Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
File:                     4N8zRFExdiUqLLaQvPcF1kmBEfU.mft (raw, json)
Hash identifier:          LAmZ8zxsJJ5WSjE7VZ8TYAyu2JhgRGIdKUrdxPTbjmA=
Subject key identifier:   D8:E5:44:D9:4C:DA:2D:4B:70:8C:0E:FE:85:37:4F:89:6D:A5:F1:03
Authority key identifier: E0:DF:33:44:51:31:76:25:2A:2C:B6:90:BC:F7:05:D6:49:81:11:F5
Certificate issuer:       /CN=e0df3344513176252a2cb690bcf705d6498111f5
Certificate serial:       019922FA452196A8777A17700B024823914C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
Manifest number:          098C
Signing time:             Sun 07 Sep 2025 07:00:50 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:50 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:50 +0000
Files and hashes:         1: 4N8zRFExdiUqLLaQvPcF1kmBEfU.crl (hash: h1xsok8o0UgXaX1GxeggGfTOD7QqQL6hltiKEj1c4vY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:45:21:96:a8:77:7a:17:70:0b:02:48:23:91:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0df3344513176252a2cb690bcf705d6498111f5
        Validity
            Not Before: Sep  7 07:00:50 2025 GMT
            Not After : Sep  8 07:00:50 2025 GMT
        Subject: CN=d8e544d94cda2d4b708c0efe85374f896da5f103
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:8f:85:ed:4c:cd:57:a0:f8:1b:c3:b0:4f:aa:
                    35:b2:32:4c:0e:10:c6:a0:cf:af:64:cf:19:ca:1f:
                    3a:ec:8b:5c:f5:10:e8:83:f7:9f:5f:db:eb:72:a4:
                    29:68:4c:4a:91:01:dc:77:2b:98:ca:31:5d:3c:8e:
                    24:51:40:4d:01:57:fc:ce:42:76:2a:f6:38:18:9b:
                    d7:e5:36:a5:18:c4:c9:ca:c0:e4:2f:52:bf:25:81:
                    93:36:9d:f1:38:a0:2a:fc:1a:28:8b:2f:6d:ec:8e:
                    0f:72:ff:c7:0f:2f:8d:39:69:32:c8:9a:a4:60:e6:
                    13:17:7c:31:c4:1d:72:4f:67:02:b8:1c:02:69:15:
                    5d:9f:88:c3:b5:6d:ec:ba:66:4f:b2:15:27:52:ee:
                    fa:a3:9b:01:78:38:75:f3:89:63:b4:ac:05:4d:0b:
                    32:87:ef:60:27:e7:7e:e2:66:9e:57:3a:ac:92:61:
                    da:f3:e0:05:74:f4:8a:9a:4d:f2:52:9c:b8:1b:4a:
                    7c:21:23:12:5e:98:b0:8d:16:62:12:41:0c:3a:b4:
                    73:b6:20:f6:9b:8e:be:31:13:09:95:18:0f:13:5a:
                    3f:e8:29:e2:c2:f1:cd:3d:e3:dc:a0:c9:ca:70:ef:
                    d5:33:4b:b7:2a:b6:e7:9c:c2:7d:44:93:d4:be:a8:
                    e6:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:E5:44:D9:4C:DA:2D:4B:70:8C:0E:FE:85:37:4F:89:6D:A5:F1:03
