Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
File:                     SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft (raw, json)
Hash identifier:          OleCunocn5dIBMrql6GdOEgtxRvphLprTGm555owMo8=
Subject key identifier:   F1:62:5A:FF:8A:C8:BE:C9:79:A1:B8:F7:57:66:68:D4:EE:A6:C9:60
Authority key identifier: 48:34:38:7E:BF:EC:DA:63:7A:76:E1:11:99:E1:CD:03:07:C2:F4:CA
Certificate issuer:       /CN=4834387ebfecda637a76e11199e1cd0307c2f4ca
Certificate serial:       0199239FC393DE39DADF2E0F959C54F30BDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
Manifest number:          1002
Signing time:             Sun 07 Sep 2025 10:01:36 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:36 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:36 +0000
Files and hashes:         1: SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl (hash: ylcXANJsMWpn4+Z4T2X40q0ZznfpmhBfEauKBJt5wYs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:c3:93:de:39:da:df:2e:0f:95:9c:54:f3:0b:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4834387ebfecda637a76e11199e1cd0307c2f4ca
        Validity
            Not Before: Sep  7 10:01:36 2025 GMT
            Not After : Sep  8 10:01:36 2025 GMT
        Subject: CN=f1625aff8ac8bec979a1b8f7576668d4eea6c960
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a1:71:c9:f7:80:dd:c8:4e:86:2f:1e:e4:da:
                    0d:47:fe:62:f4:4d:e1:35:fd:0d:c7:9f:97:b4:c5:
                    8a:13:06:7b:6b:d5:c5:fa:6d:5a:a4:81:75:fc:e0:
                    4d:b4:e7:23:38:72:db:fb:01:14:5c:92:88:ee:57:
                    80:15:1b:07:ad:64:05:32:59:aa:42:dd:7a:b4:ad:
                    81:8e:ad:51:7b:2a:a6:9c:d1:9c:33:1e:b0:71:f0:
                    e8:2a:ac:d4:6a:a9:da:fc:9b:e6:3b:79:2b:d8:2c:
                    83:b2:87:ee:cc:fd:57:f1:9e:25:4a:c0:1a:c4:0d:
                    4b:58:9a:f1:eb:fe:04:98:72:d3:68:be:d5:1b:4e:
                    69:90:ea:37:7a:0b:bd:a3:01:ca:6a:18:d5:0f:f6:
                    74:3e:d6:4d:1e:f5:f4:c3:e9:66:ec:1b:1d:41:20:
                    7b:91:c5:0a:50:ae:16:78:95:97:52:b9:a8:c8:e7:
                    fc:8b:7b:16:7f:56:f7:1c:23:8c:68:6c:09:95:8e:
                    0e:b2:f5:98:6d:11:1f:ed:52:1b:be:a4:95:f7:cf:
                    55:82:3e:82:db:2d:0d:eb:67:8d:16:3d:47:da:f7:
                    9a:19:a6:1b:46:2c:d9:fd:83:46:7c:a7:92:df:52:
                    1c:0a:6c:d3:6a:63:04:e1:7f:95:5b:48:fe:f4:58:
                    eb:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:62:5A:FF:8A:C8:BE:C9:79:A1:B8:F7:57:66:68:D4:EE:A6:C9:60
            X509v3 Authority Key Identifier:
