Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
File:                     Us3j-fOkO7GGEIo8M9n2NVeh14w.mft (raw, json)
Hash identifier:          xiE4v2ny5NaEJ7TUUE+ztvknuW7ecLOtLjSfgiwIP6Y=
Subject key identifier:   4E:C7:B2:E0:29:4E:79:B4:74:3A:11:F6:56:6A:B5:A6:5E:0B:37:E4
Authority key identifier: 52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C
Certificate issuer:       /CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c
Certificate serial:       019A71B91721C3980BD4CBDCE8DDD2245656
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
Manifest number:          01D3
Signing time:             Tue 11 Nov 2025 07:02:26 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:26 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:26 +0000
Files and hashes:         1: Us3j-fOkO7GGEIo8M9n2NVeh14w.crl (hash: f+LDsNMIIqT7Kr+xqBWxesE+GuGC3UAx0imTb8XKcBQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:17:21:c3:98:0b:d4:cb:dc:e8:dd:d2:24:56:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c
        Validity
            Not Before: Nov 11 07:02:26 2025 GMT
            Not After : Nov 12 07:02:26 2025 GMT
        Subject: CN=4ec7b2e0294e79b4743a11f6566ab5a65e0b37e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a1:e5:f5:a8:ff:67:e6:d1:0b:27:ea:03:c5:
                    9f:96:07:ed:f4:9f:ab:39:a6:44:1d:cf:1f:5a:97:
                    29:b7:e5:6a:11:40:d9:4d:34:d2:08:5c:6a:4d:a8:
                    0d:ba:bb:f7:16:63:c2:40:7f:a1:96:0c:46:b0:f8:
                    47:e2:d4:f4:a1:46:2f:dc:8c:05:67:a8:18:88:7b:
                    6b:d6:fc:7e:7e:57:9e:1b:20:c1:57:12:42:55:37:
                    9b:a3:77:98:8d:ac:fd:9f:36:d2:e7:71:c6:45:91:
                    36:81:48:c0:0d:41:47:2d:82:eb:9f:ea:61:02:96:
                    cc:47:b9:f2:0c:4a:03:46:82:fd:ce:d5:a4:30:15:
                    7a:81:b8:b7:fe:f0:af:32:0d:92:e4:32:93:d6:3c:
                    69:22:a2:d4:e9:3a:8c:34:0c:4f:84:15:25:96:a5:
                    31:e2:93:52:a0:78:60:9d:d6:11:0e:b2:49:98:7d:
                    59:ca:04:6b:67:2e:1d:da:7f:bc:d6:17:7d:d0:7f:
                    ba:50:d4:4b:76:11:34:63:94:35:ad:05:af:97:68:
                    5a:e7:7f:ba:f3:27:bc:b3:f5:1d:84:48:10:8b:63:
                    dc:f9:72:e9:f2:f8:90:61:92:ed:ea:4e:ad:ba:d0:
                    84:63:6f:d6:2b:2a:16:a9:83:05:8f:c5:7c:69:bd:
                    7c:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:C7:B2:E0:29:4E:79:B4:74:3A:11:F6:56:6A:B5:A6:5E:0B:37:E4
            X509v3 Authority Key Identifier:
                keyid:52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:da:83:10:80:5d:82:68:4e:5a:0f:65:7d:ca:00:53:ac:ad:
         c4:f3:6d:9b:29:ec:82:8a:45:8c:40:47:94:1e:66:c1:f8:c9:
         74:46:b4:7a:91:d8:72:43:f1:56:91:6b:21:da:91:fb:7a:84:
         5b:e7:51:03:c5:c3:39:60:1b:e9:9d:0b:bd:98:03:cf:74:b8:
         27:4f:04:9a:81:01:4c:e5:6a:57:9b:ab:81:34:08:bf:9f:d4:
         3c:5c:11:9b:9b:ee:12:4a:2e:49:af:68:ac:ae:96:45:a6:8b:
         11:b0:99:63:4b:2b:98:20:e1:4b:47:c0:00:03:fe:7e:7e:d1:
         1d:72:8a:38:91:4f:7a:ce:91:3a:7d:f6:4d:0e:7c:02:98:58:
         ca:6c:60:08:17:11:70:42:08:6e:fa:de:35:90:65:04:28:68:
         ef:06:78:ea:31:88:ef:ca:28:66:0c:f2:95:58:d0:d6:46:3f:
         3b:36:b5:13:15:81:d8:00:f9:54:1a:1d:c2:ad:09:40:92:46:
         ff:b1:f4:7a:9d:af:f8:95:b9:80:61:9c:cd:70:c5:8a:b8:1d:
         0b:b6:6c:b0:65:1c:6c:f4:fa:d9:94:08:f3:99:2c:21:43:f4:
         25:91:50:f5:ab:bb:18:22:00:22:e6:c8:4a:4f:a0:43:89:b9:
         a4:f8:09:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRchw5gL1Mvc6N3SJFZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2RlM2Y5ZjNhNDNiYjE4NjEwOGEzYzMzZDlmNjM1NTdh
MWQ3OGMwHhcNMjUxMTExMDcwMjI2WhcNMjUxMTEyMDcwMjI2WjAzMTEwLwYDVQQD
Eyg0ZWM3YjJlMDI5NGU3OWI0NzQzYTExZjY1NjZhYjVhNjVlMGIzN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aHl9aj/Z+bRCyfqA8Wflgft9J+r
OaZEHc8fWpcpt+VqEUDZTTTSCFxqTagNurv3FmPCQH+hlgxGsPhH4tT0oUYv3IwF
Z6gYiHtr1vx+fleeGyDBVxJCVTebo3eYjaz9nzbS53HGRZE2gUjADUFHLYLrn+ph
ApbMR7nyDEoDRoL9ztWkMBV6gbi3/vCvMg2S5DKT1jxpIqLU6TqMNAxPhBUllqUx
4pNSoHhgndYRDrJJmH1ZygRrZy4d2n+81hd90H+6UNRLdhE0Y5Q1rQWvl2ha53+6
8ye8s/UdhEgQi2Pc+XLp8viQYZLt6k6tutCEY2/WKyoWqYMFj8V8ab18cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE7HsuApTnm0dDoR9lZqtaZeCzfkMB8GA1UdIwQY
MBaAFFLN4/nzpDuxhhCKPDPZ9jVXodeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzct
NjA0NmMwMDQ5NmJjLzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzctNjA0NmMwMDQ5NmJj
LzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATtqDEIBd
gmhOWg9lfcoAU6ytxPNtmynsgopFjEBHlB5mwfjJdEa0epHYckPxVpFrIdqR+3qE
W+dRA8XDOWAb6Z0LvZgDz3S4J08EmoEBTOVqV5urgTQIv5/UPFwRm5vuEkouSa9o
rK6WRaaLEbCZY0srmCDhS0fAAAP+fn7RHXKKOJFPes6ROn32TQ58AphYymxgCBcR
cEIIbvreNZBlBCho7wZ46jGI78ooZgzylVjQ1kY/Oza1ExWB2AD5VBodwq0JQJJG
/7H0ep2v+JW5gGGczXDFirgdC7ZssGUcbPT62ZQI85ksIUP0JZFQ9au7GCIAIubI
Sk+gQ4m5pPgJHQ==
-----END CERTIFICATE-----