Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
File:                     Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft (raw, json)
Hash identifier:          FaJUapBk2BzOI71aGGBBTGNvJC2d/Qz5soqVRsVdvkk=
Subject key identifier:   74:15:05:77:F8:F3:1F:68:B6:0B:FE:F6:52:93:98:90:61:AF:A3:CB
Authority key identifier: 49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34
Certificate issuer:       /CN=49f9b880f259b88190702c22bf832171b7597434
Certificate serial:       0199239EBB56D23F17CEA5213207770C3FBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
Manifest number:          12C5
Signing time:             Sun 07 Sep 2025 10:00:29 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:29 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:29 +0000
Files and hashes:         1: Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl (hash: bex2t3u4iub+xMvT5IMfrstqj1mMiRo18ZZ2rF6hcBQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:bb:56:d2:3f:17:ce:a5:21:32:07:77:0c:3f:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49f9b880f259b88190702c22bf832171b7597434
        Validity
            Not Before: Sep  7 10:00:29 2025 GMT
            Not After : Sep  8 10:00:29 2025 GMT
        Subject: CN=74150577f8f31f68b60bfef65293989061afa3cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:81:68:6f:11:dd:1e:d5:f0:06:2e:0d:3f:c9:
                    e1:6b:fa:0a:60:bb:33:0f:0f:7c:e3:ff:45:00:7c:
                    d6:02:94:9f:74:8b:e7:07:90:32:f0:53:90:5b:de:
                    62:34:01:f0:d0:79:2c:88:c0:14:8d:5f:fc:0b:59:
                    5a:4a:d7:78:37:d9:ac:ea:5e:10:d2:b9:b9:72:d0:
                    38:31:75:c4:d2:00:a2:10:f2:18:d0:ca:84:99:5e:
                    30:f7:57:d3:fc:d8:e8:66:d9:14:3f:ac:15:29:4a:
                    0e:21:16:14:ed:3b:70:ff:e8:a4:0b:90:fe:44:08:
                    ef:4e:60:9e:fd:23:84:b5:ca:27:df:fa:59:53:92:
                    15:c6:7d:60:82:55:c6:d8:39:b2:d0:25:26:3e:43:
                    73:df:6f:42:73:70:44:5f:c1:81:22:3c:b1:07:d4:
                    63:93:cb:d5:ed:8f:75:6d:12:7d:5b:bf:e3:ce:79:
                    9e:30:16:b6:de:f5:ab:d1:89:d8:b3:83:d6:8a:2e:
                    37:43:57:35:f4:34:82:90:e1:62:cf:de:82:1d:16:
                    a7:dd:fb:7e:90:df:7f:4d:df:0a:4e:91:9d:3f:01:
                    bb:69:3c:eb:2b:5c:40:e7:59:d9:4e:71:98:ea:39:
                    7d:f1:41:02:8b:0a:7f:f0:6e:56:bc:73:bd:ea:7a:
                    0c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:15:05:77:F8:F3:1F:68:B6:0B:FE:F6:52:93:98:90:61:AF:A3:CB
            X509v3 Authority Key Identifier:
                keyid:49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:09:02:7d:46:7d:0d:1b:91:2c:a6:cb:51:6c:84:7d:8f:29:
         c7:65:44:72:37:96:c0:60:76:00:27:cd:80:87:cf:e0:a3:72:
         e3:39:1e:a5:8e:22:90:2f:cc:40:04:45:9e:31:51:2d:58:d6:
         c7:f4:8b:57:22:4d:b8:14:5b:0d:ea:5d:2e:5d:5f:6a:c2:28:
         41:62:85:89:f9:b4:d5:3b:e8:45:82:cd:83:cf:e2:1a:99:45:
         12:c0:2b:83:f2:0e:73:17:0c:6f:79:ed:e1:91:45:5d:cd:d7:
         d8:e8:c8:fe:11:70:77:b9:26:de:1f:f8:63:0f:11:d8:1b:16:
         51:73:bf:a5:06:79:07:00:02:21:5b:c2:3b:7d:43:51:6d:4e:
         fd:78:60:99:50:c9:7a:ef:a3:27:65:73:23:16:5a:10:4f:e3:
         d2:f9:77:83:00:75:c7:05:43:a1:b8:3e:50:84:f7:9f:b1:a2:
         aa:d2:18:f8:e1:62:8a:3f:f5:9e:03:99:02:5e:32:8c:92:11:
         e1:8e:78:db:2d:45:f4:c3:d3:0c:75:ce:01:57:29:7d:78:39:
         0b:23:5b:b4:0b:0c:81:cc:da:49:20:2e:76:b2:8c:f6:75:80:
         14:7a:be:5a:0c:9b:58:41:8a:9f:fd:f6:22:f1:03:c7:85:b3:
         5e:cc:fe:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnrtW0j8XzqUhMgd3DD+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjliODgwZjI1OWI4ODE5MDcwMmMyMmJmODMyMTcxYjc1
OTc0MzQwHhcNMjUwOTA3MTAwMDI5WhcNMjUwOTA4MTAwMDI5WjAzMTEwLwYDVQQD
Eyg3NDE1MDU3N2Y4ZjMxZjY4YjYwYmZlZjY1MjkzOTg5MDYxYWZhM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4FobxHdHtXwBi4NP8nha/oKYLsz
Dw984/9FAHzWApSfdIvnB5Ay8FOQW95iNAHw0HksiMAUjV/8C1laStd4N9ms6l4Q
0rm5ctA4MXXE0gCiEPIY0MqEmV4w91fT/NjoZtkUP6wVKUoOIRYU7Ttw/+ikC5D+
RAjvTmCe/SOEtcon3/pZU5IVxn1gglXG2Dmy0CUmPkNz329Cc3BEX8GBIjyxB9Rj
k8vV7Y91bRJ9W7/jznmeMBa23vWr0YnYs4PWii43Q1c19DSCkOFiz96CHRan3ft+
kN9/Td8KTpGdPwG7aTzrK1xA51nZTnGY6jl98UECiwp/8G5WvHO96noMtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQVBXf48x9otgv+9lKTmJBhr6PLMB8GA1UdIwQY
MBaAFEn5uIDyWbiBkHAsIr+DIXG3WXQ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2Mt
YzRmMjI1MzZhYjA1LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2MtYzRmMjI1MzZhYjA1
LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEAkCfUZ9
DRuRLKbLUWyEfY8px2VEcjeWwGB2ACfNgIfP4KNy4zkepY4ikC/MQARFnjFRLVjW
x/SLVyJNuBRbDepdLl1fasIoQWKFifm01TvoRYLNg8/iGplFEsArg/IOcxcMb3nt
4ZFFXc3X2OjI/hFwd7km3h/4Yw8R2BsWUXO/pQZ5BwACIVvCO31DUW1O/XhgmVDJ
eu+jJ2VzIxZaEE/j0vl3gwB1xwVDobg+UIT3n7GiqtIY+OFiij/1ngOZAl4yjJIR
4Y542y1F9MPTDHXOAVcpfXg5CyNbtAsMgczaSSAudrKM9nWAFHq+WgybWEGKn/32
IvEDx4WzXsz+Ng==
-----END CERTIFICATE-----