Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
File:                     Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft (raw, json)
Hash identifier:          WE+WrHoPDW2uqZGJ9z8sgpjWSxg+Q2iBr7lInHDTq/w=
Subject key identifier:   40:DA:48:D9:D3:19:8E:43:37:5E:D9:C1:75:73:A7:DD:1F:FC:87:C2
Authority key identifier: 46:7A:38:81:12:E6:8F:4C:7D:4D:80:C3:2D:37:CF:CD:6C:D2:3A:45
Certificate issuer:       /CN=467a388112e68f4c7d4d80c32d37cfcd6cd23a45
Certificate serial:       0199225587A3559C25C62C0E08E482266B59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
Manifest number:          132E
Signing time:             Sun 07 Sep 2025 04:00:54 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:54 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:54 +0000
Files and hashes:         1: Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl (hash: 98JekElOYtu9qr6bB+BHXElEQzSAo6Vg+jtHeqE5jdc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:87:a3:55:9c:25:c6:2c:0e:08:e4:82:26:6b:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=467a388112e68f4c7d4d80c32d37cfcd6cd23a45
        Validity
            Not Before: Sep  7 04:00:54 2025 GMT
            Not After : Sep  8 04:00:54 2025 GMT
        Subject: CN=40da48d9d3198e43375ed9c17573a7dd1ffc87c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:14:db:d7:11:2a:31:ba:6f:44:c5:d0:2a:df:
                    68:e1:b9:3c:93:b9:ef:c1:fd:60:96:50:7e:1a:e4:
                    1d:20:96:80:96:61:8f:07:89:17:21:c1:60:61:e8:
                    12:69:c8:5e:77:65:96:a1:6b:f3:17:f0:a0:f4:13:
                    0e:c3:8a:8f:73:8e:ac:1a:85:45:0d:62:0d:42:8a:
                    4b:c5:74:f1:79:9c:10:7d:0d:01:8c:61:ba:01:f5:
                    28:aa:42:94:ac:29:4e:77:98:44:16:a0:67:5c:bb:
                    2e:32:7c:9c:8d:5f:f5:23:af:0b:8a:02:1c:2e:e1:
                    cb:31:d4:09:4a:e7:77:75:2e:ff:65:4f:17:41:51:
                    70:6f:32:26:f2:af:80:09:a3:42:2e:73:b0:38:7f:
                    67:20:b9:77:6e:f8:0d:2b:fb:9d:d8:71:04:04:ce:
                    14:f4:a3:a5:12:20:ec:75:de:99:94:47:42:e0:a2:
                    87:ac:72:42:0d:28:05:b7:76:5d:b4:3d:a4:8e:e8:
                    bf:97:b2:05:73:b6:ab:68:23:e9:09:51:ab:de:ba:
                    cd:46:67:7e:c6:73:50:b4:61:64:82:1c:bb:b6:ea:
                    4f:f8:fb:3e:54:66:d7:46:3d:a3:36:3d:14:64:60:
                    6f:47:c6:ee:d9:c7:85:83:53:fb:3a:46:5b:7c:d6:
                    ba:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:DA:48:D9:D3:19:8E:43:37:5E:D9:C1:75:73:A7:DD:1F:FC:87:C2
