Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
File:                     4SFHcEtsZk3PIjSS7mHV5fkXxek.mft (raw, json)
Hash identifier:          cgyhBXm31sbYjMIvRoN0NPclxd4e/+v7TiUc0kqrI6c=
Subject key identifier:   B1:12:CC:4D:05:C2:54:9E:B1:1B:7F:2A:D1:12:2C:AC:5D:D6:E9:47
Authority key identifier: E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9
Certificate issuer:       /CN=e12147704b6c664dcf223492ee61d5e5f917c5e9
Certificate serial:       01992255AD0D81DCD176DA39B3CFB0654DB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
Manifest number:          03AF
Signing time:             Sun 07 Sep 2025 04:01:04 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:04 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:04 +0000
Files and hashes:         1: 4SFHcEtsZk3PIjSS7mHV5fkXxek.crl (hash: HK6RyHiTIPBXNvMcpRc1ZkccED/B/OJNa8Df3z/91Fw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:ad:0d:81:dc:d1:76:da:39:b3:cf:b0:65:4d:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e12147704b6c664dcf223492ee61d5e5f917c5e9
        Validity
            Not Before: Sep  7 04:01:04 2025 GMT
            Not After : Sep  8 04:01:04 2025 GMT
        Subject: CN=b112cc4d05c2549eb11b7f2ad1122cac5dd6e947
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:39:c0:6c:42:3b:74:bf:97:7d:c8:bb:ca:63:
                    76:48:86:33:c1:db:20:0e:d0:1a:3f:eb:4b:16:33:
                    c5:60:4b:92:90:3c:ca:e3:24:2d:ee:52:3a:39:bc:
                    ec:39:46:c2:e0:02:29:08:3c:be:4a:80:03:43:07:
                    2c:f6:a2:c3:1c:54:5e:c9:20:ba:11:ff:69:80:5e:
                    44:66:e7:16:8a:a7:38:19:65:6b:e4:96:d0:6c:7d:
                    01:6a:6c:04:6d:f1:92:42:2c:43:33:c0:9d:00:e3:
                    21:c1:51:8f:d5:23:63:f3:5a:7b:44:43:f6:81:1d:
                    61:1e:81:e3:9d:6f:03:00:6e:74:82:97:6c:a4:09:
                    cf:c7:2e:37:f3:55:28:57:7b:95:93:ca:8d:5a:ed:
                    a1:3f:f2:48:2c:09:d3:d1:c5:59:77:0e:0b:c7:e6:
                    ec:2e:ae:9e:90:80:34:4b:c2:5d:fb:e4:b9:0d:81:
                    45:a5:44:03:b7:b4:b0:24:ca:1a:7a:92:e9:20:7a:
                    1b:3d:03:a5:32:6d:46:3b:0d:49:08:f0:6d:0a:72:
                    01:ea:f0:b4:0e:f1:46:8b:e0:3c:c5:6c:f1:03:1b:
                    5b:e4:d6:42:65:b5:d9:a6:c0:d5:40:7c:d4:e4:b6:
                    34:4e:c7:ea:90:cb:18:dc:f1:e6:f5:4c:b8:88:67:
                    78:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:12:CC:4D:05:C2:54:9E:B1:1B:7F:2A:D1:12:2C:AC:5D:D6:E9:47
            X509v3 Authority Key Identifier:
                keyid:E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:94:67:33:d3:04:cd:cc:a9:99:4b:0c:b6:97:78:7a:dc:bb:
         af:d5:7a:ee:3c:35:14:5f:63:7f:a0:87:f3:be:17:23:37:44:
         92:5e:b3:1e:ac:9a:73:08:2c:02:41:a5:ee:60:ef:53:fa:dc:
         bb:6d:f7:81:c6:a3:a4:b8:19:3a:9d:ed:84:84:8c:e0:90:00:
         ca:9c:89:90:37:2b:d0:3e:5a:93:ec:bf:38:30:04:bc:a1:65:
         a3:1f:89:10:25:27:4d:ae:ae:d7:f1:1b:70:f6:15:de:c4:af:
         c0:ef:ea:0a:05:00:19:92:b8:29:8b:37:84:e3:8c:4e:95:af:
         7e:24:85:b4:21:78:e9:be:f7:a2:5f:b7:55:de:0d:86:1e:f7:
         0c:60:47:a8:b9:45:53:bc:39:0b:07:52:29:32:00:17:1e:d9:
         e4:b2:bb:a0:0f:e1:57:81:f5:47:21:f1:51:e3:ec:1b:36:78:
         bf:0c:f0:a3:ae:b1:44:86:74:98:18:d2:44:8e:17:e1:9b:77:
         c8:55:3c:a1:01:b4:3b:49:f9:40:58:f9:4f:99:fc:05:2e:68:
         0e:8c:7f:0a:a5:e9:b6:9b:3a:b3:95:45:d7:85:9f:7b:3f:0e:
         e8:36:e9:9c:ed:72:96:bc:7b:55:31:c8:d7:51:65:93:8c:f1:
         0a:1e:0f:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVa0NgdzRdto5s8+wZU2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMjE0NzcwNGI2YzY2NGRjZjIyMzQ5MmVlNjFkNWU1Zjkx
N2M1ZTkwHhcNMjUwOTA3MDQwMTA0WhcNMjUwOTA4MDQwMTA0WjAzMTEwLwYDVQQD
EyhiMTEyY2M0ZDA1YzI1NDllYjExYjdmMmFkMTEyMmNhYzVkZDZlOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjnAbEI7dL+Xfci7ymN2SIYzwdsg
DtAaP+tLFjPFYEuSkDzK4yQt7lI6ObzsOUbC4AIpCDy+SoADQwcs9qLDHFReySC6
Ef9pgF5EZucWiqc4GWVr5JbQbH0BamwEbfGSQixDM8CdAOMhwVGP1SNj81p7REP2
gR1hHoHjnW8DAG50gpdspAnPxy4381UoV3uVk8qNWu2hP/JILAnT0cVZdw4Lx+bs
Lq6ekIA0S8Jd++S5DYFFpUQDt7SwJMoaepLpIHobPQOlMm1GOw1JCPBtCnIB6vC0
DvFGi+A8xWzxAxtb5NZCZbXZpsDVQHzU5LY0TsfqkMsY3PHm9Uy4iGd4swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLESzE0FwlSesRt/KtESLKxd1ulHMB8GA1UdIwQY
MBaAFOEhR3BLbGZNzyI0ku5h1eX5F8XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjct
YTFiZjQyYzU4NDk0LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjctYTFiZjQyYzU4NDk0
LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC5RnM9ME
zcypmUsMtpd4ety7r9V67jw1FF9jf6CH874XIzdEkl6zHqyacwgsAkGl7mDvU/rc
u233gcajpLgZOp3thISM4JAAypyJkDcr0D5ak+y/ODAEvKFlox+JECUnTa6u1/Eb
cPYV3sSvwO/qCgUAGZK4KYs3hOOMTpWvfiSFtCF46b73ol+3Vd4Nhh73DGBHqLlF
U7w5CwdSKTIAFx7Z5LK7oA/hV4H1RyHxUePsGzZ4vwzwo66xRIZ0mBjSRI4X4Zt3
yFU8oQG0O0n5QFj5T5n8BS5oDox/CqXptps6s5VF14Wfez8O6DbpnO1ylrx7VTHI
11Flk4zxCh4PEg==
-----END CERTIFICATE-----