Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
File:                     04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json)
Hash identifier:          bgYyk0X76a0XRju+HVGVOdNwbgXbKAmBLSaBAAUXTmA=
Subject key identifier:   01:DB:A1:C3:23:B3:C4:FB:29:2C:29:76:F5:F2:DE:41:BA:3E:FA:91
Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65
Certificate issuer:       /CN=d381b701705190b9ce9d1b184535384e71ca3165
Certificate serial:       019A71B8BE3EF20E80F9093F16303816F178
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:02:04 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:04 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:04 +0000
Files and hashes:         1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: 9qpCu33El1CmihXyui1snl+wlf2Qgtk4T+M2T+HlbdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:be:3e:f2:0e:80:f9:09:3f:16:30:38:16:f1:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165
        Validity
            Not Before: Nov 11 07:02:04 2025 GMT
            Not After : Nov 12 07:02:04 2025 GMT
        Subject: CN=01dba1c323b3c4fb292c2976f5f2de41ba3efa91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:08:bb:76:3d:99:94:f8:af:70:64:75:a5:d5:
                    12:67:6c:20:8a:e4:8a:d3:01:05:3f:e9:4c:ea:39:
                    c8:70:e9:a7:55:21:4a:78:78:f1:3d:01:4a:6f:bd:
                    71:70:ae:3e:81:9d:c9:f9:53:13:07:25:93:ff:06:
                    1b:b1:8c:ff:61:dc:2b:ae:ef:93:a0:81:db:c0:4b:
                    10:02:77:45:f8:c5:7f:a7:34:c5:f6:34:d4:34:c2:
                    95:52:bf:8c:b5:a4:4b:dc:66:79:71:02:d5:6b:2e:
                    6d:66:29:30:9d:6b:da:73:ed:12:79:fd:0f:75:22:
                    69:4c:d9:71:87:fe:4b:f4:04:03:3b:1b:72:c6:ba:
                    bb:4c:98:24:c9:4c:0f:70:cf:97:2a:8d:25:d0:74:
                    42:a6:5c:63:68:02:7e:b9:11:33:79:7e:f1:02:65:
                    95:aa:54:31:38:6d:dc:e0:07:af:ba:24:2c:39:8e:
                    23:8e:4f:a0:80:94:a0:df:32:c9:04:35:20:a2:fc:
                    00:a2:f3:f3:2c:37:d9:0f:38:c3:d4:92:23:25:cc:
                    34:5e:97:31:ed:a0:b8:f7:80:c8:2e:6c:77:b0:46:
                    5e:7d:f0:54:32:91:f1:c1:fb:1e:63:8c:39:54:7b:
                    41:b9:4b:86:b9:f6:06:9e:27:f9:5a:c7:17:69:75:
                    39:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:DB:A1:C3:23:B3:C4:FB:29:2C:29:76:F5:F2:DE:41:BA:3E:FA:91
            X509v3 Authority Key Identifier:
                keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:94:0b:af:56:90:a0:87:a2:c7:10:82:48:38:5a:54:0c:f7:
         37:eb:7a:34:d6:ed:24:ac:f9:37:8c:52:e6:56:24:2c:0f:94:
         a0:fa:c6:36:15:ff:e9:79:2d:77:b0:eb:3c:cd:23:55:62:b8:
         4b:d1:76:a0:e8:8e:c5:27:79:76:26:99:b7:7d:75:a3:f4:66:
         04:18:f8:62:c4:c6:3c:3c:e5:ec:15:48:3f:cb:8c:94:cd:b6:
         57:72:75:c3:ab:ea:1f:c4:98:c5:2a:6b:33:27:3b:31:6f:2b:
         ce:eb:22:a0:fd:7b:2d:2d:d6:c0:70:c9:c8:af:cb:d8:81:ad:
         8a:74:8f:93:9d:59:f1:bd:9f:f2:80:55:f2:89:a5:6e:f6:2f:
         a2:3a:c1:4e:44:d7:47:1e:74:d1:06:11:d2:09:63:13:68:95:
         04:65:1e:e0:a5:42:7e:8b:2a:d2:86:0e:4b:73:44:34:99:5f:
         34:cc:89:f5:27:01:6b:e3:af:e7:8b:fc:07:03:63:49:34:ae:
         76:88:71:2a:30:90:68:dc:fb:7a:13:c2:da:3e:a3:6f:15:f7:
         e6:24:96:23:cb:54:52:73:24:37:25:99:48:10:2c:41:5b:6d:
         fb:f5:fa:d1:85:c8:c3:ce:97:0e:21:45:ef:ea:31:71:7b:7a:
         c5:b6:16:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuL4+8g6A+Qk/FjA4FvF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj
YTMxNjUwHhcNMjUxMTExMDcwMjA0WhcNMjUxMTEyMDcwMjA0WjAzMTEwLwYDVQQD
EygwMWRiYTFjMzIzYjNjNGZiMjkyYzI5NzZmNWYyZGU0MWJhM2VmYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ai7dj2ZlPivcGR1pdUSZ2wgiuSK
0wEFP+lM6jnIcOmnVSFKeHjxPQFKb71xcK4+gZ3J+VMTByWT/wYbsYz/Ydwrru+T
oIHbwEsQAndF+MV/pzTF9jTUNMKVUr+MtaRL3GZ5cQLVay5tZikwnWvac+0Sef0P
dSJpTNlxh/5L9AQDOxtyxrq7TJgkyUwPcM+XKo0l0HRCplxjaAJ+uREzeX7xAmWV
qlQxOG3c4AevuiQsOY4jjk+ggJSg3zLJBDUgovwAovPzLDfZDzjD1JIjJcw0Xpcx
7aC494DILmx3sEZeffBUMpHxwfseY4w5VHtBuUuGufYGnif5WscXaXU5hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHbocMjs8T7KSwpdvXy3kG6PvqRMB8GA1UdIwQY
MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct
NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw
LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgJQLr1aQ
oIeixxCCSDhaVAz3N+t6NNbtJKz5N4xS5lYkLA+UoPrGNhX/6Xktd7DrPM0jVWK4
S9F2oOiOxSd5diaZt311o/RmBBj4YsTGPDzl7BVIP8uMlM22V3J1w6vqH8SYxSpr
Myc7MW8rzusioP17LS3WwHDJyK/L2IGtinSPk51Z8b2f8oBV8omlbvYvojrBTkTX
Rx500QYR0gljE2iVBGUe4KVCfosq0oYOS3NENJlfNMyJ9ScBa+Ov54v8BwNjSTSu
dohxKjCQaNz7ehPC2j6jbxX35iSWI8tUUnMkNyWZSBAsQVtt+/X60YXIw86XDiFF
7+oxcXt6xbYWdw==
-----END CERTIFICATE-----