Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
File:                     4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft (raw, json)
Hash identifier:          pPnVKzP1CfYjU5M85WBvGGqKKFy2x8BhXsR6H1NFt/c=
Subject key identifier:   60:8E:CB:09:82:E9:A9:5D:F2:8D:8E:9E:79:1C:33:0B:2F:7F:6A:BE
Authority key identifier: E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7
Certificate issuer:       /CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
Certificate serial:       0199FB460881D41DB573619B3C7B3B784044
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
Manifest number:          1213
Signing time:             Sun 19 Oct 2025 07:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:34 +0000
Files and hashes:         1: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl (hash: eXuudCOmtBlmFmnMsOrk3GaX+NmhGX/vPQfAJ4BestA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:46:08:81:d4:1d:b5:73:61:9b:3c:7b:3b:78:40:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
        Validity
            Not Before: Oct 19 07:01:34 2025 GMT
            Not After : Oct 20 07:01:34 2025 GMT
        Subject: CN=608ecb0982e9a95df28d8e9e791c330b2f7f6abe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:86:96:26:6d:52:35:5e:b8:46:96:93:2d:e9:
                    7d:66:a1:f2:1a:f6:7f:3a:10:73:2e:66:79:99:de:
                    1d:24:d2:18:19:d3:2c:4c:f9:be:b6:52:0c:12:43:
                    af:45:44:b0:17:ca:63:1d:e6:ca:08:bf:69:3f:ce:
                    01:66:72:2e:94:df:54:ad:9c:87:7a:a7:88:fa:ff:
                    68:70:1c:52:fc:fb:ae:7d:97:d6:1c:56:4f:8d:3d:
                    96:5e:7b:dd:33:aa:3b:78:22:a6:20:4c:90:c7:a3:
                    83:68:8d:e1:c7:24:5e:4a:c6:e8:37:dc:57:2e:19:
                    28:d4:7a:d2:37:76:c5:6f:3f:7f:a4:31:8d:79:98:
                    e4:91:7e:1a:26:da:e4:4b:07:68:31:ce:8f:84:ee:
                    af:22:29:9b:38:24:83:a4:8f:83:6f:14:fa:b7:a8:
                    9e:59:a2:5d:b6:86:86:3e:bb:39:2f:30:3a:67:6d:
                    b2:55:c0:2e:49:a4:b4:f7:03:f4:79:f4:e4:30:9d:
                    b6:0f:ff:0b:9c:cf:48:1e:dd:e9:ce:a2:2e:6f:7f:
                    10:a4:e7:ab:2a:10:3b:05:fb:67:ba:ab:1d:ff:af:
                    3f:4a:2e:05:48:ec:0b:33:b9:30:eb:73:44:eb:ca:
                    5f:70:f6:ac:b3:53:e2:dc:c4:69:84:91:bb:53:bc:
                    47:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:8E:CB:09:82:E9:A9:5D:F2:8D:8E:9E:79:1C:33:0B:2F:7F:6A:BE
            X509v3 Authority Key Identifier:
                keyid:E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:2a:cb:46:ec:2f:f2:75:d5:24:6e:95:86:e5:00:85:47:0c:
         0a:d4:46:cd:b3:e8:4e:b2:b4:a1:3f:80:1c:76:c9:e1:3e:6f:
         67:4c:bd:a1:67:2f:1d:41:c2:48:02:21:6c:70:5c:45:83:2d:
         ad:a6:ff:a7:d5:c6:a6:96:a5:64:79:c6:18:81:eb:e9:6e:68:
         82:f7:bb:32:56:be:38:80:86:5e:02:dc:cd:e7:61:b1:9a:c5:
         a5:8a:b6:73:80:50:8b:fe:fa:12:02:9a:07:af:2b:f9:5e:1e:
         94:76:67:35:d7:1d:4d:30:d7:b3:66:2e:41:f1:48:ed:d8:a7:
         71:42:d5:17:92:a9:52:21:fa:55:ac:94:27:ef:dd:9c:fc:aa:
         f2:93:da:49:d3:87:0b:dc:71:cf:6b:e3:b5:c2:38:c7:6a:41:
         19:f9:b8:a4:4c:5a:1d:d8:d7:b2:ad:f9:12:13:48:d6:51:d0:
         ca:48:13:55:03:fd:12:d0:ef:0e:ea:6e:6c:d5:8d:d6:05:a0:
         f7:65:94:8e:20:1b:31:25:80:2a:84:f8:16:b5:ea:00:a1:6e:
         6d:63:3a:cc:25:47:a8:cb:a8:96:b4:f3:46:c0:34:5f:a1:cb:
         9f:53:61:95:91:27:e2:52:a2:93:ee:a8:cf:c5:e5:30:02:91:
         49:ce:08:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RgiB1B21c2GbPHs7eEBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTE0YTMwYTY3ZTNjZmIzY2FkYjYzNjhlZDIwMmM0OGNk
MjliYTcwHhcNMjUxMDE5MDcwMTM0WhcNMjUxMDIwMDcwMTM0WjAzMTEwLwYDVQQD
Eyg2MDhlY2IwOTgyZTlhOTVkZjI4ZDhlOWU3OTFjMzMwYjJmN2Y2YWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIaWJm1SNV64RpaTLel9ZqHyGvZ/
OhBzLmZ5md4dJNIYGdMsTPm+tlIMEkOvRUSwF8pjHebKCL9pP84BZnIulN9UrZyH
eqeI+v9ocBxS/PuufZfWHFZPjT2WXnvdM6o7eCKmIEyQx6ODaI3hxyReSsboN9xX
Lhko1HrSN3bFbz9/pDGNeZjkkX4aJtrkSwdoMc6PhO6vIimbOCSDpI+DbxT6t6ie
WaJdtoaGPrs5LzA6Z22yVcAuSaS09wP0efTkMJ22D/8LnM9IHt3pzqIub38QpOer
KhA7Bftnuqsd/68/Si4FSOwLM7kw63NE68pfcPass1Pi3MRphJG7U7xHEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCOywmC6ald8o2OnnkcMwsvf2q+MB8GA1UdIwQY
MBaAFOIRSjCmfjz7PK22No7SAsSM0punMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMt
NTIzNmFjYzBhMTY2LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMtNTIzNmFjYzBhMTY2
LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQCrLRuwv
8nXVJG6VhuUAhUcMCtRGzbPoTrK0oT+AHHbJ4T5vZ0y9oWcvHUHCSAIhbHBcRYMt
rab/p9XGppalZHnGGIHr6W5ogve7Mla+OICGXgLczedhsZrFpYq2c4BQi/76EgKa
B68r+V4elHZnNdcdTTDXs2YuQfFI7dincULVF5KpUiH6VayUJ+/dnPyq8pPaSdOH
C9xxz2vjtcI4x2pBGfm4pExaHdjXsq35EhNI1lHQykgTVQP9EtDvDupubNWN1gWg
92WUjiAbMSWAKoT4FrXqAKFubWM6zCVHqMuolrTzRsA0X6HLn1NhlZEn4lKik+6o
z8XlMAKRSc4IBw==
-----END CERTIFICATE-----