Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft
File:                     4imzfrYwaGsTKDOEcbUtqV0gSRE.mft (raw, json)
Hash identifier:          rYMs012dx4ARegDzuzTWWP/Ht1I0LttwN/m9NX92uAQ=
Subject key identifier:   78:27:69:5F:02:E2:8D:2A:CC:74:6C:B4:47:CA:1B:69:70:F0:49:C6
Authority key identifier: E2:29:B3:7E:B6:30:68:6B:13:28:33:84:71:B5:2D:A9:5D:20:49:11
Certificate issuer:       /CN=e229b37eb630686b1328338471b52da95d204911
Certificate serial:       0199FBEB09806984B9220F0BFF1A014F8EF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft
Manifest number:          0BF3
Signing time:             Sun 19 Oct 2025 10:01:48 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:48 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:48 +0000
Files and hashes:         1: 4imzfrYwaGsTKDOEcbUtqV0gSRE.crl (hash: VEa2fhjRmrbydrseTvq55hwXqK2VnauvLWQdPDZnvUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:09:80:69:84:b9:22:0f:0b:ff:1a:01:4f:8e:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e229b37eb630686b1328338471b52da95d204911
        Validity
            Not Before: Oct 19 10:01:48 2025 GMT
            Not After : Oct 20 10:01:48 2025 GMT
        Subject: CN=7827695f02e28d2acc746cb447ca1b6970f049c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:f9:17:a1:7a:de:1e:9f:1e:ec:63:e5:ad:42:
                    9a:de:4f:bf:46:0f:c1:98:00:c3:eb:0b:7c:cb:5b:
                    a2:3b:2b:9a:92:ba:6b:9b:e5:b0:c5:a2:af:4e:78:
                    7c:e0:50:0a:20:1c:be:26:6c:33:79:3a:a1:3d:1f:
                    d5:ee:7c:0e:ea:e1:74:32:75:37:4a:c3:f8:07:f0:
                    28:02:49:3d:53:a8:f2:2e:72:ca:e9:5b:3d:f2:88:
                    2c:1f:ad:fd:dd:22:5f:04:4f:70:9a:b9:72:51:5b:
                    8c:be:56:e8:1f:82:35:5d:58:e9:b8:f5:94:ee:0e:
                    d3:26:f6:0d:73:bb:77:b8:e7:c2:15:9f:62:cd:8f:
                    6d:31:f7:03:1b:80:25:11:d9:61:f4:9e:db:b3:e8:
                    f2:f5:c9:cf:64:13:a6:5e:22:76:e1:58:bc:45:d3:
                    9a:54:6d:80:f2:31:31:16:30:e6:65:47:4d:2e:e9:
                    f6:24:e7:3f:3f:0b:72:78:b4:32:28:71:e7:4d:bd:
                    a7:6f:e0:bd:47:cd:89:26:f9:f8:d6:4c:f7:75:80:
                    1a:69:3f:95:b1:1d:2b:55:c8:e3:8c:e1:e6:71:f4:
                    64:3e:6a:f0:87:ea:94:e6:5e:f8:45:ae:2f:4a:4c:
                    c4:5e:1f:5a:43:b4:01:fd:77:fd:b7:b5:0e:fa:bb:
                    97:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:27:69:5F:02:E2:8D:2A:CC:74:6C:B4:47:CA:1B:69:70:F0:49:C6
