Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
File:                     4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft (raw, json)
Hash identifier:          5p9Nv7S2Q0EUL477NmLBLpjsE8ltgPdo3bxPcWFYlBM=
Subject key identifier:   78:5E:83:75:31:5A:98:9A:A7:43:71:1F:53:63:F3:5D:35:07:63:01
Authority key identifier: E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4
Certificate issuer:       /CN=e0b867131100c15de890110063e638a5f02367c4
Certificate serial:       0199228D1748513CBFEA0C065D27D54E3248
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 05:01:35 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:35 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:35 +0000
Files and hashes:         1: 4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl (hash: PUvpDqw7eVjGmi4ZV0WhXwXPWh1N346luXJIHer1hP8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8d:17:48:51:3c:bf:ea:0c:06:5d:27:d5:4e:32:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0b867131100c15de890110063e638a5f02367c4
        Validity
            Not Before: Sep  7 05:01:35 2025 GMT
            Not After : Sep  8 05:01:35 2025 GMT
        Subject: CN=785e8375315a989aa743711f5363f35d35076301
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f5:85:d4:da:fa:99:7e:b2:0f:d8:c2:7e:09:
                    f9:5c:fe:50:9e:25:e3:9b:b0:40:fc:be:c6:30:0a:
                    bd:59:f8:84:56:bf:66:0c:9f:61:b9:27:20:7a:e0:
                    c3:4e:e4:35:4e:cf:b2:11:2e:22:1e:a5:5c:43:2d:
                    a7:50:62:a6:19:44:3e:3e:ea:37:1d:e1:b2:85:92:
                    6d:da:f9:3b:c9:71:51:3d:d3:bd:71:0d:06:87:f6:
                    75:22:b9:0e:fc:40:77:7a:67:3a:2f:58:1b:ee:c8:
                    9c:a1:fc:cd:35:51:63:51:3c:5d:af:3d:f7:b0:f5:
                    72:41:6b:ce:92:66:96:59:93:6a:d3:97:82:48:bf:
                    bf:d1:e6:6c:97:d0:04:6d:be:71:8b:5b:c1:3a:26:
                    47:7a:94:c5:4e:88:93:5b:7e:6c:2d:c0:fa:00:db:
                    33:f2:31:9c:96:ee:8f:53:4b:91:25:33:8a:dd:61:
                    ff:86:e8:30:41:f1:43:53:9d:2b:be:56:dc:e6:63:
                    4a:63:b1:3e:43:e8:11:60:86:d7:98:01:ae:3f:82:
                    60:ff:ab:43:3e:bb:63:52:e2:a2:3d:27:c4:66:38:
                    29:07:38:cc:61:0a:0b:b3:97:9d:11:f7:5b:09:c5:
                    e3:f9:90:56:87:6e:a4:d4:47:54:62:d6:e1:14:5c:
                    51:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:5E:83:75:31:5A:98:9A:A7:43:71:1F:53:63:F3:5D:35:07:63:01
            X509v3 Authority Key Identifier:
                keyid:E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:c7:af:bc:56:67:0b:56:c9:a1:5e:96:8c:c7:41:a1:87:19:
         9a:8c:81:5f:6f:b0:fb:78:bd:ec:10:0b:c7:65:96:6b:d2:ee:
         27:4a:3d:18:87:2c:78:fc:b9:db:f5:23:0f:29:98:f0:45:f8:
         32:22:b7:ca:cd:cb:89:f6:41:6a:76:c0:da:7c:73:1a:04:f5:
         56:c6:06:c0:2f:8f:6b:1a:08:6c:98:4c:c3:d6:07:b1:c5:d3:
         96:7f:b3:09:31:72:be:7f:53:0a:10:4b:83:4a:3f:9f:eb:ba:
         22:ee:e1:2d:ff:7f:c1:a6:68:10:85:c3:b9:4f:71:5e:19:b6:
         e5:6c:77:4a:d9:dc:1d:64:fe:00:28:67:32:a7:f9:53:8a:fd:
         b7:9a:1a:58:95:86:85:93:9d:72:9e:a8:c4:f7:56:d9:cb:69:
         f8:ff:f0:dc:22:b0:99:cd:54:ed:a4:e6:86:4f:76:31:55:ac:
         6d:c3:24:65:c0:1e:bc:c2:47:e3:03:28:a8:19:f3:9b:1c:24:
         18:b9:b6:55:13:40:45:19:f0:9c:7d:27:59:af:76:b3:8c:9a:
         aa:1a:1f:e4:14:2f:88:61:4b:66:75:52:a6:b0:a8:d0:f0:c8:
         fa:ed:32:e3:9b:ca:f0:f8:09:47:16:34:fc:a6:e2:6b:6f:f1:
         82:1d:1d:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijRdIUTy/6gwGXSfVTjJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjg2NzEzMTEwMGMxNWRlODkwMTEwMDYzZTYzOGE1ZjAy
MzY3YzQwHhcNMjUwOTA3MDUwMTM1WhcNMjUwOTA4MDUwMTM1WjAzMTEwLwYDVQQD
Eyg3ODVlODM3NTMxNWE5ODlhYTc0MzcxMWY1MzYzZjM1ZDM1MDc2MzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPWF1Nr6mX6yD9jCfgn5XP5QniXj
m7BA/L7GMAq9WfiEVr9mDJ9huScgeuDDTuQ1Ts+yES4iHqVcQy2nUGKmGUQ+Puo3
HeGyhZJt2vk7yXFRPdO9cQ0Gh/Z1IrkO/EB3emc6L1gb7sicofzNNVFjUTxdrz33
sPVyQWvOkmaWWZNq05eCSL+/0eZsl9AEbb5xi1vBOiZHepTFToiTW35sLcD6ANsz
8jGclu6PU0uRJTOK3WH/hugwQfFDU50rvlbc5mNKY7E+Q+gRYIbXmAGuP4Jg/6tD
PrtjUuKiPSfEZjgpBzjMYQoLs5edEfdbCcXj+ZBWh26k1EdUYtbhFFxRTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHheg3UxWpiap0NxH1Nj8101B2MBMB8GA1UdIwQY
MBaAFOC4ZxMRAMFd6JARAGPmOKXwI2fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEt
MWUwNDQ4MTQ1MThmLzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEtMWUwNDQ4MTQ1MThm
LzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVsevvFZn
C1bJoV6WjMdBoYcZmoyBX2+w+3i97BALx2WWa9LuJ0o9GIcsePy52/UjDymY8EX4
MiK3ys3LifZBanbA2nxzGgT1VsYGwC+PaxoIbJhMw9YHscXTln+zCTFyvn9TChBL
g0o/n+u6Iu7hLf9/waZoEIXDuU9xXhm25Wx3StncHWT+AChnMqf5U4r9t5oaWJWG
hZOdcp6oxPdW2ctp+P/w3CKwmc1U7aTmhk92MVWsbcMkZcAevMJH4wMoqBnzmxwk
GLm2VRNARRnwnH0nWa92s4yaqhof5BQviGFLZnVSprCo0PDI+u0y45vK8PgJRxY0
/Kbia2/xgh0drQ==
-----END CERTIFICATE-----