Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
File:                     4KM3CoQbiT57aPhqOTNjWC4QVkg.mft (raw, json)
Hash identifier:          V4aOTEW3H5vXsXUsBYMaNViwjkEpyl3pPbMgH3aD22A=
Subject key identifier:   2A:EA:76:B9:6B:57:AC:46:83:D3:BB:18:35:9F:FC:3D:3A:EC:B1:00
Authority key identifier: E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48
Certificate issuer:       /CN=e0a3370a841b893e7b68f86a393363582e105648
Certificate serial:       0199FC58306D31BD38F1E662FEE950A9BCBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
Manifest number:          0BBC
Signing time:             Sun 19 Oct 2025 12:01:01 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:01 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:01 +0000
Files and hashes:         1: 4KM3CoQbiT57aPhqOTNjWC4QVkg.crl (hash: unEHn3v3UkSVGcnSPzeIvqdSQGYd2S+LO4MfsKdN5Is=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:30:6d:31:bd:38:f1:e6:62:fe:e9:50:a9:bc:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0a3370a841b893e7b68f86a393363582e105648
        Validity
            Not Before: Oct 19 12:01:01 2025 GMT
            Not After : Oct 20 12:01:01 2025 GMT
        Subject: CN=2aea76b96b57ac4683d3bb18359ffc3d3aecb100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:ec:d1:c8:cc:62:1f:6a:7e:6f:83:bd:52:af:
                    3f:b4:b5:81:4a:bd:0f:bb:d7:d3:52:88:04:a5:ad:
                    f5:e8:91:b0:b5:e8:f4:d7:d2:42:b3:af:43:4a:d9:
                    b3:c7:11:3f:fb:73:66:6a:58:47:fd:61:20:78:b7:
                    d9:59:58:72:b6:48:33:f3:82:94:f8:f2:f1:11:8c:
                    d8:1f:a1:76:97:c5:34:7f:57:37:b1:0e:73:20:95:
                    e3:39:79:86:48:d3:e1:77:57:6d:fe:26:d7:e9:27:
                    d8:47:a6:f2:0d:3f:57:e0:85:a4:8c:d1:51:dd:28:
                    41:ba:e4:84:36:62:8d:6c:00:4d:f7:91:dd:fd:bc:
                    74:0c:e7:52:ab:1f:fc:e3:bf:30:33:e6:04:fa:e9:
                    5d:93:f6:d3:b1:f0:4f:6f:01:7b:24:6f:13:d7:6a:
                    0a:8e:78:a5:ce:c7:d3:2d:eb:b2:5e:0f:d5:3d:8d:
                    ac:59:64:8e:1d:02:7b:ed:1e:25:03:13:77:44:01:
                    7c:ca:85:0c:63:89:33:89:6d:0a:a2:11:cc:4f:a6:
                    ea:37:ef:41:63:a3:9f:b9:65:f8:02:a5:f7:9c:10:
                    16:16:f4:a5:a8:60:3c:a3:7b:03:0a:2a:44:43:35:
                    aa:db:1c:0e:32:8f:c1:2d:4a:30:63:70:0b:00:fb:
                    9f:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:EA:76:B9:6B:57:AC:46:83:D3:BB:18:35:9F:FC:3D:3A:EC:B1:00
            X509v3 Authority Key Identifier:
                keyid:E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:d1:9f:00:40:d4:2b:3f:68:ad:50:03:c7:d5:b8:37:03:40:
         59:ae:2b:0f:85:43:51:7b:22:95:26:d4:d7:21:92:82:9e:ce:
         97:5a:3f:5e:ce:4a:f0:47:4d:a7:81:27:40:af:14:04:4e:23:
         12:3b:75:aa:07:f7:6e:8b:10:73:ea:e9:47:58:0e:31:d6:0c:
         26:e2:a8:c9:54:c8:10:12:0f:e8:ab:74:80:30:46:37:65:d8:
         03:1e:c9:54:db:76:dc:ff:5e:c9:7e:40:ff:24:67:4e:c1:4b:
         bb:8f:2b:46:70:7b:fb:d5:47:61:90:7c:4b:f2:c2:47:78:86:
         e9:a7:8b:81:ed:57:ec:33:91:75:0e:9c:4d:8a:42:d6:f5:c0:
         4d:14:db:7d:56:25:f4:bb:06:80:43:b9:00:9b:98:d4:8c:e1:
         e4:48:13:37:10:5c:54:14:77:c0:09:d4:81:aa:13:08:35:72:
         c6:e4:bf:67:82:75:23:7e:08:d7:ca:b9:bf:d7:c3:aa:80:3d:
         a9:65:dd:69:52:99:a1:79:82:75:ef:3c:87:5e:89:6b:4f:19:
         5c:1c:9f:cc:77:71:29:44:f1:7e:ab:50:c0:09:9b:21:9e:76:
         e5:a4:19:9a:9b:8f:71:9a:e6:44:8f:e2:7e:68:bb:4b:18:86:
         a0:d4:86:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WDBtMb048eZi/ulQqby6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTMzNzBhODQxYjg5M2U3YjY4Zjg2YTM5MzM2MzU4MmUx
MDU2NDgwHhcNMjUxMDE5MTIwMTAxWhcNMjUxMDIwMTIwMTAxWjAzMTEwLwYDVQQD
EygyYWVhNzZiOTZiNTdhYzQ2ODNkM2JiMTgzNTlmZmMzZDNhZWNiMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OzRyMxiH2p+b4O9Uq8/tLWBSr0P
u9fTUogEpa316JGwtej019JCs69DStmzxxE/+3NmalhH/WEgeLfZWVhytkgz84KU
+PLxEYzYH6F2l8U0f1c3sQ5zIJXjOXmGSNPhd1dt/ibX6SfYR6byDT9X4IWkjNFR
3ShBuuSENmKNbABN95Hd/bx0DOdSqx/8478wM+YE+uldk/bTsfBPbwF7JG8T12oK
jnilzsfTLeuyXg/VPY2sWWSOHQJ77R4lAxN3RAF8yoUMY4kziW0KohHMT6bqN+9B
Y6OfuWX4AqX3nBAWFvSlqGA8o3sDCipEQzWq2xwOMo/BLUowY3ALAPuf1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrqdrlrV6xGg9O7GDWf/D067LEAMB8GA1UdIwQY
MBaAFOCjNwqEG4k+e2j4ajkzY1guEFZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgt
YzNlZGI0ZDhmNzFlLzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgtYzNlZGI0ZDhmNzFl
LzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsdGfAEDU
Kz9orVADx9W4NwNAWa4rD4VDUXsilSbU1yGSgp7Ol1o/Xs5K8EdNp4EnQK8UBE4j
Ejt1qgf3bosQc+rpR1gOMdYMJuKoyVTIEBIP6Kt0gDBGN2XYAx7JVNt23P9eyX5A
/yRnTsFLu48rRnB7+9VHYZB8S/LCR3iG6aeLge1X7DORdQ6cTYpC1vXATRTbfVYl
9LsGgEO5AJuY1Izh5EgTNxBcVBR3wAnUgaoTCDVyxuS/Z4J1I34I18q5v9fDqoA9
qWXdaVKZoXmCde88h16Ja08ZXByfzHdxKUTxfqtQwAmbIZ525aQZmpuPcZrmRI/i
fmi7SxiGoNSGkw==
-----END CERTIFICATE-----