Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
File:                     Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft (raw, json)
Hash identifier:          ZDeWouZZUCCQvKbaPoPvQjjJEOH0MGFUsQWdEAwHpAQ=
Subject key identifier:   49:3E:0F:C0:1A:32:89:59:61:2A:79:D5:9D:57:E2:E9:9C:BF:BB:73
Authority key identifier: 49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34
Certificate issuer:       /CN=49f9b880f259b88190702c22bf832171b7597434
Certificate serial:       019A71B7A0E15427CD50BEBB213D75E50EAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
Manifest number:          1372
Signing time:             Tue 11 Nov 2025 07:00:50 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:50 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:50 +0000
Files and hashes:         1: Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl (hash: vFrjn/W4ZH4uHelJQLXUCX4oZ7ZGrAz8EDkEgPXyQVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:a0:e1:54:27:cd:50:be:bb:21:3d:75:e5:0e:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49f9b880f259b88190702c22bf832171b7597434
        Validity
            Not Before: Nov 11 07:00:50 2025 GMT
            Not After : Nov 12 07:00:50 2025 GMT
        Subject: CN=493e0fc01a328959612a79d59d57e2e99cbfbb73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:7c:a2:2b:97:3d:d8:95:7c:12:91:f8:df:55:
                    66:f7:7a:c0:40:46:c6:fb:59:17:ba:c3:54:c2:22:
                    9b:ab:07:2b:75:99:17:bf:05:a2:21:5a:c1:2c:47:
                    20:3c:f7:61:7d:4e:b2:57:ed:a4:f4:59:77:b5:3d:
                    65:7b:61:31:e5:80:1e:02:95:51:11:38:fb:73:c5:
                    68:9e:b2:92:ab:ef:e0:5c:93:2b:a3:13:2c:ed:0c:
                    36:2e:32:79:34:ea:cb:b4:99:36:02:e9:60:15:b2:
                    3f:97:8b:41:1e:c9:9c:4e:3b:cc:5c:37:b1:2b:a4:
                    ed:2d:8c:c4:d7:6b:e4:b8:33:53:f2:e2:a1:0a:df:
                    c6:e0:73:ee:06:b7:8a:fa:34:e8:19:98:38:d1:a7:
                    af:73:4f:69:90:77:85:12:c6:c1:7c:2a:eb:36:a7:
                    f4:89:80:89:42:4f:4b:21:08:5d:b4:5c:7e:63:72:
                    ce:2f:1a:d7:c9:f3:db:c8:70:c7:ca:8c:69:79:b4:
                    1f:a8:29:e6:6b:76:06:df:c3:28:d7:51:5a:7c:31:
                    c0:be:2d:e9:c9:50:b0:6d:c7:60:ef:20:13:b5:9a:
                    3a:f2:9a:d8:16:62:5f:2d:35:4f:e6:38:5a:60:d3:
                    61:e6:b7:24:30:28:72:50:fc:35:fc:03:f4:1f:c7:
                    3b:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:3E:0F:C0:1A:32:89:59:61:2A:79:D5:9D:57:E2:E9:9C:BF:BB:73
            X509v3 Authority Key Identifier:
                keyid:49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:56:ac:18:38:c0:16:7a:d9:f7:34:30:7b:0a:c3:84:f2:a4:
         8a:bb:34:42:2a:28:17:9b:1b:34:80:7e:c2:e6:e2:5c:99:9a:
         f2:f5:41:d2:6a:89:e9:82:b7:f4:b0:56:77:28:51:c9:a1:b5:
         cc:56:6d:b6:5f:ee:e2:b5:d5:04:12:ea:66:06:b4:95:69:b6:
         83:ed:b4:54:d8:97:8f:b4:60:23:c8:d0:21:a0:4d:9f:76:f5:
         31:3d:38:76:9d:2c:4b:24:e8:bd:b9:93:55:5b:c6:32:38:4f:
         56:e2:5d:0b:60:fe:71:e0:8c:4e:5b:25:8d:8d:a4:d3:35:37:
         ba:cc:17:f3:3e:66:31:c6:c9:5a:69:79:8e:45:77:ed:8a:5b:
         95:23:94:fc:c3:59:6e:49:31:b0:f6:f2:92:c6:aa:e3:42:de:
         aa:70:37:84:f1:ee:8c:77:8f:63:df:42:2f:56:99:6f:99:04:
         7b:4b:57:f8:30:15:03:8d:1c:2a:d4:af:62:82:5a:db:5d:9e:
         8c:b0:f4:f7:24:f5:51:e4:9f:f6:18:42:9e:f5:16:e8:b2:81:
         d8:86:c1:db:17:54:e0:61:39:aa:5b:19:56:4f:14:97:29:8c:
         5f:de:0d:37:9f:c6:8a:8f:3e:de:d5:2f:52:ba:80:47:f7:ce:
         3f:68:36:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6DhVCfNUL67IT115Q6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjliODgwZjI1OWI4ODE5MDcwMmMyMmJmODMyMTcxYjc1
OTc0MzQwHhcNMjUxMTExMDcwMDUwWhcNMjUxMTEyMDcwMDUwWjAzMTEwLwYDVQQD
Eyg0OTNlMGZjMDFhMzI4OTU5NjEyYTc5ZDU5ZDU3ZTJlOTljYmZiYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nyiK5c92JV8EpH431Vm93rAQEbG
+1kXusNUwiKbqwcrdZkXvwWiIVrBLEcgPPdhfU6yV+2k9Fl3tT1le2Ex5YAeApVR
ETj7c8VonrKSq+/gXJMroxMs7Qw2LjJ5NOrLtJk2AulgFbI/l4tBHsmcTjvMXDex
K6TtLYzE12vkuDNT8uKhCt/G4HPuBreK+jToGZg40aevc09pkHeFEsbBfCrrNqf0
iYCJQk9LIQhdtFx+Y3LOLxrXyfPbyHDHyoxpebQfqCnma3YG38Mo11FafDHAvi3p
yVCwbcdg7yATtZo68prYFmJfLTVP5jhaYNNh5rckMChyUPw1/AP0H8c7SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEk+D8AaMolZYSp51Z1X4umcv7tzMB8GA1UdIwQY
MBaAFEn5uIDyWbiBkHAsIr+DIXG3WXQ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2Mt
YzRmMjI1MzZhYjA1LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2MtYzRmMjI1MzZhYjA1
LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASVasGDjA
FnrZ9zQwewrDhPKkirs0QiooF5sbNIB+wubiXJma8vVB0mqJ6YK39LBWdyhRyaG1
zFZttl/u4rXVBBLqZga0lWm2g+20VNiXj7RgI8jQIaBNn3b1MT04dp0sSyTovbmT
VVvGMjhPVuJdC2D+ceCMTlsljY2k0zU3uswX8z5mMcbJWml5jkV37YpblSOU/MNZ
bkkxsPbyksaq40LeqnA3hPHujHePY99CL1aZb5kEe0tX+DAVA40cKtSvYoJa212e
jLD09yT1UeSf9hhCnvUW6LKB2IbB2xdU4GE5qlsZVk8UlymMX94NN5/Gio8+3tUv
UrqAR/fOP2g2Sg==
-----END CERTIFICATE-----