Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          aGjsSEmycvsudhgEfbi9CPBV6OrZ/pdrhSdEDlfA/ew=
Subject key identifier:   B9:1C:3B:81:11:07:15:2D:67:30:44:CA:C2:16:B2:F0:06:F9:57:A0
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       019A7226064661620397B8E8D663DB98AB79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 09:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:25 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: Fq4I3QHyzl/GRJQZukWnrIoEij7/VXvDjfak3409kr0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:06:46:61:62:03:97:b8:e8:d6:63:db:98:ab:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Nov 11 09:01:25 2025 GMT
            Not After : Nov 12 09:01:25 2025 GMT
        Subject: CN=b91c3b811107152d673044cac216b2f006f957a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:cd:ce:cd:76:bd:9f:c3:b9:e1:90:bc:11:5b:
                    b1:cf:a6:af:b1:51:51:7f:98:fa:02:7a:3b:e9:12:
                    b2:7a:32:80:a6:5a:59:22:2e:19:bb:e9:f2:93:88:
                    fa:d1:ed:0b:2a:9a:5b:29:e9:89:ad:e7:a6:3d:53:
                    c8:8e:fd:c1:9f:92:1c:07:4d:4e:01:ae:fe:0d:b8:
                    61:ed:c8:92:70:a5:b3:b0:24:79:32:b3:c5:3f:3c:
                    9d:16:9f:93:e9:0c:57:2b:6c:1c:5a:2f:7b:27:d1:
                    d9:27:c4:5b:e7:5a:bd:7b:72:28:05:57:32:c1:6e:
                    5d:cd:04:db:f3:33:d9:bf:bb:68:95:4a:a9:93:df:
                    3a:f1:bb:dc:c7:28:c8:ab:29:55:41:cf:74:8b:6b:
                    95:fa:58:1d:82:18:79:00:20:c3:4a:2c:fe:28:5c:
                    1f:b1:dd:33:54:77:52:ab:31:cf:50:30:39:19:7b:
                    62:5a:f9:23:03:0c:ff:7d:de:8e:99:d4:d3:5e:57:
                    5f:9c:6d:20:b6:68:62:38:59:37:00:6d:c4:90:79:
                    6a:84:a5:ce:3f:bc:5e:f8:25:0a:dc:b9:d3:90:7e:
                    52:c2:48:d3:61:9c:55:43:f0:59:4a:bb:f6:c9:a1:
                    f7:c7:92:d3:33:b6:24:bd:28:5b:96:d6:fa:35:d9:
                    0b:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:1C:3B:81:11:07:15:2D:67:30:44:CA:C2:16:B2:F0:06:F9:57:A0
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:13:b6:2a:8d:d9:0d:d3:ce:e6:3d:2f:da:b2:2a:12:fb:16:
         eb:7c:37:ce:05:65:53:0e:7c:6b:6c:db:c2:6d:07:01:c5:d1:
         28:a4:f6:c2:39:50:03:ee:98:96:d0:78:16:74:63:2c:df:e8:
         4d:09:1f:fc:6a:5c:73:a1:80:a1:83:8f:c9:a5:2f:d9:74:bf:
         f2:46:fd:e2:28:e2:a4:d0:26:3b:77:01:38:62:c6:2c:43:15:
         c8:60:14:3d:62:7e:a7:d9:af:96:d5:68:44:06:76:82:3e:1c:
         90:e1:01:26:01:7c:91:a9:11:23:50:4d:dd:d2:09:73:22:f2:
         e4:e2:cc:00:1d:1b:fb:17:42:e3:24:da:0f:6c:59:69:8b:94:
         3e:15:be:7e:36:e1:fe:03:b0:89:e3:bd:4b:c3:07:c1:8c:23:
         d8:b1:47:66:ba:0a:8d:cc:d3:1d:0b:13:0e:07:1a:2b:30:33:
         c2:6a:73:b5:40:f2:d2:63:1d:41:4b:53:43:79:5d:2c:c2:60:
         5c:f8:d3:d4:2a:88:97:44:7a:d0:25:c6:06:6d:1c:d8:d5:ed:
         1e:3c:1b:ad:eb:9c:8c:f6:31:9b:1f:b0:2d:2b:90:86:3b:25:
         81:1e:44:ab:b8:cd:6f:29:7a:2d:e4:c8:09:8b:c7:82:c0:81:
         84:81:f2:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgZGYWIDl7jo1mPbmKt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUxMTExMDkwMTI1WhcNMjUxMTEyMDkwMTI1WjAzMTEwLwYDVQQD
EyhiOTFjM2I4MTExMDcxNTJkNjczMDQ0Y2FjMjE2YjJmMDA2Zjk1N2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c3OzXa9n8O54ZC8EVuxz6avsVFR
f5j6Ano76RKyejKAplpZIi4Zu+nyk4j60e0LKppbKemJreemPVPIjv3Bn5IcB01O
Aa7+Dbhh7ciScKWzsCR5MrPFPzydFp+T6QxXK2wcWi97J9HZJ8Rb51q9e3IoBVcy
wW5dzQTb8zPZv7tolUqpk9868bvcxyjIqylVQc90i2uV+lgdghh5ACDDSiz+KFwf
sd0zVHdSqzHPUDA5GXtiWvkjAwz/fd6OmdTTXldfnG0gtmhiOFk3AG3EkHlqhKXO
P7xe+CUK3LnTkH5SwkjTYZxVQ/BZSrv2yaH3x5LTM7YkvShbltb6NdkLgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkcO4ERBxUtZzBEysIWsvAG+VegMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfRO2Ko3Z
DdPO5j0v2rIqEvsW63w3zgVlUw58a2zbwm0HAcXRKKT2wjlQA+6YltB4FnRjLN/o
TQkf/Gpcc6GAoYOPyaUv2XS/8kb94ijipNAmO3cBOGLGLEMVyGAUPWJ+p9mvltVo
RAZ2gj4ckOEBJgF8kakRI1BN3dIJcyLy5OLMAB0b+xdC4yTaD2xZaYuUPhW+fjbh
/gOwieO9S8MHwYwj2LFHZroKjczTHQsTDgcaKzAzwmpztUDy0mMdQUtTQ3ldLMJg
XPjT1CqIl0R60CXGBm0c2NXtHjwbreucjPYxmx+wLSuQhjslgR5Eq7jNbyl6LeTI
CYvHgsCBhIHyJQ==
-----END CERTIFICATE-----