Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft
File:                     3pj4NjKYKX-6uupodyArXEQOWpA.mft (raw, json)
Hash identifier:          OVy+IIOOtVXiHCmLz3uKTMiEdRVPSQtZrfq1fUy0Fao=
Subject key identifier:   9E:69:7A:7E:FF:43:31:9C:48:C0:D4:2F:82:26:9C:48:5C:83:10:AB
Authority key identifier: DE:98:F8:36:32:98:29:7F:BA:BA:EA:68:77:20:2B:5C:44:0E:5A:90
Certificate issuer:       /CN=de98f8363298297fbabaea6877202b5c440e5a90
Certificate serial:       019A71B785E04BCB0FED8018DA94D56DCBD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3pj4NjKYKX-6uupodyArXEQOWpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft
Manifest number:          0DAE
Signing time:             Tue 11 Nov 2025 07:00:44 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:44 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:44 +0000
Files and hashes:         1: 3pj4NjKYKX-6uupodyArXEQOWpA.crl (hash: BealtMxfxl7j5AhYdKb0sgSdI11Fye0RDIkkMQV48NQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3pj4NjKYKX-6uupodyArXEQOWpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:85:e0:4b:cb:0f:ed:80:18:da:94:d5:6d:cb:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de98f8363298297fbabaea6877202b5c440e5a90
        Validity
            Not Before: Nov 11 07:00:44 2025 GMT
            Not After : Nov 12 07:00:44 2025 GMT
        Subject: CN=9e697a7eff43319c48c0d42f82269c485c8310ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f8:b5:e2:e3:c4:27:95:d3:3a:aa:a6:f3:ba:
                    93:bc:3e:c1:aa:ef:08:7a:db:b0:8f:b9:52:25:a9:
                    91:d8:c4:31:d6:65:f1:0c:48:97:4e:c8:a5:44:0a:
                    60:4b:c0:7b:84:64:85:2c:c4:ab:08:a7:7c:d6:0f:
                    fd:cc:bd:da:09:a8:bd:13:6c:9a:bb:d5:4b:6b:05:
                    9f:60:42:77:ef:a9:21:8c:52:04:dd:49:1b:ca:f8:
                    3e:b3:12:a9:cb:ec:cb:a6:ed:49:d6:8a:7c:dd:f8:
                    61:db:80:c6:e6:f1:b9:b6:11:f1:84:b6:fb:45:db:
                    41:a8:7b:0a:6a:f9:be:04:13:66:f3:90:77:41:15:
                    f8:a0:c2:e4:74:6e:09:87:3c:cc:74:9a:e8:ce:4c:
                    01:3c:a8:81:90:26:78:b5:e1:9c:7f:8e:e3:cf:01:
                    2a:13:e2:63:84:28:f9:e7:27:4b:f3:da:d1:80:01:
                    ce:65:a6:1f:c4:0c:be:7d:a0:ec:53:bd:75:e5:27:
                    03:3b:9f:3e:4d:2e:81:53:8e:8f:75:a7:4e:20:d7:
                    b9:fb:0d:69:93:99:91:78:84:4e:0d:9e:03:dc:36:
                    e0:0e:1c:f4:c7:21:72:7d:d1:48:bb:96:af:9e:ce:
                    53:10:ff:79:cd:2d:90:05:fa:97:62:65:ce:93:8b:
                    c7:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:69:7A:7E:FF:43:31:9C:48:C0:D4:2F:82:26:9C:48:5C:83:10:AB
            X509v3 Authority Key Identifier:
