Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
File:                     Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json)
Hash identifier:          BFI0nwTzT55sTL9KkxnHqgkp6z7mqgotpQuSP/h2wgw=
Subject key identifier:   9A:71:02:18:A3:CD:36:E5:E6:06:D1:8B:32:28:8B:11:43:AD:38:8E
Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B
Certificate issuer:       /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
Certificate serial:       0197B6D76ED82B65BA20D73FD1C6B2377E54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
Manifest number:          4E
Signing time:             Sat 28 Jun 2025 14:01:01 +0000
Manifest this update:     Sat 28 Jun 2025 14:01:01 +0000
Manifest next update:     Sun 29 Jun 2025 14:01:01 +0000
Files and hashes:         1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: EU5qbByn5Aca1g6sBTmhm2QfXt4ackX27mXqFir7AX4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:6e:d8:2b:65:ba:20:d7:3f:d1:c6:b2:37:7e:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
        Validity
            Not Before: Jun 28 14:01:01 2025 GMT
            Not After : Jun 29 14:01:01 2025 GMT
        Subject: CN=9a710218a3cd36e5e606d18b32288b1143ad388e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:a3:09:c3:c4:13:34:cb:28:3e:11:65:1c:2f:
                    f2:d7:51:9f:57:b8:74:60:d7:e8:5a:95:46:75:e6:
                    48:31:92:e5:fa:67:fa:27:54:db:90:82:52:da:37:
                    c2:53:61:8b:4a:ff:13:8d:a2:cd:a6:44:d7:0f:e3:
                    17:87:d9:3c:b2:52:62:ca:f6:77:60:af:58:a1:e0:
                    96:7a:41:91:e3:d3:0a:aa:e2:2f:15:7d:43:97:14:
                    df:2b:81:56:57:cb:e9:f2:1f:47:da:37:fc:ff:16:
                    67:43:21:2d:6a:41:01:a0:dd:6b:d1:7e:43:e5:aa:
                    fa:9b:50:c6:e9:87:45:2b:b2:c9:34:aa:f1:77:06:
                    81:08:5d:30:b8:e3:66:dc:1a:0f:09:a1:8a:3a:6b:
                    87:41:11:6a:77:6e:60:66:84:97:da:ef:93:47:ec:
                    7a:3e:e6:1f:7c:d1:13:8a:12:29:70:1f:7b:5f:51:
                    0f:5c:5b:48:bd:83:1a:50:9b:2f:fc:db:ae:f9:4f:
                    36:0e:97:4f:1c:85:ef:7d:21:40:58:91:af:48:f2:
                    be:78:cb:25:de:98:d9:b5:61:5b:07:23:ae:a3:bb:
                    71:5a:23:38:17:99:ec:10:6e:db:10:66:ad:4f:82:
                    94:fa:5d:43:aa:44:ed:eb:12:c9:dd:02:e8:8c:a1:
                    24:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:71:02:18:A3:CD:36:E5:E6:06:D1:8B:32:28:8B:11:43:AD:38:8E
            X509v3 Authority Key Identifier:
                keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:d5:2c:45:1d:7c:16:b4:64:78:48:7c:20:45:c1:df:20:af:
         4d:ce:87:b5:2d:28:48:bc:30:73:a5:95:73:10:62:2c:3c:cd:
         1b:f4:ad:80:c6:dc:77:3b:df:7e:04:e5:ae:78:77:fe:76:70:
         cc:f2:02:9a:db:7f:f9:a6:62:56:bb:31:0f:c7:32:4d:5c:c2:
         cf:a4:bf:44:59:66:83:75:ae:e7:c9:62:ca:f2:85:e1:fc:cf:
         b8:42:0e:10:42:03:b8:58:08:56:75:a9:4d:60:57:73:1d:76:
         b7:bc:7f:0a:4b:b3:e0:86:1f:14:50:cd:ca:86:28:bf:52:cd:
         84:2e:28:21:c1:cd:53:c6:e1:80:c4:72:c7:75:bc:26:35:0c:
         eb:d3:a5:71:a8:3f:49:27:bf:f5:ae:fa:0f:15:6d:af:f1:63:
         52:c3:5c:ed:64:77:8d:c9:c3:fe:8c:8f:4f:a6:0c:0a:45:50:
         e5:18:c5:c7:82:4f:2c:09:9d:87:34:0b:f9:7c:97:4e:47:67:
         a1:5c:70:09:a2:ce:3e:8f:cb:4d:5d:9f:a3:2d:03:7d:03:e7:
         9a:04:02:c5:97:e8:c7:c7:2c:6d:30:99:54:a3:ac:94:8f:64:
         5f:b6:df:f2:e9:53:c9:d7:da:0e:6c:5e:f2:52:48:a6:2a:a4:
         47:5b:f5:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2127YK2W6INc/0cayN35UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl
YzNiNWIwHhcNMjUwNjI4MTQwMTAxWhcNMjUwNjI5MTQwMTAxWjAzMTEwLwYDVQQD
Eyg5YTcxMDIxOGEzY2QzNmU1ZTYwNmQxOGIzMjI4OGIxMTQzYWQzODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qMJw8QTNMsoPhFlHC/y11GfV7h0
YNfoWpVGdeZIMZLl+mf6J1TbkIJS2jfCU2GLSv8TjaLNpkTXD+MXh9k8slJiyvZ3
YK9YoeCWekGR49MKquIvFX1DlxTfK4FWV8vp8h9H2jf8/xZnQyEtakEBoN1r0X5D
5ar6m1DG6YdFK7LJNKrxdwaBCF0wuONm3BoPCaGKOmuHQRFqd25gZoSX2u+TR+x6
PuYffNETihIpcB97X1EPXFtIvYMaUJsv/Nuu+U82DpdPHIXvfSFAWJGvSPK+eMsl
3pjZtWFbByOuo7txWiM4F5nsEG7bEGatT4KU+l1DqkTt6xLJ3QLojKEkWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpxAhijzTbl5gbRizIoixFDrTiOMB8GA1UdIwQY
MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt
MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz
LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALtUsRR18
FrRkeEh8IEXB3yCvTc6HtS0oSLwwc6WVcxBiLDzNG/StgMbcdzvffgTlrnh3/nZw
zPICmtt/+aZiVrsxD8cyTVzCz6S/RFlmg3Wu58liyvKF4fzPuEIOEEIDuFgIVnWp
TWBXcx12t7x/Ckuz4IYfFFDNyoYov1LNhC4oIcHNU8bhgMRyx3W8JjUM69Olcag/
SSe/9a76DxVtr/FjUsNc7WR3jcnD/oyPT6YMCkVQ5RjFx4JPLAmdhzQL+XyXTkdn
oVxwCaLOPo/LTV2foy0DfQPnmgQCxZfox8csbTCZVKOslI9kX7bf8ulTydfaDmxe
8lJIpiqkR1v1yw==
-----END CERTIFICATE-----