Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/79b797-0922-4df6-827d-3681f5b7f86b/1/SRHEgJhyKUvlgXsVnlnynlBgljY.mft
File:                     SRHEgJhyKUvlgXsVnlnynlBgljY.mft (raw, json)
Hash identifier:          uStP/OX72tbTkpN5SjVdY9MzkOrdxojDHY38iky+Jxg=
Subject key identifier:   D5:A9:95:D7:5E:FB:65:CB:B1:7C:C9:D5:33:90:BE:67:29:6B:6C:81
Authority key identifier: 49:11:C4:80:98:72:29:4B:E5:81:7B:15:9E:59:F2:9E:50:60:96:36
Certificate issuer:       /CN=4911c4809872294be5817b159e59f29e50609636
Certificate serial:       019827104E40A37EDEBA3E68DE72D472A4B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SRHEgJhyKUvlgXsVnlnynlBgljY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/79b797-0922-4df6-827d-3681f5b7f86b/1/SRHEgJhyKUvlgXsVnlnynlBgljY.mft
Manifest number:          40
Signing time:             Sun 20 Jul 2025 09:00:36 +0000
Manifest this update:     Sun 20 Jul 2025 09:00:36 +0000
Manifest next update:     Mon 21 Jul 2025 09:00:36 +0000
Files and hashes:         1: SRHEgJhyKUvlgXsVnlnynlBgljY.crl (hash: uBWmk+ECo7Nrj1J/vJQbFKMLQlBHs2rHPA4lUxZWSok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/79b797-0922-4df6-827d-3681f5b7f86b/1/SRHEgJhyKUvlgXsVnlnynlBgljY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/79b797-0922-4df6-827d-3681f5b7f86b/1/SRHEgJhyKUvlgXsVnlnynlBgljY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SRHEgJhyKUvlgXsVnlnynlBgljY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Jul 2025 09:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:27:10:4e:40:a3:7e:de:ba:3e:68:de:72:d4:72:a4:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4911c4809872294be5817b159e59f29e50609636
        Validity
            Not Before: Jul 20 09:00:36 2025 GMT
            Not After : Jul 21 09:00:36 2025 GMT
        Subject: CN=d5a995d75efb65cbb17cc9d53390be67296b6c81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:1a:26:b5:0c:96:82:dc:ef:25:f5:58:42:1f:
                    03:84:9d:a7:7c:56:47:03:91:c4:a1:56:5d:6d:2f:
                    15:da:5e:cb:7b:25:c9:2c:f5:f2:e4:63:c5:44:bb:
                    3b:1f:06:bf:07:f2:61:66:71:d8:53:26:52:a0:86:
                    70:cf:9c:bd:ce:46:f9:6b:9a:e0:4a:d6:ff:1e:ca:
                    b1:f9:a7:b8:8b:0a:b3:99:6a:35:59:63:4d:87:ba:
                    20:4b:19:6c:21:1a:3d:50:17:cc:4e:6b:d5:28:5d:
                    d4:00:41:99:0f:ce:ef:71:ce:ab:f3:d0:02:a7:f1:
                    c5:73:20:5e:97:bc:a9:f4:b5:2b:83:27:8c:57:6e:
                    98:3e:fe:7a:16:8d:ea:5b:b9:f7:43:f0:11:5a:90:
                    2b:8b:94:98:81:b5:63:00:9b:fc:17:2d:86:f1:cc:
                    e4:22:79:9c:01:0f:a8:ea:15:eb:31:89:7b:62:78:
                    2a:ad:5d:9e:b0:8d:98:50:52:d7:80:4e:3e:08:45:
                    1d:fb:cf:50:79:cd:75:04:f3:df:40:31:b5:f4:24:
                    81:6c:80:5c:21:fe:c0:12:26:7a:98:cd:f5:2d:29:
                    d3:36:4f:97:55:cf:62:c0:b3:ac:81:5a:21:f3:24:
                    87:d2:44:4b:83:ec:81:0a:e6:72:b5:5f:67:22:03:
                    d2:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:A9:95:D7:5E:FB:65:CB:B1:7C:C9:D5:33:90:BE:67:29:6B:6C:81
