Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          gVYkCbWoi+3Ku01seWe/PbenlQgX2N7Jr/B7f1k0fG0=
Subject key identifier:   CE:86:63:D5:E1:63:2F:49:00:37:0F:3E:98:30:23:20:D8:5E:24:FC
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       019848F7059DEE72E0B7200E5CA911AA19AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          04DA
Signing time:             Sat 26 Jul 2025 23:00:04 +0000
Manifest this update:     Sat 26 Jul 2025 23:00:04 +0000
Manifest next update:     Sun 27 Jul 2025 23:00:04 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: imIrFH1RMiBlHZqNjEbtkQvqX5KwYZ8MAQ6QJzbj5/c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:48:f7:05:9d:ee:72:e0:b7:20:0e:5c:a9:11:aa:19:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Jul 26 23:00:04 2025 GMT
            Not After : Jul 27 23:00:04 2025 GMT
        Subject: CN=ce8663d5e1632f4900370f3e98302320d85e24fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e3:af:fc:f2:2a:c3:f0:f1:da:7d:b6:31:0c:
                    45:83:31:0e:79:b1:bb:8c:31:9f:0e:16:5d:5d:b1:
                    61:7a:8e:fc:b3:d7:f8:66:93:3a:f9:b2:9d:a4:03:
                    6e:a4:d2:77:5d:86:d2:f1:09:53:50:6d:a5:b6:11:
                    dc:67:31:00:46:55:ff:37:b4:26:8b:e6:cf:72:1d:
                    7e:9d:80:5c:37:2d:d6:3d:96:af:55:46:d8:a4:54:
                    04:3c:80:4c:fc:e6:eb:73:4b:2f:40:5b:a4:31:bc:
                    80:28:95:05:5b:eb:88:eb:57:0e:d3:70:12:a2:80:
                    0f:8d:71:2a:4a:4a:d0:1d:8b:ab:32:cd:e0:b2:60:
                    46:17:69:b5:d7:e8:b6:87:bd:65:53:af:db:7e:f7:
                    ef:02:e8:5f:86:3c:ba:02:01:b3:34:27:ac:38:6b:
                    1e:c6:b7:93:53:8d:9e:b0:0e:e3:e2:4c:be:1f:16:
                    bd:c8:d4:d0:1a:25:78:05:c8:9c:36:61:35:09:e8:
                    bc:ce:70:a3:fa:5e:25:49:23:a6:ba:af:9a:f6:19:
                    aa:ca:52:85:27:f3:e0:8f:3e:96:e7:8f:4b:4f:7f:
                    89:9c:8c:24:fd:68:e9:65:d4:8d:fe:36:53:7a:1c:
                    e1:99:66:4d:40:cc:2e:84:0a:a8:c4:e4:9a:ca:21:
                    77:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:86:63:D5:E1:63:2F:49:00:37:0F:3E:98:30:23:20:D8:5E:24:FC
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:92:11:37:c8:28:d7:31:7c:3c:ea:21:b0:5f:ee:95:4c:06:
         f7:34:86:30:b7:a3:33:2f:97:84:59:4c:e2:37:71:72:2b:24:
         53:6b:73:f2:8b:54:bf:76:e6:22:91:10:00:ad:0e:af:d8:bf:
         20:7c:d8:45:2f:5c:8a:31:36:c7:df:59:df:f7:31:34:89:1a:
         38:06:cf:85:a8:3e:60:f7:77:ce:11:4b:16:3a:d6:83:fd:70:
         b9:db:e9:ef:5b:e0:7e:86:d1:c6:a8:f4:88:a8:69:73:a2:71:
         5a:1b:00:be:d3:c0:d6:57:8c:68:38:4c:6d:dd:e9:8f:d5:aa:
         6a:a9:61:bb:5c:3f:c7:73:70:d8:e4:08:ff:27:d3:a7:31:88:
         f6:f3:4d:75:a3:40:74:9e:72:09:1d:68:7c:10:65:e4:bd:8b:
         29:8e:1f:3c:3b:7d:c0:0e:1f:ea:7e:2f:ee:b1:65:e2:7f:50:
         f1:d4:81:78:13:0a:2b:14:c6:c3:15:5f:db:10:db:a9:78:28:
         c8:b5:89:f0:53:27:e2:79:af:71:02:c7:c9:dd:78:35:7c:2a:
         04:6f:57:65:e1:16:7c:07:f1:64:fd:d1:25:cf:1c:0d:30:d0:
         8e:0a:84:63:2a:a7:e8:ba:48:9e:e2:90:f3:05:16:fe:fe:7a:
         8d:d1:25:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhI9wWd7nLgtyAOXKkRqhmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjUwNzI2MjMwMDA0WhcNMjUwNzI3MjMwMDA0WjAzMTEwLwYDVQQD
EyhjZTg2NjNkNWUxNjMyZjQ5MDAzNzBmM2U5ODMwMjMyMGQ4NWUyNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOOv/PIqw/Dx2n22MQxFgzEOebG7
jDGfDhZdXbFheo78s9f4ZpM6+bKdpANupNJ3XYbS8QlTUG2lthHcZzEARlX/N7Qm
i+bPch1+nYBcNy3WPZavVUbYpFQEPIBM/Obrc0svQFukMbyAKJUFW+uI61cO03AS
ooAPjXEqSkrQHYurMs3gsmBGF2m11+i2h71lU6/bfvfvAuhfhjy6AgGzNCesOGse
xreTU42esA7j4ky+Hxa9yNTQGiV4BcicNmE1Cei8znCj+l4lSSOmuq+a9hmqylKF
J/Pgjz6W549LT3+JnIwk/WjpZdSN/jZTehzhmWZNQMwuhAqoxOSayiF35QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM6GY9XhYy9JADcPPpgwIyDYXiT8MB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS5IRN8go
1zF8POohsF/ulUwG9zSGMLejMy+XhFlM4jdxciskU2tz8otUv3bmIpEQAK0Or9i/
IHzYRS9cijE2x99Z3/cxNIkaOAbPhag+YPd3zhFLFjrWg/1wudvp71vgfobRxqj0
iKhpc6JxWhsAvtPA1leMaDhMbd3pj9Wqaqlhu1w/x3Nw2OQI/yfTpzGI9vNNdaNA
dJ5yCR1ofBBl5L2LKY4fPDt9wA4f6n4v7rFl4n9Q8dSBeBMKKxTGwxVf2xDbqXgo
yLWJ8FMn4nmvcQLHyd14NXwqBG9XZeEWfAfxZP3RJc8cDTDQjgqEYyqn6LpInuKQ
8wUW/v56jdElNA==
-----END CERTIFICATE-----