOnxh4B5+qkM6o
K/BilfeeKyt4DkRIPg+yRxyWDaQhK0CdPJXweAyPr2IYTLUQCN/Z/5Gnne2/AEQE
wiCq2ezLw6aXgWEkZozegazuKhzu06lBMNVPabgbrS8o7ywbdx+OfDLcf7vvgX9j
5gUJ6+HIrOknrL1ctg/NlowsR/rg9lFsio7GTEQ+EK/lXDTB4h9YOjjpnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHcedYqRk3HdaJzqepmqTs8hLxd7MB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM1E+PXUr
KMvekZ/2+VIhJmh6mvEqhi3uHBTwCEakq76oTveywtEORG3G+S8qrmsZKzjR97DD
JzIJDUQyPn56Gp3fHFT8imwhJQB7yaH2dgC1EGqsEq6q8VCFQBMGH0gk4yhmCJ+q
UAVQ4WZNZesf/O8eXCxyPTcDRW7P7+vCah+PcvKi3D/x1VaMuIkb2ovZn+nv2JUX
aWVdAXzDO79y/mgFgmOPWPQ07Mrkx/lBjdanTJH908fQJYECIswGngylmYN9/dX0
R6Hv5xT9GCgCyZCpfc4/uxnWYHLivcysaVBo0VxCnSq6kBSrLj6uSVIsyp9vn4W1
yF06wgxe5PjcWA==
-----END CERTIFICATE-----