            X509v3 Authority Key Identifier:
                keyid:49:11:C4:80:98:72:29:4B:E5:81:7B:15:9E:59:F2:9E:50:60:96:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SRHEgJhyKUvlgXsVnlnynlBgljY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/79b797-0922-4df6-827d-3681f5b7f86b/1/SRHEgJhyKUvlgXsVnlnynlBgljY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/79b797-0922-4df6-827d-3681f5b7f86b/1/SRHEgJhyKUvlgXsVnlnynlBgljY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:97:da:5d:36:16:8c:16:75:65:2c:6b:e9:c1:e4:dd:0b:9d:
         00:5e:7c:1e:32:44:7b:fe:53:b5:fc:99:ac:ef:a2:88:88:98:
         2d:6f:51:95:47:8a:b8:e2:31:3f:55:3d:d5:b7:2a:d9:29:16:
         31:90:cd:14:f4:73:21:3f:f1:e3:1d:38:4d:1d:e6:38:bd:43:
         c2:43:81:57:08:c1:27:02:1d:07:bb:fc:33:97:2c:5a:bf:e8:
         e1:59:dd:7c:2c:5e:18:b4:02:6a:f9:57:79:f9:a9:fe:e0:c0:
         f7:1d:ad:b5:4b:8b:67:2d:ec:5d:d6:84:dd:ef:5b:ed:89:be:
         9e:67:67:19:5b:e5:bb:5a:90:e0:77:36:79:4c:a6:34:d4:4d:
         ca:5c:0d:f4:22:91:71:15:8d:8a:31:07:d9:86:f7:ed:f9:51:
         a7:f4:b9:8f:fd:5d:8a:ca:fc:55:9f:9e:02:24:e8:06:69:63:
         2f:0b:17:18:d9:10:68:f0:87:62:13:4a:2a:29:4a:04:00:fa:
         0c:bc:01:1c:5e:57:75:b4:cf:54:cb:f9:7f:8e:09:08:5a:3a:
         ae:e5:e4:e5:a7:d6:ba:b3:86:39:85:12:c4:37:93:fe:b0:b4:
         31:ab:60:43:b5:e2:7c:e4:6d:21:83:12:e9:b2:0b:26:3e:c1:
         4e:31:7b:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZgnEE5Ao37euj5o3nLUcqS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MTFjNDgwOTg3MjI5NGJlNTgxN2IxNTllNTlmMjllNTA2
MDk2MzYwHhcNMjUwNzIwMDkwMDM2WhcNMjUwNzIxMDkwMDM2WjAzMTEwLwYDVQQD
EyhkNWE5OTVkNzVlZmI2NWNiYjE3Y2M5ZDUzMzkwYmU2NzI5NmI2YzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihomtQyWgtzvJfVYQh8DhJ2nfFZH
A5HEoVZdbS8V2l7LeyXJLPXy5GPFRLs7Hwa/B/JhZnHYUyZSoIZwz5y9zkb5a5rg
Stb/Hsqx+ae4iwqzmWo1WWNNh7ogSxlsIRo9UBfMTmvVKF3UAEGZD87vcc6r89AC
p/HFcyBel7yp9LUrgyeMV26YPv56Fo3qW7n3Q/ARWpAri5SYgbVjAJv8Fy2G8czk
InmcAQ+o6hXrMYl7YngqrV2esI2YUFLXgE4+CEUd+89Qec11BPPfQDG19CSBbIBc
If7AEiZ6mM31LSnTNk+XVc9iwLOsgVoh8ySH0kRLg+yBCuZytV9nIgPSMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWpldde+2XLsXzJ1TOQvmcpa2yBMB8GA1UdIwQY
MBaAFEkRxICYcilL5YF7FZ5Z8p5QYJY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1JIRWdKaHlLVXZsZ1hzVm5sbnlubEJnbGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS83OWI3OTctMDkyMi00ZGY2LTgyN2Qt
MzY4MWY1YjdmODZiLzEvU1JIRWdKaHlLVXZsZ1hzVm5sbnlubEJnbGpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS83OWI3OTctMDkyMi00ZGY2LTgyN2QtMzY4MWY1YjdmODZi
LzEvU1JIRWdKaHlLVXZsZ1hzVm5sbnlubEJnbGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx5faXTYW
jBZ1ZSxr6cHk3QudAF58HjJEe/5TtfyZrO+iiIiYLW9RlUeKuOIxP1U91bcq2SkW
MZDNFPRzIT/x4x04TR3mOL1DwkOBVwjBJwIdB7v8M5csWr/o4VndfCxeGLQCavlX
efmp/uDA9x2ttUuLZy3sXdaE3e9b7Ym+nmdnGVvlu1qQ4Hc2eUymNNRNylwN9CKR
cRWNijEH2Yb37flRp/S5j/1disr8VZ+eAiToBmljLwsXGNkQaPCHYhNKKilKBAD6
DLwBHF5XdbTPVMv5f44JCFo6ruXk5afWurOGOYUSxDeT/rC0MatgQ7XifORtIYMS
6bILJj7BTjF7+g==
-----END CERTIFICATE-----