                keyid:48:34:38:7E:BF:EC:DA:63:7A:76:E1:11:99:E1:CD:03:07:C2:F4:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SDQ4fr_s2mN6duERmeHNAwfC9Mo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9ee6c8-f3e2-4fae-998a-591a2a4194cd/1/SDQ4fr_s2mN6duERmeHNAwfC9Mo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:64:58:f0:6b:ba:02:cd:c2:c5:c0:9f:ed:16:10:45:26:53:
         5b:8b:e3:8e:a2:e3:b5:57:50:ed:dc:fc:36:dd:11:46:a3:58:
         f4:9c:dc:59:81:e1:9a:65:57:8b:f7:df:73:ba:7f:3b:ad:da:
         45:ec:cd:65:77:4f:92:cf:b7:86:ba:84:eb:bb:bb:d5:94:93:
         fb:3a:be:75:1a:a8:a2:5e:b8:32:da:14:0b:f4:8d:4f:af:97:
         f0:6b:6b:dd:e5:43:41:b7:d7:ec:29:6b:3d:fd:69:7c:44:dd:
         c1:d2:6c:c1:e0:69:35:c6:08:70:99:57:ba:29:fb:11:b4:48:
         ed:28:91:35:fb:c9:f9:78:21:2d:ad:f0:94:fc:dd:d4:e9:12:
         cd:47:74:79:99:e7:1a:57:60:a2:5c:52:b1:6c:e8:42:27:80:
         61:77:2c:54:09:a1:43:07:13:74:48:c5:b8:ca:5f:5d:da:fe:
         c3:51:72:3d:45:d4:e5:1c:84:8f:89:5d:80:06:e1:c9:8a:13:
         78:ad:7f:14:ea:3a:94:c5:55:7b:77:d8:ec:96:5c:95:f3:63:
         f6:e0:78:be:45:da:39:34:3a:3e:3c:13:05:ee:b7:81:1d:12:
         86:74:97:a6:94:05:47:b4:14:73:fd:37:62:0c:f9:de:0c:33:
         ca:30:9a:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn8OT3jna3y4PlZxU8wvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MzQzODdlYmZlY2RhNjM3YTc2ZTExMTk5ZTFjZDAzMDdj
MmY0Y2EwHhcNMjUwOTA3MTAwMTM2WhcNMjUwOTA4MTAwMTM2WjAzMTEwLwYDVQQD
EyhmMTYyNWFmZjhhYzhiZWM5NzlhMWI4Zjc1NzY2NjhkNGVlYTZjOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6FxyfeA3chOhi8e5NoNR/5i9E3h
Nf0Nx5+XtMWKEwZ7a9XF+m1apIF1/OBNtOcjOHLb+wEUXJKI7leAFRsHrWQFMlmq
Qt16tK2Bjq1ReyqmnNGcMx6wcfDoKqzUaqna/JvmO3kr2CyDsofuzP1X8Z4lSsAa
xA1LWJrx6/4EmHLTaL7VG05pkOo3egu9owHKahjVD/Z0PtZNHvX0w+lm7BsdQSB7
kcUKUK4WeJWXUrmoyOf8i3sWf1b3HCOMaGwJlY4OsvWYbREf7VIbvqSV989Vgj6C
2y0N62eNFj1H2veaGaYbRizZ/YNGfKeS31IcCmzTamME4X+VW0j+9FjrtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFiWv+KyL7JeaG491dmaNTupslgMB8GA1UdIwQY
MBaAFEg0OH6/7NpjenbhEZnhzQMHwvTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85ZWU2YzgtZjNlMi00ZmFlLTk5OGEt
NTkxYTJhNDE5NGNkLzEvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85ZWU2YzgtZjNlMi00ZmFlLTk5OGEtNTkxYTJhNDE5NGNk
LzEvU0RRNGZyX3MybU42ZHVFUm1lSE5Bd2ZDOU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArGRY8Gu6
As3CxcCf7RYQRSZTW4vjjqLjtVdQ7dz8Nt0RRqNY9JzcWYHhmmVXi/ffc7p/O63a
RezNZXdPks+3hrqE67u71ZST+zq+dRqool64MtoUC/SNT6+X8Gtr3eVDQbfX7Clr
Pf1pfETdwdJsweBpNcYIcJlXuin7EbRI7SiRNfvJ+XghLa3wlPzd1OkSzUd0eZnn
GldgolxSsWzoQieAYXcsVAmhQwcTdEjFuMpfXdr+w1FyPUXU5RyEj4ldgAbhyYoT
eK1/FOo6lMVVe3fY7JZclfNj9uB4vkXaOTQ6PjwTBe63gR0ShnSXppQFR7QUc/03
Ygz53gwzyjCaJQ==
-----END CERTIFICATE-----