Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.mft
File:                     pD4rn7yLR3LPgAB0jEfdQ3s8WY8.mft (raw, json)
Hash identifier:          toila8sy1nx35O+40tef6DnRJnD3hX/RYf+qnB+LUU0=
Subject key identifier:   B3:18:4C:37:2C:B8:56:0B:42:45:01:38:51:F6:F2:EC:BA:9F:9D:A5
Authority key identifier: A4:3E:2B:9F:BC:8B:47:72:CF:80:00:74:8C:47:DD:43:7B:3C:59:8F
Certificate issuer:       /CN=a43e2b9fbc8b4772cf8000748c47dd437b3c598f
Certificate serial:       019A725C3EAD2773BF210E6B072E400C9867
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.mft
Manifest number:          0377
Signing time:             Tue 11 Nov 2025 10:00:39 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:39 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:39 +0000
Files and hashes:         1: pD4rn7yLR3LPgAB0jEfdQ3s8WY8.crl (hash: 0g1JDYT92cco05J0wg101rGFpDDgaRrxYFv4CHp1dYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:3e:ad:27:73:bf:21:0e:6b:07:2e:40:0c:98:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a43e2b9fbc8b4772cf8000748c47dd437b3c598f
        Validity
            Not Before: Nov 11 10:00:39 2025 GMT
            Not After : Nov 12 10:00:39 2025 GMT
        Subject: CN=b3184c372cb8560b4245013851f6f2ecba9f9da5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d5:ef:72:8a:0a:ad:fd:95:01:fa:0c:72:15:
                    93:ed:30:16:80:28:9d:95:6b:a1:4e:29:f0:55:9d:
                    da:b3:fe:70:e3:5b:44:c3:cc:28:14:aa:74:7a:ad:
                    9f:c8:e4:86:ea:19:f7:ec:93:31:ee:ca:29:c6:7f:
                    65:70:99:51:38:0b:dd:06:4d:20:fa:87:ac:61:50:
                    14:34:ac:2c:12:1d:5c:5c:30:a1:f4:05:5d:fc:48:
                    a2:b7:5a:e3:df:a4:fb:bf:31:3d:0c:ce:53:ef:7f:
                    7f:67:cc:af:80:4e:92:e5:d5:0c:47:7c:cf:cb:30:
                    bb:0b:c3:8c:a3:9b:4a:e5:21:82:dc:6f:ef:a8:d4:
                    73:1d:df:3a:4f:8e:0a:e1:6e:ab:5b:6e:70:33:08:
                    4f:af:8e:2f:25:15:b0:52:e6:df:df:9c:dd:59:04:
                    8c:21:de:35:55:e6:ca:e6:44:ee:66:8f:58:bf:62:
                    9f:d9:74:89:d9:0d:af:77:77:72:e8:cd:55:90:87:
                    0a:20:50:9e:21:d6:8b:e4:c1:5f:c4:7a:98:7b:90:
                    b7:f2:5c:24:ee:90:c1:c3:31:06:33:94:4f:d8:25:
                    1b:21:c7:1b:70:c9:d2:9d:42:af:a4:a2:39:55:cf:
                    14:e2:b9:b9:58:7f:bd:a6:df:7c:70:fe:d1:4e:9b:
                    29:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:18:4C:37:2C:B8:56:0B:42:45:01:38:51:F6:F2:EC:BA:9F:9D:A5
            X509v3 Authority Key Identifier:
