Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
File:                     4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft (raw, json)
Hash identifier:          98KK6x8YgEUJFT+LkGmzHR1S4/Dn2ZsOOx+xPGhQz2g=
Subject key identifier:   C0:E8:48:26:3F:C6:29:8E:9A:D3:64:BB:C5:9C:7C:70:EF:2F:AC:87
Authority key identifier: E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7
Certificate issuer:       /CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
Certificate serial:       019917646B94FC5F15E6D3CF0C0E61B83004
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
Manifest number:          119D
Signing time:             Fri 05 Sep 2025 01:01:20 +0000
Manifest this update:     Fri 05 Sep 2025 01:01:20 +0000
Manifest next update:     Sat 06 Sep 2025 01:01:20 +0000
Files and hashes:         1: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl (hash: LYNuhBTXy1gUmQnJ1PePhVJoCU1v4WodRbM2PbYbqFc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:64:6b:94:fc:5f:15:e6:d3:cf:0c:0e:61:b8:30:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
        Validity
            Not Before: Sep  5 01:01:20 2025 GMT
            Not After : Sep  6 01:01:20 2025 GMT
        Subject: CN=c0e848263fc6298e9ad364bbc59c7c70ef2fac87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:54:fb:11:f2:95:0f:46:8f:e2:9d:59:fa:5f:
                    1f:56:10:4f:c9:8f:10:57:65:1a:c4:75:a0:67:af:
                    e3:ab:d1:4b:67:92:78:c7:d0:a6:4d:04:74:22:0c:
                    42:c3:07:cb:ac:ea:44:86:6a:d6:80:ee:93:22:66:
                    93:d2:85:66:b9:09:03:3c:51:6f:b2:8b:e5:27:88:
                    98:94:fc:76:8f:1a:87:ee:66:e7:dd:f4:50:5b:27:
                    2e:fd:ae:0e:a8:65:da:56:70:f2:54:62:7d:41:5a:
                    e7:9e:d7:6b:43:5a:2f:9d:d4:b8:3a:e4:e5:c1:56:
                    0f:50:ae:a9:de:cd:5d:37:63:81:c2:e4:fa:10:61:
                    4c:93:7c:d5:79:f5:53:5e:16:93:3f:6b:84:3a:b4:
                    dd:84:8f:ae:bf:85:c0:31:12:3c:e4:30:e7:bb:72:
                    7d:5b:9a:69:25:d2:10:d4:b3:73:33:d2:e6:32:65:
                    c0:87:70:77:37:d8:70:4e:17:2e:05:24:4e:ce:bd:
                    24:2d:41:ef:51:fa:83:fb:ba:4c:e0:77:1a:1c:dc:
                    b6:c7:70:e4:38:1f:b4:97:8b:1f:4e:f6:be:b7:24:
                    81:1e:34:b6:47:26:84:ea:1f:44:b9:5d:0f:18:a9:
                    d3:e1:4c:2a:ca:3d:9b:17:e6:7b:bd:86:2c:81:6d:
                    a7:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:E8:48:26:3F:C6:29:8E:9A:D3:64:BB:C5:9C:7C:70:EF:2F:AC:87
            X509v3 Authority Key Identifier:
                keyid:E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:65:ac:cf:52:68:a9:2f:4c:33:27:d6:36:48:11:c8:29:c7:
         6f:38:68:3f:ed:1c:5e:ab:4a:be:ac:50:d1:5b:df:0f:f5:17:
         3b:74:6a:44:66:5b:28:a0:a8:7b:03:80:e8:7c:51:c2:b8:3e:
         25:2c:0f:07:9f:1c:e1:07:7b:59:8a:bb:4d:ae:51:f2:13:ec:
         b4:13:78:0f:0a:cd:98:d8:5d:b4:ea:c7:c9:ba:f4:48:eb:b7:
         9c:b8:a4:f6:17:e5:d1:18:3e:db:25:02:9a:a4:33:84:0d:9a:
         f3:ba:c0:a7:05:11:9f:15:df:e4:80:98:78:c6:e9:2d:d5:36:
         48:bc:75:a7:2d:99:8b:9c:b9:62:6b:00:70:df:0d:4f:04:56:
         55:47:83:f9:fa:8c:20:2f:d7:a7:f3:df:aa:9d:32:8a:3a:89:
         2b:5d:14:cd:22:8d:f9:ed:a7:22:aa:7c:4a:5f:ad:7b:29:5f:
         6a:44:50:76:a6:c4:1b:fb:fb:0b:27:a5:a9:3c:66:f3:18:9b:
         e3:64:34:48:6a:71:2a:b0:88:dc:e3:df:5f:e5:f9:9f:51:9d:
         3b:77:b1:51:5b:b4:a5:76:9e:33:e4:5c:1b:07:e5:d7:6b:84:
         52:1a:80:fc:33:84:51:00:1b:b3:f7:d6:8c:fb:5a:f9:95:94:
         6d:cc:1b:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXZGuU/F8V5tPPDA5huDAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTE0YTMwYTY3ZTNjZmIzY2FkYjYzNjhlZDIwMmM0OGNk
MjliYTcwHhcNMjUwOTA1MDEwMTIwWhcNMjUwOTA2MDEwMTIwWjAzMTEwLwYDVQQD
EyhjMGU4NDgyNjNmYzYyOThlOWFkMzY0YmJjNTljN2M3MGVmMmZhYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFT7EfKVD0aP4p1Z+l8fVhBPyY8Q
V2UaxHWgZ6/jq9FLZ5J4x9CmTQR0IgxCwwfLrOpEhmrWgO6TImaT0oVmuQkDPFFv
sovlJ4iYlPx2jxqH7mbn3fRQWycu/a4OqGXaVnDyVGJ9QVrnntdrQ1ovndS4OuTl
wVYPUK6p3s1dN2OBwuT6EGFMk3zVefVTXhaTP2uEOrTdhI+uv4XAMRI85DDnu3J9
W5ppJdIQ1LNzM9LmMmXAh3B3N9hwThcuBSROzr0kLUHvUfqD+7pM4HcaHNy2x3Dk
OB+0l4sfTva+tySBHjS2RyaE6h9EuV0PGKnT4Uwqyj2bF+Z7vYYsgW2nVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDoSCY/ximOmtNku8WcfHDvL6yHMB8GA1UdIwQY
MBaAFOIRSjCmfjz7PK22No7SAsSM0punMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMt
NTIzNmFjYzBhMTY2LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMtNTIzNmFjYzBhMTY2
LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKGWsz1Jo
qS9MMyfWNkgRyCnHbzhoP+0cXqtKvqxQ0VvfD/UXO3RqRGZbKKCoewOA6HxRwrg+
JSwPB58c4Qd7WYq7Ta5R8hPstBN4DwrNmNhdtOrHybr0SOu3nLik9hfl0Rg+2yUC
mqQzhA2a87rApwURnxXf5ICYeMbpLdU2SLx1py2Zi5y5YmsAcN8NTwRWVUeD+fqM
IC/Xp/Pfqp0yijqJK10UzSKN+e2nIqp8Sl+teylfakRQdqbEG/v7CyelqTxm8xib
42Q0SGpxKrCI3OPfX+X5n1GdO3exUVu0pXaeM+RcGwfl12uEUhqA/DOEUQAbs/fW
jPta+ZWUbcwbKw==
-----END CERTIFICATE-----