Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
File:                     4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft (raw, json)
Hash identifier:          kgtF0xOj81mME9LiLxssBv8WfuAq1dhVJmKNQr5uw2w=
Subject key identifier:   E2:38:9F:4B:87:B1:74:76:A1:A0:C7:84:DE:5D:6E:6E:90:88:FB:83
Authority key identifier: E0:0A:6F:2E:63:3F:CF:3A:DE:F8:72:5C:C5:BE:0E:A7:91:5D:D4:0C
Certificate issuer:       /CN=e00a6f2e633fcf3adef8725cc5be0ea7915dd40c
Certificate serial:       019923D5CD0FD99068115D9F41FBC6FB305E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
Manifest number:          0A73
Signing time:             Sun 07 Sep 2025 11:00:38 +0000
Manifest this update:     Sun 07 Sep 2025 11:00:38 +0000
Manifest next update:     Mon 08 Sep 2025 11:00:38 +0000
Files and hashes:         1: 4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl (hash: 7ikEejBRyTwGD2MPq2uGy/clu8/m+HbBhXPCLgFQHfc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:d5:cd:0f:d9:90:68:11:5d:9f:41:fb:c6:fb:30:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e00a6f2e633fcf3adef8725cc5be0ea7915dd40c
        Validity
            Not Before: Sep  7 11:00:38 2025 GMT
            Not After : Sep  8 11:00:38 2025 GMT
        Subject: CN=e2389f4b87b17476a1a0c784de5d6e6e9088fb83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8b:7c:67:74:e2:ea:d7:b4:a8:24:86:52:43:
                    b7:2c:04:02:86:0a:b3:72:d0:04:aa:fa:c7:c1:80:
                    ae:17:80:b9:a2:99:b7:e1:cd:5b:53:cf:2d:04:81:
                    89:10:e4:5a:5a:1e:f0:33:92:0c:8c:f8:a8:26:48:
                    94:86:ce:91:81:4c:59:77:0f:77:db:45:b9:29:e7:
                    bf:80:7c:f4:b6:af:79:f0:5b:d8:89:5f:60:4c:e3:
                    cc:f1:29:d6:83:4a:6c:e4:64:9c:55:38:8e:0c:0a:
                    e2:47:80:00:ba:24:72:0d:08:0e:5c:94:4a:29:f9:
                    10:bc:06:7b:8e:a9:f1:87:ad:81:e9:ac:07:02:ac:
                    55:1d:92:7d:99:ba:6e:bf:fb:b6:eb:cd:a8:b0:12:
                    ef:7d:c4:4d:48:19:be:f2:b9:1d:22:59:87:68:1c:
                    44:ff:0c:9a:df:f9:7f:90:fe:00:4a:e1:5a:0c:32:
                    76:8c:83:9c:46:8b:4b:5e:3b:bd:59:ca:5a:11:c1:
                    a9:60:d2:37:f9:a2:00:fb:09:a9:3c:b3:49:f0:aa:
                    04:2d:7f:d5:6b:6b:0f:d5:f7:0a:7d:96:5d:55:ad:
                    d4:2f:70:da:b3:14:31:a8:98:1e:7c:45:27:e9:c8:
                    96:b8:46:35:e1:ea:98:c1:08:e2:9f:e2:3b:cc:3f:
                    1e:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:38:9F:4B:87:B1:74:76:A1:A0:C7:84:DE:5D:6E:6E:90:88:FB:83