                keyid:A4:3E:2B:9F:BC:8B:47:72:CF:80:00:74:8C:47:DD:43:7B:3C:59:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b8f9d9-4f25-4818-b33c-b001e5bad017/1/pD4rn7yLR3LPgAB0jEfdQ3s8WY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:27:16:58:49:ef:ae:19:92:c8:d1:91:4c:91:8c:41:a7:b8:
         7d:4f:92:39:92:2b:cc:dd:64:9b:ce:3e:4b:66:4a:ca:8b:22:
         4d:87:90:1c:fb:89:dd:01:02:6b:fe:54:5a:cd:66:83:7d:00:
         ec:4f:f9:06:61:54:ae:46:1a:77:a3:7b:da:61:00:d2:1c:99:
         ae:e4:9c:0e:0d:52:b6:3f:d6:e7:69:7f:0c:d8:51:45:18:56:
         18:0e:5b:8f:ca:9f:30:20:c9:21:14:d2:33:ba:18:74:4e:db:
         76:69:b4:65:da:fc:ee:9a:32:b9:3e:bf:8f:4a:f8:fa:22:f9:
         7a:e1:b8:51:7d:c7:95:e8:cb:d5:95:92:a9:d3:57:1c:13:4b:
         59:26:0a:ec:23:4e:24:0d:cf:f1:22:c3:b9:bd:96:28:11:ed:
         c3:fb:8e:e3:9b:62:fc:72:b7:0b:bf:08:f2:9f:ff:36:f2:84:
         22:14:40:94:10:5b:79:37:36:a2:47:04:02:6c:a4:56:17:d0:
         a2:fc:3c:82:d2:40:e6:8e:e0:c8:a7:05:67:d1:30:7b:72:ca:
         a0:7d:a0:c6:cc:0e:92:c5:9b:80:18:7d:54:fb:07:3f:ed:20:
         18:ed:ac:66:89:73:7f:66:7d:42:38:76:23:f9:e0:93:0f:86:
         ff:33:12:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXD6tJ3O/IQ5rBy5ADJhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0M2UyYjlmYmM4YjQ3NzJjZjgwMDA3NDhjNDdkZDQzN2Iz
YzU5OGYwHhcNMjUxMTExMTAwMDM5WhcNMjUxMTEyMTAwMDM5WjAzMTEwLwYDVQQD
EyhiMzE4NGMzNzJjYjg1NjBiNDI0NTAxMzg1MWY2ZjJlY2JhOWY5ZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtXvcooKrf2VAfoMchWT7TAWgCid
lWuhTinwVZ3as/5w41tEw8woFKp0eq2fyOSG6hn37JMx7sopxn9lcJlROAvdBk0g
+oesYVAUNKwsEh1cXDCh9AVd/Eiit1rj36T7vzE9DM5T739/Z8yvgE6S5dUMR3zP
yzC7C8OMo5tK5SGC3G/vqNRzHd86T44K4W6rW25wMwhPr44vJRWwUubf35zdWQSM
Id41VebK5kTuZo9Yv2Kf2XSJ2Q2vd3dy6M1VkIcKIFCeIdaL5MFfxHqYe5C38lwk
7pDBwzEGM5RP2CUbIccbcMnSnUKvpKI5Vc8U4rm5WH+9pt98cP7RTpsp3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMYTDcsuFYLQkUBOFH28uy6n52lMB8GA1UdIwQY
MBaAFKQ+K5+8i0dyz4AAdIxH3UN7PFmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEQ0cm43eUxSM0xQZ0FCMGpFZmRRM3M4V1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9iOGY5ZDktNGYyNS00ODE4LWIzM2Mt
YjAwMWU1YmFkMDE3LzEvcEQ0cm43eUxSM0xQZ0FCMGpFZmRRM3M4V1k4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9iOGY5ZDktNGYyNS00ODE4LWIzM2MtYjAwMWU1YmFkMDE3
LzEvcEQ0cm43eUxSM0xQZ0FCMGpFZmRRM3M4V1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOScWWEnv
rhmSyNGRTJGMQae4fU+SOZIrzN1km84+S2ZKyosiTYeQHPuJ3QECa/5UWs1mg30A
7E/5BmFUrkYad6N72mEA0hyZruScDg1Stj/W52l/DNhRRRhWGA5bj8qfMCDJIRTS
M7oYdE7bdmm0Zdr87poyuT6/j0r4+iL5euG4UX3HlejL1ZWSqdNXHBNLWSYK7CNO
JA3P8SLDub2WKBHtw/uO45ti/HK3C78I8p//NvKEIhRAlBBbeTc2okcEAmykVhfQ
ovw8gtJA5o7gyKcFZ9Ewe3LKoH2gxswOksWbgBh9VPsHP+0gGO2sZolzf2Z9Qjh2
I/ngkw+G/zMScA==
-----END CERTIFICATE-----