                keyid:DE:98:F8:36:32:98:29:7F:BA:BA:EA:68:77:20:2B:5C:44:0E:5A:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pj4NjKYKX-6uupodyArXEQOWpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:f0:ae:ac:90:59:f3:63:5b:76:2e:b1:d1:4f:db:61:0d:be:
         0b:59:48:69:d0:72:32:20:1f:7e:d4:6e:6f:b5:cb:ff:f6:91:
         d1:67:7e:59:e6:35:85:1e:37:67:62:44:22:a6:80:c8:b5:1f:
         f4:a2:39:98:cd:a4:00:ae:00:72:f1:85:c0:c8:1f:29:4f:26:
         7a:0c:60:57:1f:c4:8e:31:97:ed:ce:90:44:be:5a:6b:41:41:
         d2:b4:9d:e6:6b:3a:2c:d0:a5:da:3f:86:ff:51:20:e8:6d:2b:
         f6:41:fa:39:79:bb:82:de:6d:61:f0:55:6b:64:66:52:9d:73:
         1f:4b:e9:44:d7:21:ac:a7:f2:ff:6e:94:09:28:fb:bc:86:8f:
         d2:7c:d3:c4:e4:de:d7:3e:be:40:f4:6e:97:ad:e9:6c:cf:66:
         53:e0:2f:36:49:83:a6:47:44:35:aa:df:02:23:26:9c:a2:83:
         f6:ab:db:f5:78:1e:cf:87:f9:6b:a2:a7:a7:cf:a4:ed:f4:59:
         7b:c7:1d:7d:f3:80:23:7d:6a:fd:22:43:f9:9c:f0:30:03:88:
         b1:0b:32:ea:dd:71:ef:36:48:de:77:92:5b:d9:76:24:68:20:
         ed:95:a8:e4:df:7c:d1:f8:f8:2f:f3:b5:8a:1a:fe:23:99:a3:
         a9:64:e7:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4XgS8sP7YAY2pTVbcvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOThmODM2MzI5ODI5N2ZiYWJhZWE2ODc3MjAyYjVjNDQw
ZTVhOTAwHhcNMjUxMTExMDcwMDQ0WhcNMjUxMTEyMDcwMDQ0WjAzMTEwLwYDVQQD
Eyg5ZTY5N2E3ZWZmNDMzMTljNDhjMGQ0MmY4MjI2OWM0ODVjODMxMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvi14uPEJ5XTOqqm87qTvD7Bqu8I
etuwj7lSJamR2MQx1mXxDEiXTsilRApgS8B7hGSFLMSrCKd81g/9zL3aCai9E2ya
u9VLawWfYEJ376khjFIE3Ukbyvg+sxKpy+zLpu1J1op83fhh24DG5vG5thHxhLb7
RdtBqHsKavm+BBNm85B3QRX4oMLkdG4JhzzMdJrozkwBPKiBkCZ4teGcf47jzwEq
E+JjhCj55ydL89rRgAHOZaYfxAy+faDsU7115ScDO58+TS6BU46PdadOINe5+w1p
k5mReIRODZ4D3DbgDhz0xyFyfdFIu5avns5TEP95zS2QBfqXYmXOk4vH2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5pen7/QzGcSMDUL4ImnEhcgxCrMB8GA1UdIwQY
MBaAFN6Y+DYymCl/urrqaHcgK1xEDlqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BqNE5qS1lLWC02dXVwb2R5QXJYRVFPV3BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82ODBlMjktN2Q4My00NTU4LWI0MTEt
ZTdmYmQ1MGUwMzQ5LzEvM3BqNE5qS1lLWC02dXVwb2R5QXJYRVFPV3BBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82ODBlMjktN2Q4My00NTU4LWI0MTEtZTdmYmQ1MGUwMzQ5
LzEvM3BqNE5qS1lLWC02dXVwb2R5QXJYRVFPV3BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtvCurJBZ
82Nbdi6x0U/bYQ2+C1lIadByMiAfftRub7XL//aR0Wd+WeY1hR43Z2JEIqaAyLUf
9KI5mM2kAK4AcvGFwMgfKU8megxgVx/EjjGX7c6QRL5aa0FB0rSd5ms6LNCl2j+G
/1Eg6G0r9kH6OXm7gt5tYfBVa2RmUp1zH0vpRNchrKfy/26UCSj7vIaP0nzTxOTe
1z6+QPRul63pbM9mU+AvNkmDpkdENarfAiMmnKKD9qvb9Xgez4f5a6Knp8+k7fRZ
e8cdffOAI31q/SJD+ZzwMAOIsQsy6t1x7zZI3neSW9l2JGgg7ZWo5N980fj4L/O1
ihr+I5mjqWTnWw==
-----END CERTIFICATE-----