Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
File:                     Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft (raw, json)
Hash identifier:          Hwl5DiO59hUrStT0zW75jGK8B8XgTrE2M0rY3doQH4g=
Subject key identifier:   41:91:65:20:1D:FB:27:EA:C0:08:8F:64:5F:E8:E0:12:F7:C4:5E:BA
Authority key identifier: 49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34
Certificate issuer:       /CN=49f9b880f259b88190702c22bf832171b7597434
Certificate serial:       01961B488E1608B40BBCC2F86ABE9325D6E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
Manifest number:          1133
Signing time:             Wed 09 Apr 2025 16:01:01 +0000
Manifest this update:     Wed 09 Apr 2025 16:01:01 +0000
Manifest next update:     Thu 10 Apr 2025 16:01:01 +0000
Files and hashes:         1: Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl (hash: 2JzW4vCotiCzbO2l78hJELH2yfTu2MZqxYCjqZ3xsIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 10 Apr 2025 14:13:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:1b:48:8e:16:08:b4:0b:bc:c2:f8:6a:be:93:25:d6:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49f9b880f259b88190702c22bf832171b7597434
        Validity
            Not Before: Apr  9 16:01:01 2025 GMT
            Not After : Apr 10 16:01:01 2025 GMT
        Subject: CN=419165201dfb27eac0088f645fe8e012f7c45eba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:79:c1:17:84:94:03:99:d9:38:38:16:2b:3b:
                    d6:ea:0c:d1:c6:85:1e:2a:f2:04:6e:57:86:fa:0a:
                    a3:53:9d:57:89:05:7e:b5:56:27:ea:52:fe:c7:c5:
                    c6:e4:f1:52:fe:d5:ba:61:ff:df:76:86:49:d7:b1:
                    0a:9f:ac:36:32:35:ec:e4:95:4a:ff:56:77:35:cf:
                    72:42:07:5e:b8:0f:31:5a:9f:be:23:39:11:4b:f7:
                    79:49:6c:a6:c0:a8:e7:a9:83:35:98:67:2b:fa:b9:
                    35:78:f2:3d:25:78:77:70:ba:41:cc:b5:96:9d:65:
                    85:32:07:0d:d5:02:2a:dc:5f:f7:c9:90:4c:4d:90:
                    57:41:ff:fb:a4:a4:e9:1c:73:93:50:3e:f3:38:7a:
                    aa:8e:53:a6:c1:72:70:37:c1:81:d9:4b:07:a4:ae:
                    1e:aa:6f:b2:4f:08:a6:b1:90:8c:4f:e6:fd:48:4e:
                    18:28:ad:40:ab:37:67:a4:a3:02:c8:fd:d8:b4:0e:
                    51:af:49:c9:4d:5a:06:55:0c:16:2b:00:6a:c9:9b:
                    d5:c3:ab:9c:3b:f0:d6:ca:ee:5a:b1:23:5c:5c:23:
                    bc:3f:fa:0f:c2:ad:f4:ed:78:27:b9:20:ae:03:1b:
                    9e:f3:33:de:28:6b:3d:70:5a:23:e7:e4:64:c4:ef:
                    06:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:91:65:20:1D:FB:27:EA:C0:08:8F:64:5F:E8:E0:12:F7:C4:5E:BA
            X509v3 Authority Key Identifier:
                keyid:49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:2b:67:26:c1:0c:64:fc:ca:0c:c4:38:ff:80:cc:2e:54:91:
         d0:14:1b:2e:e9:f7:ba:d1:0b:bc:e7:f4:c6:05:ff:c6:dd:b3:
         c0:ec:53:ab:42:19:73:05:bd:40:9d:ca:6f:9b:fd:31:88:1c:
         19:ea:ff:fd:4d:f8:c7:99:82:b9:e9:d5:42:82:e8:6c:c3:3e:
         aa:25:58:dd:dc:97:eb:4e:6a:d2:71:a8:ca:e9:f1:15:31:41:
         09:46:50:54:c3:8b:18:b7:c4:72:10:91:50:b7:8a:1e:84:ed:
         77:4e:b6:04:18:5f:05:94:89:18:2c:97:e7:ba:f9:e8:3c:99:
         7f:35:62:26:c3:d6:d6:a6:0e:fc:28:d2:a9:a6:e7:aa:0c:25:
         6a:77:cb:05:3e:6b:07:08:a4:53:3e:2c:db:4c:21:04:0d:c0:
         e1:2f:0b:75:6f:39:1a:80:a2:fd:4d:e6:5f:31:fa:5c:c3:9d:
         e8:d6:57:75:84:3a:9b:47:6d:01:9c:aa:5b:6b:73:f2:13:79:
         3d:17:42:81:d8:0f:02:73:26:54:90:ca:e9:2c:dc:8e:d3:67:
         33:c0:b4:5e:c0:ce:86:f2:c7:fd:24:fb:64:36:52:78:c3:60:
         88:15:f0:3d:9b:8f:c4:5c:c9:6f:62:38:9b:8c:0e:f6:e9:50:
         81:d3:a3:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYbSI4WCLQLvML4ar6TJdblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjliODgwZjI1OWI4ODE5MDcwMmMyMmJmODMyMTcxYjc1
OTc0MzQwHhcNMjUwNDA5MTYwMTAxWhcNMjUwNDEwMTYwMTAxWjAzMTEwLwYDVQQD
Eyg0MTkxNjUyMDFkZmIyN2VhYzAwODhmNjQ1ZmU4ZTAxMmY3YzQ1ZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXnBF4SUA5nZODgWKzvW6gzRxoUe
KvIEbleG+gqjU51XiQV+tVYn6lL+x8XG5PFS/tW6Yf/fdoZJ17EKn6w2MjXs5JVK
/1Z3Nc9yQgdeuA8xWp++IzkRS/d5SWymwKjnqYM1mGcr+rk1ePI9JXh3cLpBzLWW
nWWFMgcN1QIq3F/3yZBMTZBXQf/7pKTpHHOTUD7zOHqqjlOmwXJwN8GB2UsHpK4e
qm+yTwimsZCMT+b9SE4YKK1AqzdnpKMCyP3YtA5Rr0nJTVoGVQwWKwBqyZvVw6uc
O/DWyu5asSNcXCO8P/oPwq307XgnuSCuAxue8zPeKGs9cFoj5+RkxO8GCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGRZSAd+yfqwAiPZF/o4BL3xF66MB8GA1UdIwQY
MBaAFEn5uIDyWbiBkHAsIr+DIXG3WXQ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2Mt
YzRmMjI1MzZhYjA1LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2MtYzRmMjI1MzZhYjA1
LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCtnJsEM
ZPzKDMQ4/4DMLlSR0BQbLun3utELvOf0xgX/xt2zwOxTq0IZcwW9QJ3Kb5v9MYgc
Ger//U34x5mCuenVQoLobMM+qiVY3dyX605q0nGoyunxFTFBCUZQVMOLGLfEchCR
ULeKHoTtd062BBhfBZSJGCyX57r56DyZfzViJsPW1qYO/CjSqabnqgwlanfLBT5r
BwikUz4s20whBA3A4S8LdW85GoCi/U3mXzH6XMOd6NZXdYQ6m0dtAZyqW2tz8hN5
PRdCgdgPAnMmVJDK6SzcjtNnM8C0XsDOhvLH/ST7ZDZSeMNgiBXwPZuPxFzJb2I4
m4wO9ulQgdOjAg==
-----END CERTIFICATE-----