Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
File:                     4tNxxKeqqFX4zDsa6oAilCCoDyA.mft (raw, json)
Hash identifier:          MS/a2bZqvWsRWJKfsXHSdD0uYYazWecoHpjjFkKcvo0=
Subject key identifier:   58:3C:61:82:1D:69:4C:40:47:40:DD:94:92:F6:B7:7C:2C:7F:07:74
Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
Certificate issuer:       /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Certificate serial:       0199221E2DC307CBA27E1753D5E5A2F4B09B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
Manifest number:          1673
Signing time:             Sun 07 Sep 2025 03:00:27 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:27 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:27 +0000
Files and hashes:         1: 4tNxxKeqqFX4zDsa6oAilCCoDyA.crl (hash: SFx/stmmshEItMKIFjmZ8Xv9QVUfzmP3K5XIawkB3jk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:2d:c3:07:cb:a2:7e:17:53:d5:e5:a2:f4:b0:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
        Validity
            Not Before: Sep  7 03:00:27 2025 GMT
            Not After : Sep  8 03:00:27 2025 GMT
        Subject: CN=583c61821d694c404740dd9492f6b77c2c7f0774
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:a5:2a:5e:37:3a:7f:56:bc:69:fd:0c:d5:c9:
                    35:9e:a8:f0:82:a9:b4:ea:e2:1f:ce:51:d1:91:b7:
                    fe:7c:e4:18:fa:50:04:14:35:c0:28:49:b2:4f:aa:
                    55:0f:a7:c9:cd:b6:57:b6:ef:71:88:6a:67:f1:10:
                    e7:f5:99:ba:ef:10:ca:09:2a:f9:98:99:bb:40:6d:
                    98:b0:60:20:6c:3d:35:f9:5c:c1:0a:d9:0e:88:3a:
                    04:64:9a:87:c5:10:cf:bd:be:2e:de:5c:f3:0d:7f:
                    11:06:1c:57:0c:0f:98:fb:e0:07:7e:90:f6:e6:b8:
                    ab:8e:49:33:6f:53:38:7f:4a:5c:17:c3:d1:6b:c2:
                    ff:69:62:6e:ec:9f:0d:33:c0:d7:8a:59:28:3d:ed:
                    c8:4e:ae:e2:e1:c1:dc:b2:06:86:bd:36:50:c1:a6:
                    60:31:b3:95:93:ab:2b:35:8d:4f:f9:4c:47:ef:a5:
                    2b:d7:c0:06:7d:d3:6f:fa:46:35:c8:48:32:18:ff:
                    cc:23:84:b6:e9:3a:92:5a:7b:fe:bc:55:d6:6c:cc:
                    60:bc:7e:d3:63:81:90:e4:91:87:ce:da:5a:3d:2a:
                    70:68:46:4f:bd:d8:7e:6b:6b:51:c5:cb:57:7c:90:
                    58:59:f9:5f:3b:e4:f7:53:7d:61:e9:69:22:fc:61:
                    85:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:3C:61:82:1D:69:4C:40:47:40:DD:94:92:F6:B7:7C:2C:7F:07:74
            X509v3 Authority Key Identifier:
                keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:1f:f1:c4:50:9b:88:0a:14:98:e4:b8:24:03:9b:0a:2a:68:
         c3:9b:9c:47:fb:d1:1e:d9:cb:85:c4:52:23:cb:24:7e:9c:83:
         97:4e:1e:88:90:a0:45:2c:33:b1:62:ff:d1:64:1d:9c:34:ce:
         99:3b:b3:4e:41:82:a5:e4:fe:da:63:9d:f6:fb:62:82:32:fa:
         74:4d:0e:18:5c:43:8d:95:b7:ab:c3:90:e8:cf:6f:7a:e4:df:
         6d:49:d6:8e:41:24:5f:07:04:ab:73:40:02:b5:99:f8:cf:ad:
         fe:20:51:30:7f:a0:1d:6a:a0:a7:47:3f:e0:13:95:d7:cc:66:
         ba:3b:a3:81:93:d0:aa:30:0d:48:51:b9:9e:33:bf:c1:da:df:
         e4:4e:77:7e:44:73:9c:fa:1e:50:94:31:6b:2e:7d:be:91:d2:
         3e:52:c8:8f:76:11:d3:2c:a3:66:9b:01:d0:55:fd:d4:5f:f8:
         d3:bd:13:93:30:1d:a3:c5:6a:0d:6c:4a:7f:05:44:1f:b6:48:
         8a:c5:c4:04:88:e2:bc:2f:f7:0f:39:fe:75:13:0e:63:f8:9c:
         ec:39:00:a1:86:24:42:f7:f5:84:a7:01:45:79:7d:85:a6:12:
         28:7a:ac:93:20:bf:d5:66:e7:81:db:48:9d:34:fb:bc:62:6c:
         dc:d7:11:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHi3DB8uifhdT1eWi9LCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh
ODBmMjAwHhcNMjUwOTA3MDMwMDI3WhcNMjUwOTA4MDMwMDI3WjAzMTEwLwYDVQQD
Eyg1ODNjNjE4MjFkNjk0YzQwNDc0MGRkOTQ5MmY2Yjc3YzJjN2YwNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KUqXjc6f1a8af0M1ck1nqjwgqm0
6uIfzlHRkbf+fOQY+lAEFDXAKEmyT6pVD6fJzbZXtu9xiGpn8RDn9Zm67xDKCSr5
mJm7QG2YsGAgbD01+VzBCtkOiDoEZJqHxRDPvb4u3lzzDX8RBhxXDA+Y++AHfpD2
5rirjkkzb1M4f0pcF8PRa8L/aWJu7J8NM8DXilkoPe3ITq7i4cHcsgaGvTZQwaZg
MbOVk6srNY1P+UxH76Ur18AGfdNv+kY1yEgyGP/MI4S26TqSWnv+vFXWbMxgvH7T
Y4GQ5JGHztpaPSpwaEZPvdh+a2tRxctXfJBYWflfO+T3U31h6Wki/GGFdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFg8YYIdaUxAR0DdlJL2t3wsfwd0MB8GA1UdIwQY
MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt
OTA3YTU4Yzk5NGMyLzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy
LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACB/xxFCb
iAoUmOS4JAObCipow5ucR/vRHtnLhcRSI8skfpyDl04eiJCgRSwzsWL/0WQdnDTO
mTuzTkGCpeT+2mOd9vtigjL6dE0OGFxDjZW3q8OQ6M9veuTfbUnWjkEkXwcEq3NA
ArWZ+M+t/iBRMH+gHWqgp0c/4BOV18xmujujgZPQqjANSFG5njO/wdrf5E53fkRz
nPoeUJQxay59vpHSPlLIj3YR0yyjZpsB0FX91F/4070TkzAdo8VqDWxKfwVEH7ZI
isXEBIjivC/3Dzn+dRMOY/ic7DkAoYYkQvf1hKcBRXl9haYSKHqskyC/1WbngdtI
nTT7vGJs3NcRUw==
-----END CERTIFICATE-----