Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
File:                     pKgNKvhhtwo37AUOAT5t-6lMiz0.mft (raw, json)
Hash identifier:          wcDbrf1eamtC+adnMS/Z1VjhFtQeOvQlRWt3zVwYFY0=
Subject key identifier:   86:F8:1E:2D:49:FE:36:52:23:20:BF:77:40:65:7E:4D:BC:08:84:13
Authority key identifier: A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D
Certificate issuer:       /CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d
Certificate serial:       019923A0E46194C02D44CB14654EB6AD935E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
Manifest number:          0F16
Signing time:             Sun 07 Sep 2025 10:02:50 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:50 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:50 +0000
Files and hashes:         1: pKgNKvhhtwo37AUOAT5t-6lMiz0.crl (hash: lpIl9e0bE2Ho9V5ZXwVmbFjRkX3SVBNGr8mkgzj3Sm4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:e4:61:94:c0:2d:44:cb:14:65:4e:b6:ad:93:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d
        Validity
            Not Before: Sep  7 10:02:50 2025 GMT
            Not After : Sep  8 10:02:50 2025 GMT
        Subject: CN=86f81e2d49fe36522320bf7740657e4dbc088413
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:d2:2d:d0:ed:ed:93:d7:e8:6e:77:6f:b6:91:
                    38:c8:c5:c6:c7:bc:ce:df:b5:25:b5:d0:b9:3c:34:
                    a4:8c:e7:34:f7:f1:16:f3:34:29:ec:9d:0b:71:79:
                    95:9f:9f:85:6c:30:1b:6a:42:57:c7:22:91:aa:0e:
                    58:19:ad:93:30:95:a3:ba:ea:9f:57:3a:66:14:b9:
                    bf:fc:3b:6d:68:41:16:29:9d:c3:44:e4:e5:ce:2b:
                    8c:23:2a:d8:26:d9:10:29:0f:9c:d9:8e:62:1e:10:
                    fd:28:38:00:8d:71:28:dc:8b:2b:6a:ab:76:73:6d:
                    8d:0c:f1:c6:24:5d:6e:d5:fd:18:93:06:95:92:89:
                    35:69:2f:87:6e:be:8b:90:be:ed:72:e4:88:2d:1f:
                    93:ea:bc:b0:a0:20:6d:93:9d:56:75:7a:70:21:62:
                    6f:09:7f:c7:40:0b:03:aa:0a:69:9f:e4:90:a0:c3:
                    2d:43:ce:71:d7:17:a9:2d:c4:09:e0:2f:2e:37:67:
                    d4:45:ba:d3:4e:1d:e5:4f:ef:5a:c1:6d:ee:89:48:
                    46:b4:79:5d:0e:17:bb:ec:b3:0c:5a:ea:03:df:5b:
                    0a:cc:9c:5b:d3:4b:ec:56:a0:c7:13:56:b3:d3:4c:
                    90:7d:1d:e3:4e:86:42:5b:1b:c9:9c:8b:a1:35:9f:
                    a1:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:F8:1E:2D:49:FE:36:52:23:20:BF:77:40:65:7E:4D:BC:08:84:13
            X509v3 Authority Key Identifier:
                keyid:A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:df:5f:d7:93:47:14:76:c9:41:cf:e3:17:b2:17:d5:6f:01:
         d7:c6:4d:d0:9d:20:8b:d5:c4:f5:a7:b9:b7:02:bc:db:11:8a:
         23:bf:f1:fd:06:f9:69:bf:5a:1a:a4:c0:f9:3d:57:d5:11:55:
         ce:95:89:c5:25:bf:c5:76:38:eb:dd:37:8a:76:5a:92:d6:02:
         ac:df:7d:30:34:8a:ff:3f:88:bc:bb:ef:0f:b1:ff:c3:d4:23:
         42:3f:e6:70:e9:a0:f6:04:d8:33:22:0b:25:5b:2e:49:8e:ec:
         b5:8c:1c:36:b2:75:23:00:2a:85:b0:cb:ee:ac:6b:ad:1b:c3:
         b5:c3:c9:57:d4:b3:ed:64:6c:7a:e1:95:3f:ff:8c:b3:4b:55:
         7c:0a:e6:65:16:ec:01:ef:97:46:67:94:8c:c7:60:a9:6a:25:
         82:80:ad:d9:d6:2c:64:96:2f:4e:e3:5d:e7:e9:8c:d9:1b:a2:
         bb:8b:89:7b:30:eb:2b:04:b7:e7:12:81:f9:4b:7f:6f:8b:e2:
         a4:dd:e1:6c:f2:84:87:13:b5:07:d8:d3:3b:4b:9d:df:52:bf:
         c3:d2:cf:5f:1d:fc:9f:18:1f:dc:86:e3:1c:c2:32:67:d5:f0:
         65:fb:7d:0d:c2:5f:44:ee:3b:e2:87:e7:7b:b2:71:e1:d4:3d:
         1a:f5:c0:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoORhlMAtRMsUZU62rZNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YTgwZDJhZjg2MWI3MGEzN2VjMDUwZTAxM2U2ZGZiYTk0
YzhiM2QwHhcNMjUwOTA3MTAwMjUwWhcNMjUwOTA4MTAwMjUwWjAzMTEwLwYDVQQD
Eyg4NmY4MWUyZDQ5ZmUzNjUyMjMyMGJmNzc0MDY1N2U0ZGJjMDg4NDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/NIt0O3tk9fobndvtpE4yMXGx7zO
37UltdC5PDSkjOc09/EW8zQp7J0LcXmVn5+FbDAbakJXxyKRqg5YGa2TMJWjuuqf
VzpmFLm//DttaEEWKZ3DROTlziuMIyrYJtkQKQ+c2Y5iHhD9KDgAjXEo3Israqt2
c22NDPHGJF1u1f0YkwaVkok1aS+Hbr6LkL7tcuSILR+T6rywoCBtk51WdXpwIWJv
CX/HQAsDqgppn+SQoMMtQ85x1xepLcQJ4C8uN2fURbrTTh3lT+9awW3uiUhGtHld
Dhe77LMMWuoD31sKzJxb00vsVqDHE1az00yQfR3jToZCWxvJnIuhNZ+hFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIb4Hi1J/jZSIyC/d0Blfk28CIQTMB8GA1UdIwQY
MBaAFKSoDSr4YbcKN+wFDgE+bfupTIs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYt
NjIzNGVhMDllMTg2LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYtNjIzNGVhMDllMTg2
LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjd9f15NH
FHbJQc/jF7IX1W8B18ZN0J0gi9XE9ae5twK82xGKI7/x/Qb5ab9aGqTA+T1X1RFV
zpWJxSW/xXY46903inZaktYCrN99MDSK/z+IvLvvD7H/w9QjQj/mcOmg9gTYMyIL
JVsuSY7stYwcNrJ1IwAqhbDL7qxrrRvDtcPJV9Sz7WRseuGVP/+Ms0tVfArmZRbs
Ae+XRmeUjMdgqWolgoCt2dYsZJYvTuNd5+mM2Ruiu4uJezDrKwS35xKB+Ut/b4vi
pN3hbPKEhxO1B9jTO0ud31K/w9LPXx38nxgf3IbjHMIyZ9XwZft9DcJfRO474ofn
e7Jx4dQ9GvXAWA==
-----END CERTIFICATE-----