            X509v3 Authority Key Identifier:
                keyid:E0:DF:33:44:51:31:76:25:2A:2C:B6:90:BC:F7:05:D6:49:81:11:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:89:cc:64:9e:b8:32:29:db:02:a8:05:f1:c7:0e:a8:d1:e2:
         71:38:12:6b:e4:20:bf:de:0c:37:7c:5a:a7:08:55:58:0e:8c:
         8f:5a:e0:07:a8:7c:6e:ec:69:0e:1a:16:ef:03:f0:1b:55:c8:
         4d:d3:ad:49:b3:fc:51:f4:f5:6c:f3:3c:05:6e:52:72:c2:52:
         f6:54:40:8b:2d:fe:2e:51:12:37:8c:df:85:13:11:0d:60:c2:
         cf:6b:f2:86:49:b5:57:5c:ba:32:34:2f:47:37:f7:91:d0:82:
         a4:77:aa:5e:c1:b8:05:78:04:00:99:81:73:91:2c:a7:94:3f:
         bb:c6:53:ed:0d:3a:7e:f6:15:5a:cc:4b:a9:b8:9b:12:85:22:
         ff:fb:37:a4:d1:6d:66:af:4e:ef:43:94:25:72:8c:14:52:82:
         1a:8d:f6:0d:97:20:e8:1e:ee:d5:d0:fe:95:83:89:65:42:d7:
         11:80:bc:91:35:42:88:26:0b:e3:8a:20:a9:36:5f:4f:18:83:
         77:96:ba:6d:8f:15:fe:27:2d:f3:09:ee:99:42:41:50:db:eb:
         72:48:f0:b0:f1:54:8c:86:a6:0b:46:1a:d9:83:15:f2:d6:ba:
         b3:ae:74:f9:6d:71:f1:2c:47:02:70:79:00:06:06:b4:b5:c6:
         f6:9d:50:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+kUhlqh3ehdwCwJII5FMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGYzMzQ0NTEzMTc2MjUyYTJjYjY5MGJjZjcwNWQ2NDk4
MTExZjUwHhcNMjUwOTA3MDcwMDUwWhcNMjUwOTA4MDcwMDUwWjAzMTEwLwYDVQQD
EyhkOGU1NDRkOTRjZGEyZDRiNzA4YzBlZmU4NTM3NGY4OTZkYTVmMTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI+F7UzNV6D4G8OwT6o1sjJMDhDG
oM+vZM8Zyh867Itc9RDog/efX9vrcqQpaExKkQHcdyuYyjFdPI4kUUBNAVf8zkJ2
KvY4GJvX5TalGMTJysDkL1K/JYGTNp3xOKAq/Booiy9t7I4Pcv/HDy+NOWkyyJqk
YOYTF3wxxB1yT2cCuBwCaRVdn4jDtW3sumZPshUnUu76o5sBeDh184ljtKwFTQsy
h+9gJ+d+4maeVzqskmHa8+AFdPSKmk3yUpy4G0p8ISMSXpiwjRZiEkEMOrRztiD2
m46+MRMJlRgPE1o/6CniwvHNPePcoMnKcO/VM0u3KrbnnMJ9RJPUvqjmbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjlRNlM2i1LcIwO/oU3T4ltpfEDMB8GA1UdIwQY
MBaAFODfM0RRMXYlKiy2kLz3BdZJgRH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jYzNiNmUtYjc0OS00NWYxLWE4Njgt
MjVlMjFjOWU3ZGU5LzEvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jYzNiNmUtYjc0OS00NWYxLWE4NjgtMjVlMjFjOWU3ZGU5
LzEvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4nMZJ64
MinbAqgF8ccOqNHicTgSa+Qgv94MN3xapwhVWA6Mj1rgB6h8buxpDhoW7wPwG1XI
TdOtSbP8UfT1bPM8BW5ScsJS9lRAiy3+LlESN4zfhRMRDWDCz2vyhkm1V1y6MjQv
Rzf3kdCCpHeqXsG4BXgEAJmBc5Esp5Q/u8ZT7Q06fvYVWsxLqbibEoUi//s3pNFt
Zq9O70OUJXKMFFKCGo32DZcg6B7u1dD+lYOJZULXEYC8kTVCiCYL44ogqTZfTxiD
d5a6bY8V/ict8wnumUJBUNvrckjwsPFUjIamC0Ya2YMV8ta6s650+W1x8SxHAnB5
AAYGtLXG9p1QkA==
-----END CERTIFICATE-----