Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
File:                     Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft (raw, json)
Hash identifier:          a2Y1fNfRnnKnVEaQnaVlpitagxHYFPTzlWxW/sAqIoU=
Subject key identifier:   F5:5A:84:2F:35:5B:B0:21:FD:00:87:B3:33:07:B3:3C:6A:A2:A1:44
Authority key identifier: 49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34
Certificate issuer:       /CN=49f9b880f259b88190702c22bf832171b7597434
Certificate serial:       01975422E49B78E298815E48E421B1CF408E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
Manifest number:          11D5
Signing time:             Mon 09 Jun 2025 10:01:02 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:02 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:02 +0000
Files and hashes:         1: Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl (hash: EeFSTV9v5lsUd5dWMXtVDa4Icohwui5jKigtjVwmqZM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:e4:9b:78:e2:98:81:5e:48:e4:21:b1:cf:40:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49f9b880f259b88190702c22bf832171b7597434
        Validity
            Not Before: Jun  9 10:01:02 2025 GMT
            Not After : Jun 10 10:01:02 2025 GMT
        Subject: CN=f55a842f355bb021fd0087b33307b33c6aa2a144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ce:97:ef:43:89:63:01:80:3d:ed:15:ac:5d:
                    7e:b7:25:60:a7:26:50:3e:34:84:02:ea:2d:a6:99:
                    01:bc:0b:be:7d:28:63:78:7b:b7:2c:b8:92:38:cf:
                    39:70:7a:9e:16:99:3f:e2:b7:17:69:77:3b:49:b8:
                    43:92:11:3a:c5:74:ae:e3:ec:f1:ef:02:dd:c3:d4:
                    1e:d7:3b:a8:5d:3b:55:96:ae:21:b2:7c:4c:52:78:
                    23:a8:97:47:c7:3e:0e:a7:37:87:c4:31:3b:05:69:
                    71:84:e0:1b:b6:b2:93:90:a8:f7:d9:4c:b2:26:63:
                    4d:81:cd:11:55:31:6f:8e:7c:47:b9:c8:4b:2a:3c:
                    51:d2:2c:85:d9:10:ec:92:f3:1c:71:7f:33:20:16:
                    ef:a8:3a:a8:b8:04:74:a2:79:2a:a8:13:d0:c6:49:
                    09:e7:b9:1a:90:f3:61:ec:05:1a:f8:e4:8b:74:b3:
                    ff:58:d0:4a:fe:aa:9f:9e:16:cb:b1:24:97:a0:17:
                    f7:f2:c2:c2:c1:3b:aa:a5:32:49:2b:4e:45:84:2a:
                    be:15:a8:59:ca:0c:20:51:af:9d:61:59:6f:f4:40:
                    63:50:05:c5:28:8d:65:c5:a7:6d:33:43:8f:3b:9c:
                    c3:16:1c:ee:d0:4c:ae:00:28:f3:aa:b2:f5:11:3b:
                    64:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:5A:84:2F:35:5B:B0:21:FD:00:87:B3:33:07:B3:3C:6A:A2:A1:44
            X509v3 Authority Key Identifier:
                keyid:49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:3a:6e:f3:8d:ad:66:c1:22:7b:c4:5e:bc:48:fe:e6:89:da:
         d0:6a:56:7f:5b:e6:18:4d:02:22:ff:cc:80:72:fa:39:fe:08:
         9f:f8:d0:42:16:e6:29:1a:7a:c8:06:8d:77:fd:bd:18:d0:4b:
         af:b8:7f:17:1d:07:44:9a:1a:10:5c:be:ee:b7:45:1c:d6:31:
         45:13:f8:b1:73:d6:aa:74:58:05:f8:b1:aa:c8:ca:f0:03:95:
         bb:51:3e:87:01:d0:3c:7f:ba:54:d2:00:ce:59:ba:51:53:1e:
         af:52:89:7c:fd:ea:cd:cf:02:da:40:df:5e:73:3f:56:87:0a:
         60:8f:01:d3:26:1a:52:c2:3e:f8:7c:22:61:b8:ca:af:cb:1f:
         5a:b2:34:1e:e3:e8:c5:cd:3f:bf:6f:f2:ce:86:88:2c:d7:2d:
         97:81:af:de:49:1e:58:e0:a2:00:58:e6:86:1c:6f:3a:de:8e:
         9b:6a:28:e3:5b:e2:e9:1d:04:e6:36:86:b5:99:b7:6f:a5:a1:
         3b:9e:d8:98:0b:46:5e:8d:2a:8c:cf:e7:5d:98:7e:20:cf:1b:
         bd:1a:aa:d6:d8:1e:af:de:66:23:f8:3f:1c:b9:15:18:bf:9d:
         dc:2c:7f:87:28:c9:8f:5a:e0:78:3b:54:82:57:14:1e:98:b6:
         87:0d:6a:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIuSbeOKYgV5I5CGxz0COMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjliODgwZjI1OWI4ODE5MDcwMmMyMmJmODMyMTcxYjc1
OTc0MzQwHhcNMjUwNjA5MTAwMTAyWhcNMjUwNjEwMTAwMTAyWjAzMTEwLwYDVQQD
EyhmNTVhODQyZjM1NWJiMDIxZmQwMDg3YjMzMzA3YjMzYzZhYTJhMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp86X70OJYwGAPe0VrF1+tyVgpyZQ
PjSEAuotppkBvAu+fShjeHu3LLiSOM85cHqeFpk/4rcXaXc7SbhDkhE6xXSu4+zx
7wLdw9Qe1zuoXTtVlq4hsnxMUngjqJdHxz4OpzeHxDE7BWlxhOAbtrKTkKj32Uyy
JmNNgc0RVTFvjnxHuchLKjxR0iyF2RDskvMccX8zIBbvqDqouAR0onkqqBPQxkkJ
57kakPNh7AUa+OSLdLP/WNBK/qqfnhbLsSSXoBf38sLCwTuqpTJJK05FhCq+FahZ
ygwgUa+dYVlv9EBjUAXFKI1lxadtM0OPO5zDFhzu0EyuACjzqrL1ETtkLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVahC81W7Ah/QCHszMHszxqoqFEMB8GA1UdIwQY
MBaAFEn5uIDyWbiBkHAsIr+DIXG3WXQ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2Mt
YzRmMjI1MzZhYjA1LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2MtYzRmMjI1MzZhYjA1
LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAczpu842t
ZsEie8RevEj+5ona0GpWf1vmGE0CIv/MgHL6Of4In/jQQhbmKRp6yAaNd/29GNBL
r7h/Fx0HRJoaEFy+7rdFHNYxRRP4sXPWqnRYBfixqsjK8AOVu1E+hwHQPH+6VNIA
zlm6UVMer1KJfP3qzc8C2kDfXnM/VocKYI8B0yYaUsI++HwiYbjKr8sfWrI0HuPo
xc0/v2/yzoaILNctl4Gv3kkeWOCiAFjmhhxvOt6Om2oo41vi6R0E5jaGtZm3b6Wh
O57YmAtGXo0qjM/nXZh+IM8bvRqq1tger95mI/g/HLkVGL+d3Cx/hyjJj1rgeDtU
glcUHpi2hw1qlw==
-----END CERTIFICATE-----