Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.mft
File:                     SYN20qIgPYbnmm1ESVq_xIkDFGU.mft (raw, json)
Hash identifier:          tsErzHW3xktpH/h8mJAN/MPmYwrU+auBSedBT2RE3C8=
Subject key identifier:   95:87:CC:5E:4D:5E:10:FF:13:0B:2E:83:35:14:DC:12:20:0E:C9:45
Authority key identifier: 49:83:76:D2:A2:20:3D:86:E7:9A:6D:44:49:5A:BF:C4:89:03:14:65
Certificate issuer:       /CN=498376d2a2203d86e79a6d44495abfc489031465
Certificate serial:       019A72261B0BABFE009B0F04B887E34EAFAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SYN20qIgPYbnmm1ESVq_xIkDFGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.mft
Manifest number:          0E04
Signing time:             Tue 11 Nov 2025 09:01:31 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:31 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:31 +0000
Files and hashes:         1: SYN20qIgPYbnmm1ESVq_xIkDFGU.crl (hash: Y3TaHhVk5HZ8SfenQLFAgsQjX6vWb52c09221Lg4kEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SYN20qIgPYbnmm1ESVq_xIkDFGU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:1b:0b:ab:fe:00:9b:0f:04:b8:87:e3:4e:af:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=498376d2a2203d86e79a6d44495abfc489031465
        Validity
            Not Before: Nov 11 09:01:31 2025 GMT
            Not After : Nov 12 09:01:31 2025 GMT
        Subject: CN=9587cc5e4d5e10ff130b2e833514dc12200ec945
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:4c:34:73:e6:e8:95:6d:d6:2c:f9:05:a9:2c:
                    d1:eb:a8:8c:92:41:49:cc:3d:f0:1f:01:49:7a:ce:
                    c4:ea:74:6f:4b:2f:44:63:fe:cc:9b:e3:61:45:95:
                    47:9b:d7:12:9a:a5:7c:0c:1e:75:e2:43:b4:c9:00:
                    e9:0b:64:cd:5e:72:e7:21:a6:44:6c:6b:c8:92:09:
                    57:cd:cc:ce:86:e6:cb:03:f2:b0:fe:ad:01:ac:87:
                    19:c1:9e:da:e8:95:3e:d5:64:9c:08:09:81:b9:17:
                    8b:a5:96:68:c4:f8:fc:56:d4:99:63:6a:84:81:27:
                    d7:f5:9b:b8:dc:0a:d4:8f:05:70:68:35:0f:61:78:
                    44:db:41:a5:c6:a7:26:d5:93:08:89:c8:38:52:c9:
                    0d:05:ca:e8:06:11:f5:76:1e:ac:28:bb:4b:fc:99:
                    c3:30:fa:ac:d2:7c:3a:df:ae:23:1f:9e:95:2a:49:
                    de:5c:ed:31:f0:29:53:d6:9d:ab:06:a9:87:f4:e4:
                    8d:ba:aa:da:09:1a:3c:1d:8f:0e:6b:d2:f2:15:ca:
                    d5:79:e1:34:b0:41:42:f6:d9:6d:6e:5f:23:2d:99:
                    77:17:73:2b:fd:d1:24:8e:05:84:89:2d:9e:b4:2b:
                    66:e9:6c:63:b4:de:41:97:83:d7:1e:33:27:00:dc:
                    37:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:87:CC:5E:4D:5E:10:FF:13:0B:2E:83:35:14:DC:12:20:0E:C9:45
            X509v3 Authority Key Identifier:
