Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
File:                     4KM3CoQbiT57aPhqOTNjWC4QVkg.mft (raw, json)
Hash identifier:          7oK7OLwbKrv9aeFuUZ9NVVCYvFfx1WPo9SO9Rmwg7S8=
Subject key identifier:   9F:3F:BE:07:00:07:07:4B:8A:C1:1D:24:19:00:5D:25:CF:77:60:0D
Authority key identifier: E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48
Certificate issuer:       /CN=e0a3370a841b893e7b68f86a393363582e105648
Certificate serial:       0199221E96765B5DB861DD4B813A0596A177
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
Manifest number:          0B4B
Signing time:             Sun 07 Sep 2025 03:00:53 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:53 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:53 +0000
Files and hashes:         1: 4KM3CoQbiT57aPhqOTNjWC4QVkg.crl (hash: kfvAbD0zbySjX2D1ZS8zjKCmdMsVQII4T3zRHtpm5SM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:96:76:5b:5d:b8:61:dd:4b:81:3a:05:96:a1:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0a3370a841b893e7b68f86a393363582e105648
        Validity
            Not Before: Sep  7 03:00:53 2025 GMT
            Not After : Sep  8 03:00:53 2025 GMT
        Subject: CN=9f3fbe070007074b8ac11d2419005d25cf77600d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ef:37:64:be:b0:eb:6a:36:f4:89:a3:a0:80:
                    fe:e3:4d:d5:76:4f:af:3d:46:ac:06:37:50:a3:8f:
                    e8:28:f9:04:2b:d6:4e:0c:ca:1e:f5:e4:d5:b5:8b:
                    ab:ea:3e:24:ce:78:15:b2:0a:50:3e:2c:b2:f3:99:
                    d4:e9:d5:6b:04:0a:f2:74:cf:75:83:80:34:7c:47:
                    b7:fe:c0:97:8b:02:c1:0f:22:26:26:fe:d0:9b:51:
                    e7:0a:ac:fa:76:a2:a2:9f:53:52:6f:6c:ab:45:49:
                    1b:bf:50:68:22:4f:c8:07:04:d9:f8:90:70:ef:8f:
                    01:1f:77:96:b2:6e:17:2f:95:e4:e6:8d:29:27:d6:
                    90:35:36:10:b6:23:86:e1:85:63:01:2d:a3:65:05:
                    0a:77:60:a2:7f:de:cf:50:ba:15:3d:a9:11:ec:64:
                    70:f7:59:23:52:a9:93:b6:ef:d1:44:00:b7:17:13:
                    f6:1f:d7:99:37:f7:49:99:16:0a:12:ae:00:d8:c9:
                    41:63:67:ed:c7:37:3d:c3:0a:f7:7d:a0:d1:bf:8e:
                    63:fb:11:55:22:0f:b5:7c:3d:9d:37:c8:13:2d:55:
                    e5:e0:2f:f5:dc:02:87:b0:43:ab:78:13:a5:b9:18:
                    d0:9e:42:8a:71:7d:9e:c7:95:f1:e6:ec:a4:74:a0:
                    3b:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:3F:BE:07:00:07:07:4B:8A:C1:1D:24:19:00:5D:25:CF:77:60:0D
            X509v3 Authority Key Identifier:
                keyid:E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:6c:1f:dc:10:fb:7c:72:36:00:ea:0f:b5:e1:65:67:18:77:
         0d:4a:85:5a:fc:6c:c4:9d:35:b8:61:cb:5c:4e:1d:6c:27:fa:
         69:d2:f1:1a:c2:bb:b9:6d:55:44:ae:51:98:af:63:84:c5:cc:
         34:f7:a7:8b:f4:4d:e7:f8:3c:ea:02:60:c8:ec:a0:85:05:72:
         66:25:a8:44:6a:e4:4f:74:55:22:2b:68:69:85:17:4a:fd:b3:
         ba:27:cc:66:5f:64:cd:81:c4:e8:cb:57:16:eb:ee:8f:e3:48:
         de:9a:c6:0e:a2:5c:1d:a6:68:f0:35:e6:66:f6:66:0c:e7:91:
         f9:21:2b:13:ed:88:63:13:0d:f1:34:e6:36:a8:ce:91:8e:a1:
         11:e7:79:57:b5:04:2c:38:cf:f4:77:71:6a:2e:4f:14:76:4d:
         aa:92:cf:e0:ac:97:ef:4b:65:6e:78:67:0c:da:05:67:1e:22:
         cf:3b:84:31:22:4e:10:c0:3f:aa:8e:78:8a:1d:69:c0:62:1f:
         2d:e1:8f:2f:6f:85:4e:6f:1c:3f:ee:60:1e:b0:3a:5b:87:51:
         a8:ed:22:a9:34:a5:dd:58:04:8f:40:d0:4d:59:37:93:d0:e3:
         f6:05:4d:d2:6e:c7:82:64:4a:9c:c3:07:6c:77:fa:a2:ab:3c:
         9a:cd:59:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHpZ2W124Yd1LgToFlqF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTMzNzBhODQxYjg5M2U3YjY4Zjg2YTM5MzM2MzU4MmUx
MDU2NDgwHhcNMjUwOTA3MDMwMDUzWhcNMjUwOTA4MDMwMDUzWjAzMTEwLwYDVQQD
Eyg5ZjNmYmUwNzAwMDcwNzRiOGFjMTFkMjQxOTAwNWQyNWNmNzc2MDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO83ZL6w62o29ImjoID+403Vdk+v
PUasBjdQo4/oKPkEK9ZODMoe9eTVtYur6j4kzngVsgpQPiyy85nU6dVrBArydM91
g4A0fEe3/sCXiwLBDyImJv7Qm1HnCqz6dqKin1NSb2yrRUkbv1BoIk/IBwTZ+JBw
748BH3eWsm4XL5Xk5o0pJ9aQNTYQtiOG4YVjAS2jZQUKd2Cif97PULoVPakR7GRw
91kjUqmTtu/RRAC3FxP2H9eZN/dJmRYKEq4A2MlBY2ftxzc9wwr3faDRv45j+xFV
Ig+1fD2dN8gTLVXl4C/13AKHsEOreBOluRjQnkKKcX2ex5Xx5uykdKA73wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8/vgcABwdLisEdJBkAXSXPd2ANMB8GA1UdIwQY
MBaAFOCjNwqEG4k+e2j4ajkzY1guEFZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgt
YzNlZGI0ZDhmNzFlLzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgtYzNlZGI0ZDhmNzFl
LzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWwf3BD7
fHI2AOoPteFlZxh3DUqFWvxsxJ01uGHLXE4dbCf6adLxGsK7uW1VRK5RmK9jhMXM
NPeni/RN5/g86gJgyOyghQVyZiWoRGrkT3RVIitoaYUXSv2zuifMZl9kzYHE6MtX
Fuvuj+NI3prGDqJcHaZo8DXmZvZmDOeR+SErE+2IYxMN8TTmNqjOkY6hEed5V7UE
LDjP9Hdxai5PFHZNqpLP4KyX70tlbnhnDNoFZx4izzuEMSJOEMA/qo54ih1pwGIf
LeGPL2+FTm8cP+5gHrA6W4dRqO0iqTSl3VgEj0DQTVk3k9Dj9gVN0m7HgmRKnMMH
bHf6oqs8ms1ZKg==
-----END CERTIFICATE-----