Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
File:                     mEL3HQwjZ4gu9HCLIGtLbimjezM.mft (raw, json)
Hash identifier:          LN9rsR8JdPR+U9cTXvlooLJ6uzyRAfjbsfapaxnteYM=
Subject key identifier:   94:6E:92:1F:4D:BA:E9:18:54:AB:91:39:37:1B:77:F9:99:AC:C1:C0
Authority key identifier: 98:42:F7:1D:0C:23:67:88:2E:F4:70:8B:20:6B:4B:6E:29:A3:7B:33
Certificate issuer:       /CN=9842f71d0c2367882ef4708b206b4b6e29a37b33
Certificate serial:       0199161A31187D4C295F9D96874A08D8413F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
Manifest number:          1300
Signing time:             Thu 04 Sep 2025 19:00:39 +0000
Manifest this update:     Thu 04 Sep 2025 19:00:39 +0000
Manifest next update:     Fri 05 Sep 2025 19:00:39 +0000
Files and hashes:         1: mEL3HQwjZ4gu9HCLIGtLbimjezM.crl (hash: ITyeyfWvMRUkkzSYLfzPhpD4xFHVWYrdkZngxTtLfbk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:1a:31:18:7d:4c:29:5f:9d:96:87:4a:08:d8:41:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9842f71d0c2367882ef4708b206b4b6e29a37b33
        Validity
            Not Before: Sep  4 19:00:39 2025 GMT
            Not After : Sep  5 19:00:39 2025 GMT
        Subject: CN=946e921f4dbae91854ab9139371b77f999acc1c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:5c:8f:98:80:16:00:b6:19:24:10:0f:39:b2:
                    00:ee:67:74:d5:40:94:52:25:48:c2:22:85:03:76:
                    7c:79:af:25:19:3d:cf:1b:10:c9:56:9e:ac:87:d2:
                    c8:77:ce:3b:7c:9c:a2:5d:bb:0f:c9:bb:b4:53:37:
                    ba:70:a0:15:e5:11:0b:0f:80:4d:6e:ca:ea:2a:9e:
                    0a:e3:a3:45:cb:2a:7c:03:3c:fb:78:6c:6b:7b:04:
                    c2:4b:a6:8f:58:cd:5b:dc:13:ac:da:1b:7d:3c:c6:
                    d4:e7:c7:18:2b:dc:30:8f:ef:c1:ab:52:a4:6a:07:
                    76:f7:c9:7c:d7:d9:16:9c:f4:e4:6b:94:dc:4f:6f:
                    c2:f5:fc:13:dd:d8:70:60:97:e3:a9:50:51:b1:62:
                    eb:db:ee:d1:44:d2:76:c1:8f:ee:2e:97:2a:df:bb:
                    c4:88:f9:f3:9b:75:68:77:92:57:69:d4:4e:9e:a5:
                    1c:12:a5:28:2a:5b:4e:4e:8e:bf:63:1d:db:4a:ca:
                    d5:f1:f2:2b:3c:65:c0:9e:13:e8:3e:a4:2d:33:a0:
                    e1:a6:16:ad:46:07:f9:96:2d:27:c7:87:d6:62:ce:
                    d5:64:25:e1:80:1a:0d:5b:d3:a6:27:a3:c4:0f:a3:
                    77:ee:74:88:9f:d9:1e:07:bb:a8:79:53:88:f8:1b:
                    20:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:6E:92:1F:4D:BA:E9:18:54:AB:91:39:37:1B:77:F9:99:AC:C1:C0
