Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
File:                     3tRskpaCjJwCVTCqaEFgmt8FaaA.mft (raw, json)
Hash identifier:          Pyghm9K9EPBCj/izVreOt9ewM63sXuuFj3DcUnRMWws=
Subject key identifier:   5F:3C:D3:36:6C:31:BE:46:2E:7D:4C:32:40:72:9A:70:1E:36:BF:7F
Authority key identifier: DE:D4:6C:92:96:82:8C:9C:02:55:30:AA:68:41:60:9A:DF:05:69:A0
Certificate issuer:       /CN=ded46c9296828c9c025530aa6841609adf0569a0
Certificate serial:       019A70DBE7DBB156F62160A6ABCF072EB1F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
Manifest number:          0436
Signing time:             Tue 11 Nov 2025 03:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 03:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 03:00:51 +0000
Files and hashes:         1: 3tRskpaCjJwCVTCqaEFgmt8FaaA.crl (hash: w//KQ6snL3OYyfztw/x/hN+PN9+Gx4ECQs2bHh1aqvU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:db:e7:db:b1:56:f6:21:60:a6:ab:cf:07:2e:b1:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ded46c9296828c9c025530aa6841609adf0569a0
        Validity
            Not Before: Nov 11 03:00:51 2025 GMT
            Not After : Nov 12 03:00:51 2025 GMT
        Subject: CN=5f3cd3366c31be462e7d4c3240729a701e36bf7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d8:bb:3e:44:74:4d:a1:5e:8c:16:8e:12:ae:
                    7b:36:07:bd:3b:79:38:94:17:6b:79:db:e1:3a:06:
                    4e:ff:71:57:c7:ef:de:ea:64:59:4e:54:52:c8:b1:
                    cc:ac:52:0c:9f:fd:7b:f7:f1:3d:77:c9:6e:6e:9b:
                    1a:ce:09:6d:6e:4c:32:ed:da:5b:30:52:8d:6e:25:
                    f7:d9:53:64:4f:d6:21:36:f7:6e:b6:ac:77:14:eb:
                    ef:68:76:8b:fd:39:4e:16:f2:29:b7:79:aa:1e:1c:
                    6c:74:f3:33:29:d6:ea:cb:b6:ae:37:3a:c8:a2:51:
                    d8:d2:8f:a1:25:f5:10:75:84:64:76:49:e7:db:25:
                    b6:b0:54:22:0d:28:78:3e:b7:5e:e7:d7:e3:21:ee:
                    58:d9:73:93:55:cc:43:85:02:56:c5:18:a5:2d:36:
                    83:47:33:6b:6a:16:c0:ce:f5:08:6b:b7:74:d0:b0:
                    60:c5:77:da:87:15:79:92:44:aa:98:4d:de:94:2a:
                    34:a7:25:81:e5:e6:f5:66:8d:90:d7:85:3e:0c:f1:
                    e9:fd:56:a5:1b:95:17:fa:14:75:14:39:f0:94:0f:
                    54:59:cf:53:93:bd:d5:4c:3e:4b:bf:cc:80:0c:bd:
                    d2:49:2a:4b:e6:78:59:cc:b6:34:9f:a4:46:2c:a1:
                    05:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:3C:D3:36:6C:31:BE:46:2E:7D:4C:32:40:72:9A:70:1E:36:BF:7F
            X509v3 Authority Key Identifier:
                keyid:DE:D4:6C:92:96:82:8C:9C:02:55:30:AA:68:41:60:9A:DF:05:69:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tRskpaCjJwCVTCqaEFgmt8FaaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/936f93-0922-4f5d-8e3a-a0007bd5ace7/1/3tRskpaCjJwCVTCqaEFgmt8FaaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:eb:db:82:fa:ef:3a:83:c3:44:67:68:3b:8c:80:71:51:67:
         b5:c9:22:81:b5:30:b3:ed:4e:37:04:0e:be:fb:2d:19:36:41:
         67:e0:e3:c3:aa:03:2a:b6:d6:19:1b:56:c9:7d:b5:c7:7a:3c:
         3a:5a:b8:d9:63:97:4f:f5:e8:eb:63:51:17:d9:dc:6d:e0:d2:
         e6:72:05:41:c1:f4:41:d0:c0:25:64:8a:84:2e:4b:0e:1a:82:
         bf:5d:31:7a:f6:6a:b9:af:f7:18:75:df:36:c7:b0:78:28:c3:
         b2:80:4f:6c:46:ba:33:61:db:95:0f:7f:74:2f:eb:b5:02:5d:
         e2:ad:19:15:f1:e5:49:15:6b:f1:07:18:6a:2a:0a:d4:f3:3a:
         5c:0f:45:03:0a:9d:5e:b7:3c:16:13:97:63:a9:cc:82:7b:4e:
         87:60:d9:f7:11:e2:d6:4a:ba:62:d2:89:30:05:2f:04:a0:fd:
         02:54:55:80:0a:2e:93:3e:3d:1b:0c:a0:0d:2c:d0:f5:ec:0b:
         6c:12:2a:f0:75:aa:6a:43:64:43:93:8e:ee:86:61:1b:3e:8a:
         ef:43:06:75:ec:6b:ed:63:1b:47:80:ca:cd:c9:79:cf:d1:b2:
         cb:56:1c:86:81:37:df:12:65:b8:81:fa:81:7e:b8:04:df:cf:
         b0:fb:fd:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2+fbsVb2IWCmq88HLrH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDQ2YzkyOTY4MjhjOWMwMjU1MzBhYTY4NDE2MDlhZGYw
NTY5YTAwHhcNMjUxMTExMDMwMDUxWhcNMjUxMTEyMDMwMDUxWjAzMTEwLwYDVQQD
Eyg1ZjNjZDMzNjZjMzFiZTQ2MmU3ZDRjMzI0MDcyOWE3MDFlMzZiZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNi7PkR0TaFejBaOEq57Nge9O3k4
lBdredvhOgZO/3FXx+/e6mRZTlRSyLHMrFIMn/179/E9d8lubpsazgltbkwy7dpb
MFKNbiX32VNkT9YhNvdutqx3FOvvaHaL/TlOFvIpt3mqHhxsdPMzKdbqy7auNzrI
olHY0o+hJfUQdYRkdknn2yW2sFQiDSh4Prde59fjIe5Y2XOTVcxDhQJWxRilLTaD
RzNrahbAzvUIa7d00LBgxXfahxV5kkSqmE3elCo0pyWB5eb1Zo2Q14U+DPHp/Val
G5UX+hR1FDnwlA9UWc9Tk73VTD5Lv8yADL3SSSpL5nhZzLY0n6RGLKEFCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF880zZsMb5GLn1MMkBymnAeNr9/MB8GA1UdIwQY
MBaAFN7UbJKWgoycAlUwqmhBYJrfBWmgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85MzZmOTMtMDkyMi00ZjVkLThlM2Et
YTAwMDdiZDVhY2U3LzEvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85MzZmOTMtMDkyMi00ZjVkLThlM2EtYTAwMDdiZDVhY2U3
LzEvM3RSc2twYUNqSndDVlRDcWFFRmdtdDhGYWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWuvbgvrv
OoPDRGdoO4yAcVFntckigbUws+1ONwQOvvstGTZBZ+Djw6oDKrbWGRtWyX21x3o8
Olq42WOXT/Xo62NRF9ncbeDS5nIFQcH0QdDAJWSKhC5LDhqCv10xevZqua/3GHXf
NseweCjDsoBPbEa6M2HblQ9/dC/rtQJd4q0ZFfHlSRVr8QcYaioK1PM6XA9FAwqd
Xrc8FhOXY6nMgntOh2DZ9xHi1kq6YtKJMAUvBKD9AlRVgAoukz49GwygDSzQ9ewL
bBIq8HWqakNkQ5OO7oZhGz6K70MGdexr7WMbR4DKzcl5z9Gyy1YchoE33xJluIH6
gX64BN/PsPv9ww==
-----END CERTIFICATE-----