Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
File:                     r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json)
Hash identifier:          RavQIOdpk/gqE6euPycMwF7CX42vIXuYlQyBvfz3+aQ=
Subject key identifier:   E6:D6:D1:A6:22:79:0E:F4:DF:38:BE:06:60:4E:37:B7:D7:46:43:19
Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30
Certificate issuer:       /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
Certificate serial:       0199239F9613EA5717F4F34A8FDD2D027D46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
Manifest number:          0F07
Signing time:             Sun 07 Sep 2025 10:01:25 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:25 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:25 +0000
Files and hashes:         1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: oIJZjdSf3uh0D+TE22VsuIGu7ZstyiVjatyH8N2QgoU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:96:13:ea:57:17:f4:f3:4a:8f:dd:2d:02:7d:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
        Validity
            Not Before: Sep  7 10:01:25 2025 GMT
            Not After : Sep  8 10:01:25 2025 GMT
        Subject: CN=e6d6d1a622790ef4df38be06604e37b7d7464319
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:42:6b:30:cd:f6:df:c2:94:cc:f2:ef:eb:50:
                    58:e6:4b:38:e7:3e:a4:60:16:9e:ed:57:bc:4b:eb:
                    aa:a8:60:cb:68:d2:94:01:eb:c1:e6:e5:5c:5b:45:
                    71:3c:d8:bd:48:c6:92:92:89:3e:42:2f:67:06:d2:
                    71:48:fd:17:33:39:93:46:32:7b:d6:50:24:62:de:
                    12:77:c9:6e:ac:aa:b0:0f:2f:5f:91:22:a7:d0:50:
                    cf:86:65:50:e6:61:89:41:0e:87:46:e7:67:30:80:
                    01:e9:fd:12:ca:28:28:3c:95:a9:a1:bd:3c:17:e9:
                    3d:5c:1b:dd:5e:46:99:fa:1d:44:47:45:3a:90:5b:
                    95:85:b0:c8:ed:fd:e0:a9:30:ea:8f:fc:44:72:56:
                    6f:22:ad:e2:12:e2:a9:c4:94:81:2b:75:5f:d2:78:
                    92:45:4e:e6:da:bf:f6:2e:45:9c:41:32:3c:4c:cd:
                    0e:aa:ef:14:46:a3:70:9d:8e:3a:40:f2:15:ef:36:
                    83:1e:e5:66:a1:25:92:bf:cf:06:cb:af:59:79:08:
                    0f:f2:c5:3f:64:e3:65:63:d0:79:21:e8:eb:b9:d1:
                    0d:09:dc:35:81:9a:04:e1:cc:97:0b:ed:75:85:16:
                    5a:25:f1:26:88:ed:5c:76:8e:1c:ff:8e:af:f6:99:
                    ea:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:D6:D1:A6:22:79:0E:F4:DF:38:BE:06:60:4E:37:B7:D7:46:43:19
            X509v3 Authority Key Identifier:
                keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:33:78:c3:bc:c9:10:96:19:53:bf:ad:94:28:c0:e4:b5:fa:
         4e:82:3c:67:72:e5:30:57:fa:e0:57:f6:8a:78:15:ec:fc:a1:
         1d:9f:64:ac:80:79:78:43:a8:b3:55:7f:73:b9:82:62:bd:54:
         3a:6c:57:9b:08:ce:d7:00:65:d7:e5:a7:07:c3:08:70:8d:6f:
         59:69:65:c9:bf:79:cc:d1:3a:f4:b2:ff:d1:76:bf:89:36:78:
         91:4e:3b:2c:ba:19:86:87:99:8a:6c:32:ad:fb:09:b1:e6:f5:
         cd:8f:50:b7:66:5b:fa:92:43:2f:a6:1b:e2:ff:d2:2c:b6:c5:
         fb:48:3d:13:f6:9d:f8:18:48:1c:84:fd:d6:5e:4a:49:96:df:
         99:40:c6:e7:77:55:84:fc:b3:56:63:b0:e5:22:8d:1f:5c:2d:
         a7:e5:00:79:3a:7c:f1:5f:dd:48:b3:d6:db:1e:45:d3:75:4e:
         57:5a:3e:80:ec:d7:28:34:3e:1a:53:8e:2a:55:f8:c6:71:6a:
         65:9c:ec:5e:18:0c:e2:1a:e5:ab:95:d4:8c:0f:86:69:59:91:
         42:e5:62:57:e6:e9:43:45:d0:67:ff:8d:15:75:77:a7:2b:5c:
         ac:59:a2:be:68:c8:69:35:3a:0e:bb:1e:a8:ac:56:d3:aa:9d:
         4f:2e:9b:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn5YT6lcX9PNKj90tAn1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx
OTgzMzAwHhcNMjUwOTA3MTAwMTI1WhcNMjUwOTA4MTAwMTI1WjAzMTEwLwYDVQQD
EyhlNmQ2ZDFhNjIyNzkwZWY0ZGYzOGJlMDY2MDRlMzdiN2Q3NDY0MzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskJrMM3238KUzPLv61BY5ks45z6k
YBae7Ve8S+uqqGDLaNKUAevB5uVcW0VxPNi9SMaSkok+Qi9nBtJxSP0XMzmTRjJ7
1lAkYt4Sd8lurKqwDy9fkSKn0FDPhmVQ5mGJQQ6HRudnMIAB6f0SyigoPJWpob08
F+k9XBvdXkaZ+h1ER0U6kFuVhbDI7f3gqTDqj/xEclZvIq3iEuKpxJSBK3Vf0niS
RU7m2r/2LkWcQTI8TM0Oqu8URqNwnY46QPIV7zaDHuVmoSWSv88Gy69ZeQgP8sU/
ZONlY9B5IejrudENCdw1gZoE4cyXC+11hRZaJfEmiO1cdo4c/46v9pnqJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObW0aYieQ703zi+BmBON7fXRkMZMB8GA1UdIwQY
MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt
ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi
LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKjN4w7zJ
EJYZU7+tlCjA5LX6ToI8Z3LlMFf64Ff2ingV7PyhHZ9krIB5eEOos1V/c7mCYr1U
OmxXmwjO1wBl1+WnB8MIcI1vWWllyb95zNE69LL/0Xa/iTZ4kU47LLoZhoeZimwy
rfsJseb1zY9Qt2Zb+pJDL6Yb4v/SLLbF+0g9E/ad+BhIHIT91l5KSZbfmUDG53dV
hPyzVmOw5SKNH1wtp+UAeTp88V/dSLPW2x5F03VOV1o+gOzXKDQ+GlOOKlX4xnFq
ZZzsXhgM4hrlq5XUjA+GaVmRQuViV+bpQ0XQZ/+NFXV3pytcrFmivmjIaTU6Drse
qKxW06qdTy6b4w==
-----END CERTIFICATE-----