Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
File:                     _4MmzOvF_DL70ONP7n85u6iPuaI.mft (raw, json)
Hash identifier:          DRnmiU+oN5krMbtGp4ZJSXZGkoahKiLEtEnjmDZO5s4=
Subject key identifier:   0E:7E:84:7C:27:AB:79:9E:BC:F3:90:00:E4:F9:07:7F:5A:B0:EC:1C
Authority key identifier: FF:83:26:CC:EB:C5:FC:32:FB:D0:E3:4F:EE:7F:39:BB:A8:8F:B9:A2
Certificate issuer:       /CN=ff8326ccebc5fc32fbd0e34fee7f39bba88fb9a2
Certificate serial:       0199228D329C5752CAF0DA4C06F65A6C8B83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
Manifest number:          11F1
Signing time:             Sun 07 Sep 2025 05:01:42 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:42 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:42 +0000
Files and hashes:         1: _4MmzOvF_DL70ONP7n85u6iPuaI.crl (hash: P1wlIUKYM5WaI8mIFVkoYoT5qrbmwS0DHgnrumrIrmc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8d:32:9c:57:52:ca:f0:da:4c:06:f6:5a:6c:8b:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff8326ccebc5fc32fbd0e34fee7f39bba88fb9a2
        Validity
            Not Before: Sep  7 05:01:42 2025 GMT
            Not After : Sep  8 05:01:42 2025 GMT
        Subject: CN=0e7e847c27ab799ebcf39000e4f9077f5ab0ec1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:26:2c:f1:d8:bf:2b:13:81:c4:7e:bf:41:af:
                    d6:47:80:ec:3f:94:6d:fe:4b:23:8c:60:3a:80:0c:
                    45:22:bd:26:a8:ca:a0:7a:ef:ac:a3:59:f2:b2:a0:
                    e4:3b:38:2c:f9:08:d0:07:6f:ec:43:3a:db:80:31:
                    33:94:2f:8e:1b:36:d2:af:02:37:5a:88:cc:7e:95:
                    eb:c6:9b:fe:7c:15:1a:5c:42:de:05:27:68:6e:a5:
                    f0:e2:d3:85:1c:37:f9:f7:0b:15:6f:ba:13:2e:1b:
                    93:92:22:e5:71:bb:a8:5f:2e:f0:e8:38:db:87:f5:
                    b0:70:ab:06:40:f9:8b:66:56:75:77:d6:e8:5d:26:
                    12:87:fa:50:4d:06:ac:c7:8c:8b:16:a0:a1:3d:fe:
                    46:2c:03:d1:19:96:f2:b9:39:89:7a:eb:72:35:00:
                    06:8e:2e:81:34:a4:95:17:8c:b7:ba:49:af:f1:27:
                    e5:b4:7d:f6:cc:48:0c:20:78:14:eb:39:a4:8d:08:
                    33:14:f6:a0:fe:06:00:13:ff:7d:df:30:f6:bd:0a:
                    2e:8d:f1:e8:e2:eb:58:30:2c:90:a8:8d:48:90:df:
                    2d:85:90:fb:80:27:b1:ed:e2:96:3d:17:b9:ce:72:
                    ed:41:e6:82:8b:fe:71:a4:54:33:6e:13:4e:4b:2e:
                    31:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:7E:84:7C:27:AB:79:9E:BC:F3:90:00:E4:F9:07:7F:5A:B0:EC:1C