            X509v3 Authority Key Identifier:
                keyid:98:42:F7:1D:0C:23:67:88:2E:F4:70:8B:20:6B:4B:6E:29:A3:7B:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:0b:04:48:74:d2:87:86:20:7b:aa:1c:8e:8e:78:28:9d:0c:
         ab:a4:8c:ef:7d:d0:6b:8a:f1:9b:4b:8d:d7:79:c6:7c:5d:9d:
         20:37:6f:a7:47:17:ea:03:32:90:3a:61:2b:d6:b7:5d:e8:16:
         06:3f:61:fc:b4:06:ce:6b:58:d5:f7:3a:18:4b:c4:94:b5:60:
         8f:07:9a:39:81:06:be:ac:0e:d0:53:29:2f:8b:83:fb:b9:33:
         0b:f2:be:96:1b:9c:97:97:c4:9b:c2:9d:89:15:c5:6d:1f:db:
         ad:35:d9:ec:31:5d:be:ee:e3:48:51:de:b7:69:13:7c:dd:3a:
         c7:c3:14:72:44:23:76:89:3e:b1:d6:03:c2:f8:5e:f7:cc:1f:
         33:22:df:cf:ef:16:29:17:86:8f:e7:1b:bc:93:9a:44:6b:c6:
         e5:b4:f2:4c:c7:e2:59:4d:72:b0:0b:3f:da:6c:78:38:3c:9b:
         13:0d:9a:20:b5:ae:df:44:e1:52:41:77:3f:92:47:d1:d8:8e:
         7d:dd:27:4d:2c:68:0d:fa:55:2d:ba:3c:a1:1b:c1:51:7e:4f:
         6b:cd:77:ca:af:5d:5c:01:89:e4:27:a3:06:24:dd:20:f6:ac:
         7d:c4:ee:6b:20:6a:60:a4:88:ef:1e:59:e8:31:53:d0:f4:78:
         2c:b2:13:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWGjEYfUwpX52Wh0oI2EE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NDJmNzFkMGMyMzY3ODgyZWY0NzA4YjIwNmI0YjZlMjlh
MzdiMzMwHhcNMjUwOTA0MTkwMDM5WhcNMjUwOTA1MTkwMDM5WjAzMTEwLwYDVQQD
Eyg5NDZlOTIxZjRkYmFlOTE4NTRhYjkxMzkzNzFiNzdmOTk5YWNjMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVyPmIAWALYZJBAPObIA7md01UCU
UiVIwiKFA3Z8ea8lGT3PGxDJVp6sh9LId847fJyiXbsPybu0Uze6cKAV5RELD4BN
bsrqKp4K46NFyyp8Azz7eGxrewTCS6aPWM1b3BOs2ht9PMbU58cYK9wwj+/Bq1Kk
agd298l819kWnPTka5TcT2/C9fwT3dhwYJfjqVBRsWLr2+7RRNJ2wY/uLpcq37vE
iPnzm3Vod5JXadROnqUcEqUoKltOTo6/Yx3bSsrV8fIrPGXAnhPoPqQtM6Dhphat
Rgf5li0nx4fWYs7VZCXhgBoNW9OmJ6PED6N37nSIn9keB7uoeVOI+BsgAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJRukh9NuukYVKuROTcbd/mZrMHAMB8GA1UdIwQY
MBaAFJhC9x0MI2eILvRwiyBrS24po3szMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yNWM5NDctODUzNC00MzQxLWFkNmUt
N2RhOGRiYWVhOTRhLzEvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yNWM5NDctODUzNC00MzQxLWFkNmUtN2RhOGRiYWVhOTRh
LzEvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPwsESHTS
h4Yge6ocjo54KJ0Mq6SM733Qa4rxm0uN13nGfF2dIDdvp0cX6gMykDphK9a3XegW
Bj9h/LQGzmtY1fc6GEvElLVgjweaOYEGvqwO0FMpL4uD+7kzC/K+lhucl5fEm8Kd
iRXFbR/brTXZ7DFdvu7jSFHet2kTfN06x8MUckQjdok+sdYDwvhe98wfMyLfz+8W
KReGj+cbvJOaRGvG5bTyTMfiWU1ysAs/2mx4ODybEw2aILWu30ThUkF3P5JH0diO
fd0nTSxoDfpVLbo8oRvBUX5Pa813yq9dXAGJ5CejBiTdIPasfcTuayBqYKSI7x5Z
6DFT0PR4LLITKg==
-----END CERTIFICATE-----