                keyid:49:83:76:D2:A2:20:3D:86:E7:9A:6D:44:49:5A:BF:C4:89:03:14:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYN20qIgPYbnmm1ESVq_xIkDFGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:84:36:5c:0a:44:d3:fd:d2:bd:bc:35:b3:6b:6b:ae:d2:d9:
         2b:5e:11:9e:eb:18:76:7e:4d:0c:cc:82:75:dd:b0:50:79:13:
         b2:48:c2:88:1d:30:55:93:92:b7:26:bf:40:e3:46:fa:96:b9:
         1f:f2:af:b8:35:a9:5d:47:d9:9d:20:1b:24:9a:b1:e3:b8:5b:
         18:e1:5a:7f:b2:aa:0c:44:50:a4:67:cb:54:8a:44:ed:6c:be:
         62:e7:91:59:1f:74:87:0b:c7:fb:4f:c5:86:3f:c4:06:50:09:
         df:28:e5:25:42:d9:e2:2d:6e:ab:f1:d0:0b:40:40:a5:e7:bb:
         16:38:b1:25:40:fe:14:41:2d:aa:ff:e7:03:1d:11:b7:45:54:
         53:af:ba:ae:bd:ad:ec:56:3b:61:94:32:b6:a4:c0:97:d7:4a:
         a0:a7:fd:d7:cb:81:4b:2e:35:2a:28:b9:da:bf:22:98:7d:ba:
         26:f5:d0:15:5f:be:69:49:0f:04:e0:81:eb:30:cc:b1:df:db:
         e9:8c:d2:e0:47:12:b3:f3:1b:a1:dd:c3:c3:d6:cd:93:91:b1:
         c0:22:63:11:8c:07:ea:28:20:27:51:d2:4f:6f:12:d7:ad:03:
         a5:19:d9:45:41:a9:23:19:23:64:f7:13:82:5d:3e:e0:4a:e9:
         b9:52:9c:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhsLq/4Amw8EuIfjTq+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODM3NmQyYTIyMDNkODZlNzlhNmQ0NDQ5NWFiZmM0ODkw
MzE0NjUwHhcNMjUxMTExMDkwMTMxWhcNMjUxMTEyMDkwMTMxWjAzMTEwLwYDVQQD
Eyg5NTg3Y2M1ZTRkNWUxMGZmMTMwYjJlODMzNTE0ZGMxMjIwMGVjOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkw0c+bolW3WLPkFqSzR66iMkkFJ
zD3wHwFJes7E6nRvSy9EY/7Mm+NhRZVHm9cSmqV8DB514kO0yQDpC2TNXnLnIaZE
bGvIkglXzczOhubLA/Kw/q0BrIcZwZ7a6JU+1WScCAmBuReLpZZoxPj8VtSZY2qE
gSfX9Zu43ArUjwVwaDUPYXhE20Glxqcm1ZMIicg4UskNBcroBhH1dh6sKLtL/JnD
MPqs0nw6364jH56VKkneXO0x8ClT1p2rBqmH9OSNuqraCRo8HY8Oa9LyFcrVeeE0
sEFC9tltbl8jLZl3F3Mr/dEkjgWEiS2etCtm6WxjtN5Bl4PXHjMnANw3LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWHzF5NXhD/EwsugzUU3BIgDslFMB8GA1UdIwQY
MBaAFEmDdtKiID2G55ptRElav8SJAxRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lOMjBxSWdQWWJubW0xRVNWcV94SWtERkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85MjU1YmQtOGI3Zi00NmQyLTk3NzMt
ZjUwYTJhMDA2NDE0LzEvU1lOMjBxSWdQWWJubW0xRVNWcV94SWtERkdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85MjU1YmQtOGI3Zi00NmQyLTk3NzMtZjUwYTJhMDA2NDE0
LzEvU1lOMjBxSWdQWWJubW0xRVNWcV94SWtERkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ4Q2XApE
0/3Svbw1s2trrtLZK14RnusYdn5NDMyCdd2wUHkTskjCiB0wVZOStya/QONG+pa5
H/KvuDWpXUfZnSAbJJqx47hbGOFaf7KqDERQpGfLVIpE7Wy+YueRWR90hwvH+0/F
hj/EBlAJ3yjlJULZ4i1uq/HQC0BApee7FjixJUD+FEEtqv/nAx0Rt0VUU6+6rr2t
7FY7YZQytqTAl9dKoKf918uBSy41Kii52r8imH26JvXQFV++aUkPBOCB6zDMsd/b
6YzS4EcSs/Mbod3Dw9bNk5GxwCJjEYwH6iggJ1HST28S160DpRnZRUGpIxkjZPcT
gl0+4ErpuVKcvg==
-----END CERTIFICATE-----