Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
File:                     4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft (raw, json)
Hash identifier:          tjm8/YcHWBtWn959WoYWUNrYoOC3BFFQaqLeOPF7+FE=
Subject key identifier:   85:45:43:A1:FD:57:CE:96:06:70:BA:9C:90:6F:9F:B5:28:62:D7:B3
Authority key identifier: E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7
Certificate issuer:       /CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
Certificate serial:       0197B5FC32A8D68E074E20241D14FC783094
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
Manifest number:          10E6
Signing time:             Sat 28 Jun 2025 10:01:33 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:33 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:33 +0000
Files and hashes:         1: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl (hash: pmhlfiil10XsjgKyLhHR+VfTiRokuzyN38Y81T3V0ZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fc:32:a8:d6:8e:07:4e:20:24:1d:14:fc:78:30:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
        Validity
            Not Before: Jun 28 10:01:33 2025 GMT
            Not After : Jun 29 10:01:33 2025 GMT
        Subject: CN=854543a1fd57ce960670ba9c906f9fb52862d7b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:7f:56:86:99:7a:3a:39:cc:b4:8f:2f:a6:48:
                    7b:ba:30:24:fc:82:f0:de:81:a5:13:8c:09:db:8d:
                    8e:99:af:f8:df:cd:0e:b2:d2:b1:8d:01:9b:91:63:
                    12:e6:45:01:84:30:f9:6c:b2:46:c7:e6:08:16:fd:
                    da:06:e0:45:1a:c0:6a:42:33:7f:7c:31:f7:fb:10:
                    55:cf:c4:9f:dd:13:c4:1a:5b:d1:40:af:78:43:65:
                    f1:b5:b7:24:c5:ca:4b:6b:37:74:4d:d9:6d:26:7a:
                    06:44:47:05:c0:8c:bc:6c:b5:d0:31:cf:2c:3f:c7:
                    e2:80:9e:63:d7:db:cd:d9:44:e3:a9:06:84:b9:32:
                    9b:c8:a6:e7:51:72:90:14:bd:fe:ae:38:49:fa:07:
                    ad:69:12:f4:ec:90:45:08:95:a7:e8:8c:b7:6c:fd:
                    68:e8:e1:ba:c9:44:e0:27:9b:c4:65:4f:cd:49:19:
                    b2:f6:42:94:5a:33:26:49:d7:7f:f7:aa:b5:4c:6c:
                    01:b3:40:41:9b:a1:e9:51:0d:38:8b:7b:61:09:76:
                    28:58:f0:26:d3:d0:cc:a6:50:28:3f:05:88:d8:70:
                    6d:1f:43:80:19:27:76:05:df:15:2f:3d:b9:a2:fa:
                    4d:24:67:1a:a4:77:f0:b0:81:d1:ce:cc:23:10:b8:
                    ee:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:45:43:A1:FD:57:CE:96:06:70:BA:9C:90:6F:9F:B5:28:62:D7:B3
            X509v3 Authority Key Identifier:
                keyid:E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:13:31:8d:36:23:cb:f9:58:86:c1:cc:43:bd:c7:65:28:bb:
         9f:99:d6:f4:7d:4b:b3:40:18:bb:d3:d4:2a:52:d0:0d:7d:c1:
         0d:bf:f6:4f:e7:d3:19:7c:61:8c:88:da:de:7f:c9:4f:2e:f5:
         f4:4a:78:7b:b1:cd:ca:61:c8:f7:48:7d:60:63:c5:e0:61:b3:
         be:3e:74:90:b0:af:58:82:f8:d4:ae:20:09:9c:70:e9:68:1b:
         f9:06:70:1a:6f:46:43:5e:aa:2c:61:60:28:54:3c:d4:f4:7d:
         4a:f3:81:d9:1a:ea:e4:dc:1a:86:2f:93:9d:4e:5e:fc:af:d0:
         55:c1:4a:e6:91:7f:73:5a:4a:0b:f9:36:d7:14:e7:7b:24:3e:
         07:d2:45:9a:6f:db:db:ea:8e:48:7f:6f:80:dd:93:da:59:ad:
         50:9c:4a:2c:cc:67:2b:3a:49:e4:ad:80:8a:e2:1f:c4:48:19:
         f9:82:73:09:82:4c:ae:16:b0:ed:35:5d:b5:36:f0:2b:96:a1:
         db:17:e7:e4:8b:fd:83:d4:b0:40:7f:41:57:f5:ea:0a:a5:d1:
         49:c1:ed:2d:63:a4:6f:e8:ab:ce:97:82:14:a5:92:3d:5f:d1:
         d1:5b:60:ed:8f:21:c4:a9:78:db:b4:40:45:69:2e:fa:d4:4f:
         6b:d8:ed:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/DKo1o4HTiAkHRT8eDCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTE0YTMwYTY3ZTNjZmIzY2FkYjYzNjhlZDIwMmM0OGNk
MjliYTcwHhcNMjUwNjI4MTAwMTMzWhcNMjUwNjI5MTAwMTMzWjAzMTEwLwYDVQQD
Eyg4NTQ1NDNhMWZkNTdjZTk2MDY3MGJhOWM5MDZmOWZiNTI4NjJkN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5X9Whpl6OjnMtI8vpkh7ujAk/ILw
3oGlE4wJ242Oma/4380OstKxjQGbkWMS5kUBhDD5bLJGx+YIFv3aBuBFGsBqQjN/
fDH3+xBVz8Sf3RPEGlvRQK94Q2XxtbckxcpLazd0TdltJnoGREcFwIy8bLXQMc8s
P8figJ5j19vN2UTjqQaEuTKbyKbnUXKQFL3+rjhJ+getaRL07JBFCJWn6Iy3bP1o
6OG6yUTgJ5vEZU/NSRmy9kKUWjMmSdd/96q1TGwBs0BBm6HpUQ04i3thCXYoWPAm
09DMplAoPwWI2HBtH0OAGSd2Bd8VLz25ovpNJGcapHfwsIHRzswjELju2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVFQ6H9V86WBnC6nJBvn7UoYtezMB8GA1UdIwQY
MBaAFOIRSjCmfjz7PK22No7SAsSM0punMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMt
NTIzNmFjYzBhMTY2LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMtNTIzNmFjYzBhMTY2
LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbxMxjTYj
y/lYhsHMQ73HZSi7n5nW9H1Ls0AYu9PUKlLQDX3BDb/2T+fTGXxhjIja3n/JTy71
9Ep4e7HNymHI90h9YGPF4GGzvj50kLCvWIL41K4gCZxw6Wgb+QZwGm9GQ16qLGFg
KFQ81PR9SvOB2Rrq5Nwahi+TnU5e/K/QVcFK5pF/c1pKC/k21xTneyQ+B9JFmm/b
2+qOSH9vgN2T2lmtUJxKLMxnKzpJ5K2AiuIfxEgZ+YJzCYJMrhaw7TVdtTbwK5ah
2xfn5Iv9g9SwQH9BV/XqCqXRScHtLWOkb+irzpeCFKWSPV/R0Vtg7Y8hxKl427RA
RWku+tRPa9jt9A==
-----END CERTIFICATE-----