Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          cjgJwhVKwjsDXdb5lNJAPAA8xgRq0DZEk6LJJW5tzCQ=
Subject key identifier:   67:E7:1D:E7:EC:3D:E2:54:76:E6:14:66:4A:57:27:DC:91:AA:CA:34
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019A71B8F76CC7752C76B283C7BABBE5E28B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0EC0
Signing time:             Tue 11 Nov 2025 07:02:18 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:18 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:18 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: sxoUpENH6xW8C4eMh0St7ZEmY2iCJsDtDJp6Gs6Wums=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:f7:6c:c7:75:2c:76:b2:83:c7:ba:bb:e5:e2:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Nov 11 07:02:18 2025 GMT
            Not After : Nov 12 07:02:18 2025 GMT
        Subject: CN=67e71de7ec3de25476e614664a5727dc91aaca34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:f3:03:ed:1a:44:68:c1:ae:6f:4c:a0:ea:85:
                    c4:c2:8a:9e:0d:31:27:03:05:8d:28:5f:9c:54:04:
                    ff:ed:b1:01:63:15:72:2c:be:3a:5d:b4:83:b8:b2:
                    c0:1a:75:86:a6:ec:ed:1e:62:db:df:4f:bc:cc:af:
                    25:55:d6:c3:58:a2:fa:06:80:45:81:d3:38:4d:2b:
                    70:fa:a7:15:08:e7:13:f9:6c:73:64:f4:f3:b5:ed:
                    bf:27:f1:96:41:b3:15:82:99:3e:26:37:51:d5:2d:
                    bd:1e:88:cc:2b:b0:70:97:ce:5e:04:8d:69:d4:0e:
                    3b:5e:4a:33:71:28:f5:2e:1e:c5:31:7c:67:f4:cf:
                    b2:c3:09:83:2f:f5:84:36:22:8d:22:da:71:cc:7a:
                    75:7f:ed:8c:39:33:7e:5e:c9:47:b5:1e:3e:84:f1:
                    61:db:4c:ae:d7:1b:63:f7:38:60:68:87:c1:e8:d3:
                    3f:00:a4:ce:3f:b1:7a:29:12:c0:05:dc:62:11:20:
                    5a:f7:ae:7c:2f:c9:c1:94:75:e9:04:ff:df:42:15:
                    92:67:5b:ba:e6:57:50:6d:f2:05:df:f6:51:c1:53:
                    7b:ad:de:90:fe:24:4c:85:07:93:f1:4f:7a:d7:fd:
                    8c:37:f5:a0:bd:a6:fb:c8:f9:a5:a6:6f:02:4e:9c:
                    23:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:E7:1D:E7:EC:3D:E2:54:76:E6:14:66:4A:57:27:DC:91:AA:CA:34
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:3c:04:1e:ab:48:bb:d0:19:01:c7:c1:0e:10:bf:30:8b:03:
         8d:1f:b1:43:3e:fe:18:9c:62:65:cc:30:d5:43:c2:21:79:5d:
         f5:6d:db:33:9a:48:52:12:de:ec:9b:6c:cd:89:68:df:99:4c:
         dd:ae:b5:f5:07:41:7a:ac:65:be:a1:c2:de:d1:6d:4f:97:d5:
         4f:bc:77:0a:d5:46:a0:39:46:df:47:ab:e6:75:66:71:e6:4d:
         69:74:f5:46:37:a5:3d:58:52:ad:80:f8:9f:27:ac:dc:21:5e:
         ec:6b:8f:7d:47:56:f7:6b:f4:f8:1c:3e:b1:e2:b6:5a:3e:4b:
         a7:a2:b0:88:46:c5:c2:51:58:fe:80:51:cf:5e:46:2d:03:b3:
         f6:1a:d6:16:28:04:41:98:c4:69:18:83:83:c6:da:1a:82:c8:
         16:7f:67:61:a0:ed:03:41:da:cc:a2:a9:61:41:3f:f1:0a:c7:
         66:49:f0:94:c6:91:99:c5:0b:22:ca:24:f9:71:8c:69:c9:92:
         d5:88:2c:cd:56:35:f7:a6:1d:86:01:ac:25:72:62:25:4d:be:
         6f:91:0f:48:e1:ff:9a:d7:7c:3a:98:43:b2:82:1f:d8:8e:1d:
         71:1d:ab:d8:e9:e5:52:59:c6:2d:9b:99:7d:35:a4:d7:8a:73:
         df:14:98:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPdsx3UsdrKDx7q75eKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjUxMTExMDcwMjE4WhcNMjUxMTEyMDcwMjE4WjAzMTEwLwYDVQQD
Eyg2N2U3MWRlN2VjM2RlMjU0NzZlNjE0NjY0YTU3MjdkYzkxYWFjYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/MD7RpEaMGub0yg6oXEwoqeDTEn
AwWNKF+cVAT/7bEBYxVyLL46XbSDuLLAGnWGpuztHmLb30+8zK8lVdbDWKL6BoBF
gdM4TStw+qcVCOcT+WxzZPTzte2/J/GWQbMVgpk+JjdR1S29HojMK7Bwl85eBI1p
1A47XkozcSj1Lh7FMXxn9M+ywwmDL/WENiKNItpxzHp1f+2MOTN+XslHtR4+hPFh
20yu1xtj9zhgaIfB6NM/AKTOP7F6KRLABdxiESBa9658L8nBlHXpBP/fQhWSZ1u6
5ldQbfIF3/ZRwVN7rd6Q/iRMhQeT8U961/2MN/Wgvab7yPmlpm8CTpwj9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfnHefsPeJUduYUZkpXJ9yRqso0MB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQzwEHqtI
u9AZAcfBDhC/MIsDjR+xQz7+GJxiZcww1UPCIXld9W3bM5pIUhLe7JtszYlo35lM
3a619QdBeqxlvqHC3tFtT5fVT7x3CtVGoDlG30er5nVmceZNaXT1RjelPVhSrYD4
nyes3CFe7GuPfUdW92v0+Bw+seK2Wj5Lp6KwiEbFwlFY/oBRz15GLQOz9hrWFigE
QZjEaRiDg8baGoLIFn9nYaDtA0HazKKpYUE/8QrHZknwlMaRmcULIsok+XGMacmS
1YgszVY196YdhgGsJXJiJU2+b5EPSOH/mtd8OphDsoIf2I4dcR2r2OnlUlnGLZuZ
fTWk14pz3xSYGA==
-----END CERTIFICATE-----