            X509v3 Authority Key Identifier:
                keyid:E2:29:B3:7E:B6:30:68:6B:13:28:33:84:71:B5:2D:A9:5D:20:49:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:17:fb:bf:8d:ae:df:c1:a7:e2:1f:63:5b:77:67:a4:01:82:
         66:61:a9:50:c3:d7:06:8d:48:06:0b:36:67:b4:f9:fa:3c:1d:
         80:95:12:55:bd:22:72:6a:84:2f:46:58:6e:8b:8a:72:81:8d:
         2e:8c:88:96:e5:c0:3c:77:b3:51:f1:4c:2c:4a:b6:52:ad:52:
         a0:9b:71:41:0f:f0:62:a1:f4:87:fa:e4:fe:1c:68:8b:2d:fa:
         71:27:e3:1c:31:6d:2d:cb:76:23:ad:96:c5:ec:90:78:92:a0:
         f0:92:de:64:3c:3e:66:22:49:24:c6:47:74:9d:3a:93:62:85:
         a7:57:cb:bb:e6:04:92:ba:16:8d:58:2a:41:e6:89:ea:ec:62:
         d9:1b:65:78:f8:41:02:ec:5f:d3:2e:1e:22:b6:c8:f4:5c:d4:
         e4:2b:71:d7:4c:f9:63:7b:13:d1:28:d3:11:55:db:4a:ab:43:
         38:64:f0:a7:c5:e0:8f:73:b8:47:56:e3:28:75:a1:33:49:b3:
         55:82:d6:25:f1:5b:d1:4b:4d:3d:a6:9a:2a:05:f5:3b:51:d0:
         4a:bb:0f:72:5b:1f:a6:b6:26:5b:74:c4:89:32:22:3e:79:5e:
         62:66:11:78:fd:03:e1:d1:d1:2d:e3:a3:0a:da:69:03:de:9b:
         2c:7e:a5:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76wmAaYS5Ig8L/xoBT47wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjliMzdlYjYzMDY4NmIxMzI4MzM4NDcxYjUyZGE5NWQy
MDQ5MTEwHhcNMjUxMDE5MTAwMTQ4WhcNMjUxMDIwMTAwMTQ4WjAzMTEwLwYDVQQD
Eyg3ODI3Njk1ZjAyZTI4ZDJhY2M3NDZjYjQ0N2NhMWI2OTcwZjA0OWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vkXoXreHp8e7GPlrUKa3k+/Rg/B
mADD6wt8y1uiOyuakrprm+WwxaKvTnh84FAKIBy+JmwzeTqhPR/V7nwO6uF0MnU3
SsP4B/AoAkk9U6jyLnLK6Vs98ogsH6393SJfBE9wmrlyUVuMvlboH4I1XVjpuPWU
7g7TJvYNc7t3uOfCFZ9izY9tMfcDG4AlEdlh9J7bs+jy9cnPZBOmXiJ24Vi8RdOa
VG2A8jExFjDmZUdNLun2JOc/PwtyeLQyKHHnTb2nb+C9R82JJvn41kz3dYAaaT+V
sR0rVcjjjOHmcfRkPmrwh+qU5l74Ra4vSkzEXh9aQ7QB/Xf9t7UO+ruXzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgnaV8C4o0qzHRstEfKG2lw8EnGMB8GA1UdIwQY
MBaAFOIps362MGhrEygzhHG1LaldIEkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83NDUwMjQtOWUzNy00NzkwLTg2YWMt
N2RlOGQ4YzJlOTMwLzEvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83NDUwMjQtOWUzNy00NzkwLTg2YWMtN2RlOGQ4YzJlOTMw
LzEvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgRf7v42u
38Gn4h9jW3dnpAGCZmGpUMPXBo1IBgs2Z7T5+jwdgJUSVb0icmqEL0ZYbouKcoGN
LoyIluXAPHezUfFMLEq2Uq1SoJtxQQ/wYqH0h/rk/hxoiy36cSfjHDFtLct2I62W
xeyQeJKg8JLeZDw+ZiJJJMZHdJ06k2KFp1fLu+YEkroWjVgqQeaJ6uxi2RtlePhB
Auxf0y4eIrbI9FzU5Ctx10z5Y3sT0SjTEVXbSqtDOGTwp8Xgj3O4R1bjKHWhM0mz
VYLWJfFb0UtNPaaaKgX1O1HQSrsPclsfprYmW3TEiTIiPnleYmYReP0D4dHRLeOj
CtppA96bLH6lqA==
-----END CERTIFICATE-----