Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
File:                     A1mTnOHGqpvru2WA4VbuvYcd87I.mft (raw, json)
Hash identifier:          auY9+5aPu/oWl5+MKtO1fp4aDg5sgPqePw+L6ecuPoo=
Subject key identifier:   4F:DA:81:49:D8:47:8B:53:AC:5F:F5:F2:30:78:83:F6:0C:CF:68:B6
Authority key identifier: 03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2
Certificate issuer:       /CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
Certificate serial:       0199221E519737E74B9E87D6E6D0A1888F02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
Manifest number:          04C8
Signing time:             Sun 07 Sep 2025 03:00:36 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:36 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:36 +0000
Files and hashes:         1: A1mTnOHGqpvru2WA4VbuvYcd87I.crl (hash: UGbCLwZR2oOpmDLKywwJim4OURKokY/4vG+Lg27pUGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:51:97:37:e7:4b:9e:87:d6:e6:d0:a1:88:8f:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
        Validity
            Not Before: Sep  7 03:00:36 2025 GMT
            Not After : Sep  8 03:00:36 2025 GMT
        Subject: CN=4fda8149d8478b53ac5ff5f2307883f60ccf68b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:68:58:65:0d:48:93:af:13:93:ec:b3:5d:39:
                    3f:7d:88:fe:28:75:1b:55:00:ce:09:b7:20:d4:51:
                    c7:bd:7c:77:03:bc:fa:a1:f7:cf:41:e5:71:95:13:
                    6f:2f:c6:4b:d1:59:0e:62:94:18:3c:9b:e9:47:cf:
                    dc:59:48:e1:09:ba:da:15:35:e8:ac:27:01:34:2b:
                    0c:bd:b5:4a:3a:e7:bd:5a:7b:41:d3:e4:64:f7:a6:
                    cb:21:ba:f2:0c:e0:b9:33:fc:0d:bd:a7:ab:d4:70:
                    e7:0c:e8:89:c3:08:8d:f5:87:d1:84:b7:65:2d:12:
                    fc:73:12:e9:ad:2c:5a:a1:07:c7:b3:c2:6b:aa:5e:
                    ed:13:78:0c:2c:cb:c8:71:67:01:58:ce:b7:74:8c:
                    4a:88:90:17:4d:8f:f9:f0:d1:13:85:3e:65:16:3a:
                    f3:5e:94:23:cc:c3:27:27:06:c9:42:f2:ca:10:e1:
                    1c:f6:5c:41:7c:2d:d1:af:cb:62:29:7f:dd:43:a0:
                    be:c8:42:74:26:04:c6:5f:70:fb:ce:f0:7b:fe:a5:
                    45:ed:93:f9:7c:0a:a4:f0:3f:50:93:37:2f:d1:dc:
                    7b:b3:4e:dc:e4:0a:85:c5:39:fa:af:ab:24:00:df:
                    eb:5f:40:a5:29:75:3a:53:32:9b:4c:de:9d:de:96:
                    e2:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:DA:81:49:D8:47:8B:53:AC:5F:F5:F2:30:78:83:F6:0C:CF:68:B6
            X509v3 Authority Key Identifier:
                keyid:03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:4d:fd:91:38:0c:18:04:65:af:5b:43:16:c2:d2:37:e1:d1:
         b6:f7:6b:47:58:8a:c8:11:55:28:e4:ab:f6:ad:cb:db:27:a9:
         6a:8d:44:98:56:93:05:30:73:95:84:62:4d:42:ca:48:33:3b:
         ae:6a:62:89:6b:57:b1:7e:3c:19:93:6a:ac:7c:5c:c7:26:fa:
         7e:2e:68:1e:8b:bc:69:c5:96:15:98:6c:41:86:91:c9:e1:a0:
         a1:5d:d9:72:c8:b5:ad:89:25:91:14:47:7c:a5:76:45:fa:cc:
         d2:93:93:88:e3:85:22:e1:a2:2d:69:2e:ba:e8:9d:d7:76:2c:
         e4:a7:7c:e6:de:ae:42:d0:6d:fa:a6:8e:99:3a:c4:c5:91:53:
         0d:9f:3f:1e:b0:1a:88:ee:74:63:84:4e:90:91:73:39:e8:50:
         1b:79:38:5c:f2:4a:cd:ba:ca:59:ba:7d:aa:60:8d:f4:06:a8:
         66:dc:08:50:a7:d2:89:46:12:04:52:8f:86:a1:73:83:82:3e:
         7a:a7:22:8f:ff:8f:dc:a8:c2:93:f3:e6:a5:33:14:ba:96:27:
         99:b5:44:70:c6:0f:cb:e9:23:cf:96:1b:a4:c3:c0:ec:34:8f:
         b4:6e:d4:55:9e:4b:2c:4f:fc:67:6e:b9:d9:22:38:d4:27:94:
         17:78:28:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHlGXN+dLnofW5tChiI8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTk5MzljZTFjNmFhOWJlYmJiNjU4MGUxNTZlZWJkODcx
ZGYzYjIwHhcNMjUwOTA3MDMwMDM2WhcNMjUwOTA4MDMwMDM2WjAzMTEwLwYDVQQD
Eyg0ZmRhODE0OWQ4NDc4YjUzYWM1ZmY1ZjIzMDc4ODNmNjBjY2Y2OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2hYZQ1Ik68Tk+yzXTk/fYj+KHUb
VQDOCbcg1FHHvXx3A7z6offPQeVxlRNvL8ZL0VkOYpQYPJvpR8/cWUjhCbraFTXo
rCcBNCsMvbVKOue9WntB0+Rk96bLIbryDOC5M/wNvaer1HDnDOiJwwiN9YfRhLdl
LRL8cxLprSxaoQfHs8Jrql7tE3gMLMvIcWcBWM63dIxKiJAXTY/58NEThT5lFjrz
XpQjzMMnJwbJQvLKEOEc9lxBfC3Rr8tiKX/dQ6C+yEJ0JgTGX3D7zvB7/qVF7ZP5
fAqk8D9Qkzcv0dx7s07c5AqFxTn6r6skAN/rX0ClKXU6UzKbTN6d3pbiRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/agUnYR4tTrF/18jB4g/YMz2i2MB8GA1UdIwQY
MBaAFANZk5zhxqqb67tlgOFW7r2HHfOyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAt
YTk2MmMyYjdiMTUzLzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAtYTk2MmMyYjdiMTUz
LzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABk39kTgM
GARlr1tDFsLSN+HRtvdrR1iKyBFVKOSr9q3L2yepao1EmFaTBTBzlYRiTULKSDM7
rmpiiWtXsX48GZNqrHxcxyb6fi5oHou8acWWFZhsQYaRyeGgoV3Zcsi1rYklkRRH
fKV2RfrM0pOTiOOFIuGiLWkuuuid13Ys5Kd85t6uQtBt+qaOmTrExZFTDZ8/HrAa
iO50Y4ROkJFzOehQG3k4XPJKzbrKWbp9qmCN9AaoZtwIUKfSiUYSBFKPhqFzg4I+
eqcij/+P3KjCk/PmpTMUupYnmbVEcMYPy+kjz5YbpMPA7DSPtG7UVZ5LLE/8Z265
2SI41CeUF3goZA==
-----END CERTIFICATE-----