            X509v3 Authority Key Identifier:
                keyid:46:7A:38:81:12:E6:8F:4C:7D:4D:80:C3:2D:37:CF:CD:6C:D2:3A:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:cd:07:13:d8:2b:c7:81:39:2c:24:98:7e:57:45:ed:ae:fb:
         99:bb:34:a4:fd:b9:27:89:5d:b9:8d:3d:b5:d0:5d:41:ba:ac:
         56:89:cc:a9:dd:3d:a0:3e:09:2b:30:a2:4c:36:50:21:48:ad:
         4d:fc:b2:6f:c3:75:97:c7:c8:96:f4:be:ab:f5:17:0e:f5:f6:
         49:38:80:32:d8:79:d9:92:b0:02:9e:e8:fc:b2:28:67:c1:0b:
         67:29:60:20:ea:f3:4e:1f:9d:43:8c:7a:36:ef:c7:46:4a:84:
         c5:ba:64:a5:d3:b4:68:16:5d:89:d3:e9:ff:2b:cf:0b:2c:1c:
         9c:f4:27:78:c2:5d:04:1c:8d:02:f2:cd:53:ee:82:b6:34:3e:
         d7:40:61:5d:fc:8a:67:80:0e:10:7b:1d:93:b3:26:c5:ba:82:
         0f:54:d7:2b:7d:f1:ec:8e:b9:ef:27:54:3d:74:8a:b6:fc:74:
         e6:9d:e2:a6:e7:13:ac:42:4b:62:6a:14:5d:c0:a2:7b:c4:ab:
         19:14:74:20:72:c2:6a:2a:35:b1:39:9e:17:80:c2:30:05:e6:
         1e:6c:ed:9a:5c:48:38:b1:45:52:b8:47:8f:bf:24:62:1b:3b:
         b6:6f:df:53:68:9c:35:08:fa:ab:eb:c7:a4:5b:54:41:87:e7:
         3e:69:bd:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVYejVZwlxiwOCOSCJmtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2N2EzODgxMTJlNjhmNGM3ZDRkODBjMzJkMzdjZmNkNmNk
MjNhNDUwHhcNMjUwOTA3MDQwMDU0WhcNMjUwOTA4MDQwMDU0WjAzMTEwLwYDVQQD
Eyg0MGRhNDhkOWQzMTk4ZTQzMzc1ZWQ5YzE3NTczYTdkZDFmZmM4N2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hTb1xEqMbpvRMXQKt9o4bk8k7nv
wf1gllB+GuQdIJaAlmGPB4kXIcFgYegSached2WWoWvzF/Cg9BMOw4qPc46sGoVF
DWINQopLxXTxeZwQfQ0BjGG6AfUoqkKUrClOd5hEFqBnXLsuMnycjV/1I68LigIc
LuHLMdQJSud3dS7/ZU8XQVFwbzIm8q+ACaNCLnOwOH9nILl3bvgNK/ud2HEEBM4U
9KOlEiDsdd6ZlEdC4KKHrHJCDSgFt3ZdtD2kjui/l7IFc7araCPpCVGr3rrNRmd+
xnNQtGFkghy7tupP+Ps+VGbXRj2jNj0UZGBvR8bu2ceFg1P7OkZbfNa6swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDaSNnTGY5DN17ZwXVzp90f/IfCMB8GA1UdIwQY
MBaAFEZ6OIES5o9MfU2Awy03z81s0jpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xZDc3MjctYTRkZS00YWU4LWI2YzUt
YzcxODQ1YTAxNzQ5LzEvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xZDc3MjctYTRkZS00YWU4LWI2YzUtYzcxODQ1YTAxNzQ5
LzEvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGM0HE9gr
x4E5LCSYfldF7a77mbs0pP25J4lduY09tdBdQbqsVonMqd09oD4JKzCiTDZQIUit
Tfyyb8N1l8fIlvS+q/UXDvX2STiAMth52ZKwAp7o/LIoZ8ELZylgIOrzTh+dQ4x6
Nu/HRkqExbpkpdO0aBZdidPp/yvPCywcnPQneMJdBByNAvLNU+6CtjQ+10BhXfyK
Z4AOEHsdk7MmxbqCD1TXK33x7I657ydUPXSKtvx05p3ipucTrEJLYmoUXcCie8Sr
GRR0IHLCaio1sTmeF4DCMAXmHmztmlxIOLFFUrhHj78kYhs7tm/fU2icNQj6q+vH
pFtUQYfnPmm9Ew==
-----END CERTIFICATE-----