Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
File:                     4SFHcEtsZk3PIjSS7mHV5fkXxek.mft (raw, json)
Hash identifier:          XEKloweFYiGZZM1BJJCPNoGqniXCsUbHHqgQkYpUZHQ=
Subject key identifier:   32:F5:2D:99:9C:B6:9F:46:36:EE:5E:65:B7:87:34:3A:FE:49:86:C1
Authority key identifier: E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9
Certificate issuer:       /CN=e12147704b6c664dcf223492ee61d5e5f917c5e9
Certificate serial:       019A706E78A419EF115E61EB337A2EE003A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
Manifest number:          045C
Signing time:             Tue 11 Nov 2025 01:01:19 +0000
Manifest this update:     Tue 11 Nov 2025 01:01:19 +0000
Manifest next update:     Wed 12 Nov 2025 01:01:19 +0000
Files and hashes:         1: 4SFHcEtsZk3PIjSS7mHV5fkXxek.crl (hash: QOupojrkbrXWOxShMMujAMaXO8fNTNHWbCMwnaVJp90=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:78:a4:19:ef:11:5e:61:eb:33:7a:2e:e0:03:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e12147704b6c664dcf223492ee61d5e5f917c5e9
        Validity
            Not Before: Nov 11 01:01:19 2025 GMT
            Not After : Nov 12 01:01:19 2025 GMT
        Subject: CN=32f52d999cb69f4636ee5e65b787343afe4986c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:48:06:89:17:09:d6:c6:6d:83:f4:65:6a:40:
                    8d:cb:10:9a:a6:b0:5c:a7:96:6c:0a:9d:df:c9:c7:
                    1a:80:e7:95:54:6a:ce:1a:cc:06:f8:80:46:6a:5c:
                    25:4f:06:d8:36:77:0a:f0:86:89:29:7a:c8:71:09:
                    16:81:ef:1a:bb:62:3f:7e:a6:aa:99:e4:66:f7:c0:
                    c0:93:57:47:62:9c:ed:99:47:32:c1:24:ca:09:35:
                    0f:58:93:e1:dc:8d:a6:3e:5c:4c:1d:6b:b0:0a:97:
                    8b:b8:8f:6c:1e:f4:b8:67:da:da:00:48:0f:d1:25:
                    f7:5e:12:e3:8f:bd:47:8f:0e:20:ff:12:8f:ce:aa:
                    44:5c:7f:6c:91:c4:d6:fc:d8:26:35:49:2b:f4:34:
                    0c:98:21:08:9d:10:f1:4b:f6:56:cb:02:cd:46:c4:
                    07:68:9b:45:8f:a5:04:b2:73:91:15:47:53:62:37:
                    ca:b2:8b:6b:d0:dd:57:b3:7a:95:d8:d0:df:7a:dc:
                    39:2b:8d:eb:41:6c:3f:7e:3b:68:19:16:69:aa:e4:
                    0a:40:82:00:5e:4d:3b:35:c2:73:27:47:a0:e2:12:
                    a2:20:b4:ae:c9:be:49:35:7d:2e:57:7c:d2:29:83:
                    2c:e7:2b:37:d3:7f:6c:a6:6b:c5:d6:f0:09:7c:12:
                    ca:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:F5:2D:99:9C:B6:9F:46:36:EE:5E:65:B7:87:34:3A:FE:49:86:C1
            X509v3 Authority Key Identifier:
                keyid:E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:7f:90:91:9e:27:8c:7a:83:5f:26:08:fd:ef:7c:39:e9:59:
         f6:5b:29:af:04:07:d6:4b:21:f5:34:66:bc:ab:90:e2:d1:d2:
         9b:23:22:8a:94:14:9a:a0:1c:7f:1e:d8:c5:e9:c2:af:e2:30:
         ae:80:06:85:05:ef:3c:9e:8a:38:fe:0b:7e:f2:54:03:84:81:
         b8:bc:e4:15:83:22:08:71:01:2a:52:9c:2a:88:e7:32:cb:61:
         78:7d:f9:b8:98:7c:05:31:e6:db:f5:fe:1e:be:6a:95:fe:2b:
         61:4a:7a:b0:f3:e5:ab:d3:93:fc:48:78:54:84:b0:6c:15:b3:
         88:43:f1:86:a8:d1:99:31:7d:b0:73:ee:c3:7f:41:60:e7:7c:
         c4:ea:d3:38:26:4d:c3:f9:39:d6:ac:4a:84:d5:1a:72:2c:07:
         48:56:41:31:03:bc:f2:b1:03:22:ad:71:35:16:b6:a7:7e:ac:
         97:54:7b:e3:2e:97:fe:08:4a:a9:82:90:57:8c:03:fe:e2:c3:
         b0:0c:a3:00:6a:85:b5:ab:48:79:f2:1c:1b:55:e6:f0:5c:66:
         60:fb:cb:b0:89:7a:61:1d:7c:13:7e:66:bd:98:6f:5b:85:7b:
         80:6a:3a:2c:8b:19:b1:bc:e8:a9:9b:d9:3c:81:ee:65:95:3f:
         25:fd:fb:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbnikGe8RXmHrM3ou4AOkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMjE0NzcwNGI2YzY2NGRjZjIyMzQ5MmVlNjFkNWU1Zjkx
N2M1ZTkwHhcNMjUxMTExMDEwMTE5WhcNMjUxMTEyMDEwMTE5WjAzMTEwLwYDVQQD
EygzMmY1MmQ5OTljYjY5ZjQ2MzZlZTVlNjViNzg3MzQzYWZlNDk4NmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEgGiRcJ1sZtg/RlakCNyxCaprBc
p5ZsCp3fyccagOeVVGrOGswG+IBGalwlTwbYNncK8IaJKXrIcQkWge8au2I/fqaq
meRm98DAk1dHYpztmUcywSTKCTUPWJPh3I2mPlxMHWuwCpeLuI9sHvS4Z9raAEgP
0SX3XhLjj71Hjw4g/xKPzqpEXH9skcTW/NgmNUkr9DQMmCEInRDxS/ZWywLNRsQH
aJtFj6UEsnORFUdTYjfKsotr0N1Xs3qV2NDfetw5K43rQWw/fjtoGRZpquQKQIIA
Xk07NcJzJ0eg4hKiILSuyb5JNX0uV3zSKYMs5ys3039spmvF1vAJfBLKrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDL1LZmctp9GNu5eZbeHNDr+SYbBMB8GA1UdIwQY
MBaAFOEhR3BLbGZNzyI0ku5h1eX5F8XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjct
YTFiZjQyYzU4NDk0LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjctYTFiZjQyYzU4NDk0
LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeX+QkZ4n
jHqDXyYI/e98OelZ9lsprwQH1ksh9TRmvKuQ4tHSmyMiipQUmqAcfx7YxenCr+Iw
roAGhQXvPJ6KOP4LfvJUA4SBuLzkFYMiCHEBKlKcKojnMstheH35uJh8BTHm2/X+
Hr5qlf4rYUp6sPPlq9OT/Eh4VISwbBWziEPxhqjRmTF9sHPuw39BYOd8xOrTOCZN
w/k51qxKhNUaciwHSFZBMQO88rEDIq1xNRa2p36sl1R74y6X/ghKqYKQV4wD/uLD
sAyjAGqFtatIefIcG1Xm8FxmYPvLsIl6YR18E35mvZhvW4V7gGo6LIsZsbzoqZvZ
PIHuZZU/Jf37AA==
-----END CERTIFICATE-----