Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
File:                     4iUB2aQBcJg48z0a4nm85xALPM8.mft (raw, json)
Hash identifier:          NC/37wY6cfAOiq0tXoS5ZpLCHAQMQ3E44vlvK9mpXps=
Subject key identifier:   AE:8F:86:C9:51:1A:9F:95:12:92:4A:D6:A1:CA:10:68:57:97:04:7F
Authority key identifier: E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF
Certificate issuer:       /CN=e22501d9a401709838f33d1ae279bce7100b3ccf
Certificate serial:       01975045901EC0E741909195EF98FF205160
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
Manifest number:          0FF7
Signing time:             Sun 08 Jun 2025 16:00:25 +0000
Manifest this update:     Sun 08 Jun 2025 16:00:25 +0000
Manifest next update:     Mon 09 Jun 2025 16:00:25 +0000
Files and hashes:         1: 4iUB2aQBcJg48z0a4nm85xALPM8.crl (hash: Y1Zo3UdrNCaYTx2YTv2krUyP9kL20VqZysYTZSvMUdQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 16:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:45:90:1e:c0:e7:41:90:91:95:ef:98:ff:20:51:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e22501d9a401709838f33d1ae279bce7100b3ccf
        Validity
            Not Before: Jun  8 16:00:25 2025 GMT
            Not After : Jun  9 16:00:25 2025 GMT
        Subject: CN=ae8f86c9511a9f9512924ad6a1ca10685797047f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:e3:b1:e3:93:fa:ea:1a:e6:c2:a1:3a:ce:df:
                    80:86:55:07:a2:93:8a:a5:54:52:94:a5:48:9a:97:
                    5e:63:9e:ad:7d:76:66:a2:11:2d:bf:4f:99:86:93:
                    01:eb:16:ec:1d:c6:a8:f9:8f:b0:d3:5d:17:93:72:
                    7d:62:5b:15:47:1f:7a:08:ce:68:10:ca:5e:83:4b:
                    a0:65:62:da:17:dc:81:b2:f6:f7:74:2f:1f:91:99:
                    25:2a:82:51:47:db:6c:9e:d6:07:f5:dd:fb:ad:52:
                    ca:73:e0:12:21:52:1b:cd:d5:b2:1d:12:06:bb:42:
                    f3:aa:f3:c1:17:80:5a:cf:d6:c1:53:22:f2:57:76:
                    3f:41:c9:fd:e9:b2:7f:9a:87:86:d5:e4:45:a6:15:
                    58:83:66:c4:4b:39:a9:8c:6b:6a:f4:ad:0d:1e:5b:
                    97:73:34:dc:41:ce:97:a2:31:6a:89:50:64:72:94:
                    eb:37:9a:e7:6b:e5:b1:98:3b:e2:54:68:3c:fc:f5:
                    61:7e:b4:8f:bb:5f:c9:4a:a4:f0:70:1e:ca:f1:03:
                    8f:47:cc:15:9f:35:03:ba:1b:17:c6:1f:9a:30:b2:
                    1e:bc:25:4d:73:af:a7:8f:59:5e:a9:d2:1c:c1:1e:
                    4a:9d:c3:6f:07:83:ef:58:f9:39:c5:cb:32:ab:89:
                    58:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:8F:86:C9:51:1A:9F:95:12:92:4A:D6:A1:CA:10:68:57:97:04:7F
            X509v3 Authority Key Identifier:
                keyid:E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:63:8f:27:a9:51:1d:bb:e2:86:98:e8:6a:6f:a5:74:96:d1:
         92:76:10:26:bd:e2:c2:a2:1d:9b:91:8c:7b:98:d8:bd:30:03:
         13:8d:57:14:5a:23:41:c8:cf:ef:52:94:fd:32:2b:4f:28:7e:
         d2:55:f3:7f:f1:e3:f8:0e:f6:c3:03:bc:d5:e0:04:7d:f9:37:
         c5:9c:73:e0:5c:64:b6:df:a1:ea:18:eb:a0:38:50:f4:5d:c2:
         de:02:8c:a4:2e:7c:e0:90:cd:21:4f:eb:37:5d:62:03:64:92:
         96:89:76:d5:be:65:29:45:cd:5b:22:0e:75:43:70:80:06:cf:
         dc:92:75:75:c5:97:8e:e2:b7:c2:42:6d:24:85:4a:67:9e:46:
         26:b5:2a:c0:d1:be:c2:14:b5:84:46:60:b6:be:c9:6b:c5:1d:
         8c:48:a8:cb:36:86:f4:5a:91:2f:cc:e1:1f:1d:32:65:eb:24:
         37:a1:94:05:ed:65:bd:5f:d1:1b:03:5f:4d:0f:8c:a0:38:01:
         df:06:45:01:28:1b:ce:94:6c:19:ba:db:7a:c5:1d:2c:e1:55:
         db:b1:82:e8:50:63:e8:66:54:0b:b1:16:0b:18:91:ec:a9:4c:
         78:9b:74:41:8b:3f:69:ea:6a:7d:0b:3c:b2:78:b8:32:3c:a7:
         12:61:c1:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRZAewOdBkJGV75j/IFFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjUwMWQ5YTQwMTcwOTgzOGYzM2QxYWUyNzliY2U3MTAw
YjNjY2YwHhcNMjUwNjA4MTYwMDI1WhcNMjUwNjA5MTYwMDI1WjAzMTEwLwYDVQQD
EyhhZThmODZjOTUxMWE5Zjk1MTI5MjRhZDZhMWNhMTA2ODU3OTcwNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeOx45P66hrmwqE6zt+AhlUHopOK
pVRSlKVImpdeY56tfXZmohEtv0+ZhpMB6xbsHcao+Y+w010Xk3J9YlsVRx96CM5o
EMpeg0ugZWLaF9yBsvb3dC8fkZklKoJRR9tsntYH9d37rVLKc+ASIVIbzdWyHRIG
u0LzqvPBF4Baz9bBUyLyV3Y/Qcn96bJ/moeG1eRFphVYg2bESzmpjGtq9K0NHluX
czTcQc6XojFqiVBkcpTrN5rna+WxmDviVGg8/PVhfrSPu1/JSqTwcB7K8QOPR8wV
nzUDuhsXxh+aMLIevCVNc6+nj1leqdIcwR5KncNvB4PvWPk5xcsyq4lYYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK6PhslRGp+VEpJK1qHKEGhXlwR/MB8GA1UdIwQY
MBaAFOIlAdmkAXCYOPM9GuJ5vOcQCzzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3Njgt
Zjk4MTFlZTNmYTg3LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3NjgtZjk4MTFlZTNmYTg3
LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANmOPJ6lR
Hbvihpjoam+ldJbRknYQJr3iwqIdm5GMe5jYvTADE41XFFojQcjP71KU/TIrTyh+
0lXzf/Hj+A72wwO81eAEffk3xZxz4Fxktt+h6hjroDhQ9F3C3gKMpC584JDNIU/r
N11iA2SSlol21b5lKUXNWyIOdUNwgAbP3JJ1dcWXjuK3wkJtJIVKZ55GJrUqwNG+
whS1hEZgtr7Ja8UdjEioyzaG9FqRL8zhHx0yZeskN6GUBe1lvV/RGwNfTQ+MoDgB
3wZFASgbzpRsGbrbesUdLOFV27GC6FBj6GZUC7EWCxiR7KlMeJt0QYs/aepqfQs8
sni4MjynEmHBzg==
-----END CERTIFICATE-----