            X509v3 Authority Key Identifier:
                keyid:FF:83:26:CC:EB:C5:FC:32:FB:D0:E3:4F:EE:7F:39:BB:A8:8F:B9:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:46:84:c2:63:a4:61:91:ca:86:cc:de:72:d1:b3:fa:fd:3f:
         96:75:91:ba:4e:21:63:0b:8c:47:51:64:54:f7:4b:71:3b:48:
         f3:9b:3d:fe:8a:f2:ba:41:86:36:60:41:fb:46:7e:bd:d4:9e:
         ba:e4:2a:35:e7:ba:10:4b:81:f3:6c:63:c1:83:05:a3:a4:33:
         90:93:7e:52:19:bd:4a:52:2b:7d:e9:ee:78:24:db:ff:48:0a:
         f2:e3:27:f5:a5:51:6f:92:5b:d7:89:e0:33:07:55:96:0f:ec:
         0e:0e:f7:a5:31:63:ae:0b:aa:e8:53:0e:1a:f8:b1:a7:3d:ea:
         fc:b0:cf:02:c2:59:a6:1e:39:54:82:03:0a:77:02:e0:cb:1c:
         c9:e4:70:59:e2:f7:ce:2d:d8:25:6d:83:a3:67:c6:f0:bb:50:
         8b:00:ce:d2:15:b9:6b:bc:0d:17:94:19:35:a4:28:cf:c0:22:
         95:69:9f:eb:08:12:bf:4d:af:ee:78:cf:e5:ec:c8:ce:13:91:
         53:cb:31:b1:df:ff:a7:0c:99:4b:84:a5:16:f3:96:38:b2:0c:
         9b:7c:c0:3b:3c:d5:51:22:02:4b:ad:be:1c:23:cd:2d:92:92:
         52:93:d2:f0:c9:9e:10:f7:b6:6d:39:0c:02:00:d5:f3:a0:10:
         2f:54:eb:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijTKcV1LK8NpMBvZabIuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODMyNmNjZWJjNWZjMzJmYmQwZTM0ZmVlN2YzOWJiYTg4
ZmI5YTIwHhcNMjUwOTA3MDUwMTQyWhcNMjUwOTA4MDUwMTQyWjAzMTEwLwYDVQQD
EygwZTdlODQ3YzI3YWI3OTllYmNmMzkwMDBlNGY5MDc3ZjVhYjBlYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyYs8di/KxOBxH6/Qa/WR4DsP5Rt
/ksjjGA6gAxFIr0mqMqgeu+so1nysqDkOzgs+QjQB2/sQzrbgDEzlC+OGzbSrwI3
WojMfpXrxpv+fBUaXELeBSdobqXw4tOFHDf59wsVb7oTLhuTkiLlcbuoXy7w6Djb
h/WwcKsGQPmLZlZ1d9boXSYSh/pQTQasx4yLFqChPf5GLAPRGZbyuTmJeutyNQAG
ji6BNKSVF4y3ukmv8SfltH32zEgMIHgU6zmkjQgzFPag/gYAE/993zD2vQoujfHo
4utYMCyQqI1IkN8thZD7gCex7eKWPRe5znLtQeaCi/5xpFQzbhNOSy4xhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5+hHwnq3mevPOQAOT5B39asOwcMB8GA1UdIwQY
MBaAFP+DJszrxfwy+9DjT+5/Obuoj7miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS82ZjViNmEtZjRiYi00ZmRlLThhNTEt
OGIxMzQ0YjdkNWE2LzEvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS82ZjViNmEtZjRiYi00ZmRlLThhNTEtOGIxMzQ0YjdkNWE2
LzEvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfkaEwmOk
YZHKhszectGz+v0/lnWRuk4hYwuMR1FkVPdLcTtI85s9/oryukGGNmBB+0Z+vdSe
uuQqNee6EEuB82xjwYMFo6QzkJN+Uhm9SlIrfenueCTb/0gK8uMn9aVRb5Jb14ng
MwdVlg/sDg73pTFjrguq6FMOGvixpz3q/LDPAsJZph45VIIDCncC4MscyeRwWeL3
zi3YJW2Do2fG8LtQiwDO0hW5a7wNF5QZNaQoz8AilWmf6wgSv02v7njP5ezIzhOR
U8sxsd//pwyZS4SlFvOWOLIMm3zAOzzVUSICS62+HCPNLZKSUpPS8MmeEPe2bTkM
AgDV86AQL1Tr+Q==
-----END CERTIFICATE-----