            X509v3 Authority Key Identifier:
                keyid:E0:0A:6F:2E:63:3F:CF:3A:DE:F8:72:5C:C5:BE:0E:A7:91:5D:D4:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:52:8d:85:6b:e9:16:30:30:6f:6a:84:42:45:14:c5:d1:6e:
         b3:0c:41:d6:46:78:a1:ae:79:dc:38:18:e1:95:f5:2c:a2:5c:
         d0:80:c7:f8:31:94:50:70:3e:14:49:fe:95:28:0f:42:c5:4a:
         9c:4f:ff:ce:b2:8e:33:41:78:2a:ac:e7:b4:93:ff:51:64:fe:
         60:a0:39:9b:c2:87:6c:bb:fb:3a:71:65:f6:92:c7:21:c2:a1:
         c0:d2:56:12:b6:52:07:1d:38:79:7f:3a:20:a1:fb:6f:12:8f:
         8a:7d:f2:59:0b:ca:93:fa:1b:92:cd:11:66:5e:03:e0:41:17:
         84:1d:35:f8:b7:cb:2e:ca:2e:d4:eb:f6:94:6f:95:79:4b:6d:
         48:d7:de:98:e7:1e:3e:97:d2:95:92:00:6e:e1:6b:ba:18:98:
         cf:5e:2c:4d:06:97:22:5a:cd:f4:52:0b:87:40:8e:85:55:4b:
         19:3c:ea:f9:48:38:18:96:71:4a:a2:87:cd:3f:ac:28:12:7c:
         a4:76:b6:14:ef:aa:5d:29:ad:4f:87:05:e8:0c:3b:4b:11:51:
         1a:6e:bc:e9:c0:9b:7a:57:78:df:17:b6:d7:ed:4d:85:2b:63:
         1d:27:d2:ba:4d:21:56:b5:c6:74:a1:1f:3e:33:61:e3:1c:db:
         82:08:0f:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkj1c0P2ZBoEV2fQfvG+zBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMGE2ZjJlNjMzZmNmM2FkZWY4NzI1Y2M1YmUwZWE3OTE1
ZGQ0MGMwHhcNMjUwOTA3MTEwMDM4WhcNMjUwOTA4MTEwMDM4WjAzMTEwLwYDVQQD
EyhlMjM4OWY0Yjg3YjE3NDc2YTFhMGM3ODRkZTVkNmU2ZTkwODhmYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsot8Z3Ti6te0qCSGUkO3LAQChgqz
ctAEqvrHwYCuF4C5opm34c1bU88tBIGJEORaWh7wM5IMjPioJkiUhs6RgUxZdw93
20W5Kee/gHz0tq958FvYiV9gTOPM8SnWg0ps5GScVTiODAriR4AAuiRyDQgOXJRK
KfkQvAZ7jqnxh62B6awHAqxVHZJ9mbpuv/u2682osBLvfcRNSBm+8rkdIlmHaBxE
/wya3/l/kP4ASuFaDDJ2jIOcRotLXju9WcpaEcGpYNI3+aIA+wmpPLNJ8KoELX/V
a2sP1fcKfZZdVa3UL3DasxQxqJgefEUn6ciWuEY14eqYwQjin+I7zD8eSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOI4n0uHsXR2oaDHhN5dbm6QiPuDMB8GA1UdIwQY
MBaAFOAKby5jP8863vhyXMW+DqeRXdQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jMDQ0M2UtOTYwOC00MTk2LTk2MjUt
ZDA5NmYxZTI1ZTk3LzEvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jMDQ0M2UtOTYwOC00MTk2LTk2MjUtZDA5NmYxZTI1ZTk3
LzEvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFVKNhWvp
FjAwb2qEQkUUxdFuswxB1kZ4oa553DgY4ZX1LKJc0IDH+DGUUHA+FEn+lSgPQsVK
nE//zrKOM0F4KqzntJP/UWT+YKA5m8KHbLv7OnFl9pLHIcKhwNJWErZSBx04eX86
IKH7bxKPin3yWQvKk/obks0RZl4D4EEXhB01+LfLLsou1Ov2lG+VeUttSNfemOce
PpfSlZIAbuFruhiYz14sTQaXIlrN9FILh0COhVVLGTzq+Ug4GJZxSqKHzT+sKBJ8
pHa2FO+qXSmtT4cF6Aw7SxFRGm686cCbeld43xe21+1NhStjHSfSuk0hVrXGdKEf
PjNh4xzbgggPwA==
-----END CERTIFICATE-----