Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
File:                     04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json)
Hash identifier:          EphBUn1xHLTBxZL+698uyCT3iwcKBIcfT1xaJjbaGLg=
Subject key identifier:   04:CD:A7:40:B5:2F:11:78:FC:53:03:76:EB:F6:C9:31:96:73:8F:42
Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65
Certificate issuer:       /CN=d381b701705190b9ce9d1b184535384e71ca3165
Certificate serial:       0199239EF9872AB9F467904E120766214F63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 10:00:45 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:45 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:45 +0000
Files and hashes:         1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: Cedt+BwsAa7xuu4eY1DEwHBT2Kh78hcnVPEDaTjfRdQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:f9:87:2a:b9:f4:67:90:4e:12:07:66:21:4f:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165
        Validity
            Not Before: Sep  7 10:00:45 2025 GMT
            Not After : Sep  8 10:00:45 2025 GMT
        Subject: CN=04cda740b52f1178fc530376ebf6c93196738f42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:3c:04:93:31:19:b0:52:dd:ef:d8:d1:1b:2d:
                    5c:f5:9c:c1:34:9d:5a:0d:3f:91:e2:e7:0f:ed:5e:
                    bb:29:3a:cf:2c:22:7c:fa:5e:08:c0:4b:3e:aa:2b:
                    b9:c7:04:a3:66:ae:96:da:3e:f4:da:d4:4e:08:ed:
                    53:d0:09:ad:ba:63:f7:1b:3d:c5:b9:55:3c:76:f3:
                    a3:56:e2:7e:49:07:dc:f4:4f:fe:3d:f2:f9:6f:17:
                    9e:6b:49:09:15:fa:06:a4:05:1f:50:2b:70:f5:7a:
                    97:75:84:21:68:ac:26:fd:7a:de:e0:95:6a:c2:b7:
                    c0:d4:56:16:c0:37:71:93:db:01:a0:f8:1d:fb:70:
                    1f:d7:59:6b:c0:55:9b:ea:bf:b7:c7:21:eb:29:29:
                    4d:e5:3d:52:8b:50:5f:45:2d:a5:01:a3:b0:a8:f0:
                    1e:5b:f6:a7:0c:21:ea:11:f3:6d:27:34:8b:b5:3d:
                    c4:c5:26:61:a5:03:35:1d:9a:a1:d6:94:9f:81:91:
                    63:85:53:a0:b4:9b:d3:61:5d:46:2d:14:df:ed:08:
                    1f:62:b8:10:ac:ac:f7:c4:20:1f:25:0d:02:a6:a1:
                    80:62:b8:91:b7:3f:38:79:0f:ab:6e:51:cd:0c:13:
                    a5:65:4e:94:22:d1:ab:6e:f6:1f:b5:88:b7:03:64:
                    cf:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:CD:A7:40:B5:2F:11:78:FC:53:03:76:EB:F6:C9:31:96:73:8F:42
            X509v3 Authority Key Identifier:
                keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:0c:38:73:3f:74:13:bf:b6:f4:b3:76:66:16:a4:fc:c5:c7:
         72:e6:2a:39:ce:43:57:c3:e1:d1:7c:d5:b1:62:85:60:1a:90:
         ae:14:63:0a:a2:0c:e3:d5:24:b1:44:a1:e9:ae:4a:9a:c1:db:
         d7:8f:48:84:56:73:f4:63:a7:09:48:03:bf:16:d9:95:c9:a8:
         f9:53:1a:4e:5d:88:10:f6:c9:ee:f2:81:0d:68:c8:be:a1:84:
         f4:01:ff:ea:c8:35:17:b4:c3:a2:b0:5e:9e:a7:79:0e:77:d1:
         24:7c:c9:8a:50:1a:12:5e:f5:01:f7:69:4c:97:99:ec:85:8b:
         cf:b3:de:d7:9b:5e:5d:85:4a:fa:b4:6b:5e:0f:9d:5f:7a:64:
         ba:fc:73:da:be:f2:ab:e7:06:cc:9b:e8:14:17:af:57:6b:8b:
         2b:a7:d4:f2:bb:f6:e8:23:56:48:52:f5:cf:d2:1a:14:44:20:
         6d:c7:9f:ff:fe:47:50:fd:2d:fc:e3:5b:64:fd:e2:83:dc:42:
         a5:51:90:ed:c7:2b:fb:f7:be:66:9c:ca:ba:7a:db:1e:03:0e:
         30:26:2a:33:a3:b3:5f:cc:27:21:d9:ad:da:f7:70:9e:be:5a:
         d6:f5:dc:55:94:73:f6:21:ab:86:d3:ba:1b:b0:b5:35:ab:f7:
         7f:e5:cb:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnvmHKrn0Z5BOEgdmIU9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj
YTMxNjUwHhcNMjUwOTA3MTAwMDQ1WhcNMjUwOTA4MTAwMDQ1WjAzMTEwLwYDVQQD
EygwNGNkYTc0MGI1MmYxMTc4ZmM1MzAzNzZlYmY2YzkzMTk2NzM4ZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjwEkzEZsFLd79jRGy1c9ZzBNJ1a
DT+R4ucP7V67KTrPLCJ8+l4IwEs+qiu5xwSjZq6W2j702tROCO1T0AmtumP3Gz3F
uVU8dvOjVuJ+SQfc9E/+PfL5bxeea0kJFfoGpAUfUCtw9XqXdYQhaKwm/Xre4JVq
wrfA1FYWwDdxk9sBoPgd+3Af11lrwFWb6r+3xyHrKSlN5T1Si1BfRS2lAaOwqPAe
W/anDCHqEfNtJzSLtT3ExSZhpQM1HZqh1pSfgZFjhVOgtJvTYV1GLRTf7QgfYrgQ
rKz3xCAfJQ0CpqGAYriRtz84eQ+rblHNDBOlZU6UItGrbvYftYi3A2TPDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATNp0C1LxF4/FMDduv2yTGWc49CMB8GA1UdIwQY
MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct
NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw
LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmww4cz90
E7+29LN2Zhak/MXHcuYqOc5DV8Ph0XzVsWKFYBqQrhRjCqIM49UksUSh6a5KmsHb
149IhFZz9GOnCUgDvxbZlcmo+VMaTl2IEPbJ7vKBDWjIvqGE9AH/6sg1F7TDorBe
nqd5DnfRJHzJilAaEl71AfdpTJeZ7IWLz7Pe15teXYVK+rRrXg+dX3pkuvxz2r7y
q+cGzJvoFBevV2uLK6fU8rv26CNWSFL1z9IaFEQgbcef//5HUP0t/ONbZP3ig9xC
pVGQ7ccr+/e+ZpzKunrbHgMOMCYqM6OzX8wnIdmt2vdwnr5a1vXcVZRz9iGrhtO6
G7C1Nav3f+XL5A==
-----END CERTIFICATE-----