Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
File:                     ET9u8WzirCilmQYD0folvUl1lN0.mft (raw, json)
Hash identifier:          wpf8cWjye3PvsXCpmNPOs4ycI9jpCWEXXmWcE35Gd9s=
Subject key identifier:   39:81:AA:A3:7C:23:C3:60:14:2F:58:47:BC:A0:35:DE:45:0C:79:21
Authority key identifier: 11:3F:6E:F1:6C:E2:AC:28:A5:99:06:03:D1:FA:25:BD:49:75:94:DD
Certificate issuer:       /CN=113f6ef16ce2ac28a5990603d1fa25bd497594dd
Certificate serial:       019A7293494D8A7DAA37E00AB318C5F0AB49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
Manifest number:          05D3
Signing time:             Tue 11 Nov 2025 11:00:46 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:46 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:46 +0000
Files and hashes:         1: ET9u8WzirCilmQYD0folvUl1lN0.crl (hash: BvHML/BNM0sSZbrUSHXuXugWVQ8Qh1BXdk9OBnpXDLM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:49:4d:8a:7d:aa:37:e0:0a:b3:18:c5:f0:ab:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=113f6ef16ce2ac28a5990603d1fa25bd497594dd
        Validity
            Not Before: Nov 11 11:00:46 2025 GMT
            Not After : Nov 12 11:00:46 2025 GMT
        Subject: CN=3981aaa37c23c360142f5847bca035de450c7921
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:35:f7:35:12:21:09:a4:9a:57:d9:17:cb:5a:
                    48:97:4a:e6:d5:60:c0:d5:d4:de:8f:4c:cb:e5:e9:
                    7b:30:32:e3:74:0b:5f:48:cb:ae:75:25:92:8b:9e:
                    68:95:92:7e:70:f5:d7:77:43:bc:ba:b5:5f:cc:e6:
                    f5:b0:56:79:eb:ca:f7:2a:f5:d0:d6:ca:ec:ba:56:
                    4d:40:8c:de:45:e6:d6:a8:07:76:eb:9e:37:f7:f6:
                    66:9a:fd:b7:bd:a6:35:79:87:e9:1e:08:b5:05:b0:
                    72:2c:99:08:ea:43:9c:e9:5f:ab:18:83:e0:34:ee:
                    53:5c:e3:cb:11:ed:cf:19:67:e1:f2:a1:8e:b0:d7:
                    36:4d:09:93:13:ca:94:0e:c9:4d:47:fb:d0:e2:6e:
                    30:d6:3c:30:1e:a0:d3:cd:97:49:3f:9c:4b:b9:e2:
                    5f:25:86:e7:4f:a3:e6:3e:95:4d:25:a5:03:b6:76:
                    e8:8d:1b:59:c6:16:27:c0:1e:41:e8:76:88:a4:3f:
                    88:59:4c:ff:9d:2f:35:25:69:50:3c:e5:47:72:2c:
                    ed:e3:19:0b:c5:25:c5:13:72:0b:81:89:9e:54:de:
                    b8:2b:e9:bf:c7:b2:1c:ab:39:1a:bc:67:76:ac:8e:
                    57:36:39:9e:1a:89:0f:06:24:79:89:9a:7c:d5:e0:
                    d0:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:81:AA:A3:7C:23:C3:60:14:2F:58:47:BC:A0:35:DE:45:0C:79:21
            X509v3 Authority Key Identifier:
                keyid:11:3F:6E:F1:6C:E2:AC:28:A5:99:06:03:D1:FA:25:BD:49:75:94:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:c3:13:89:a8:31:d9:a1:84:75:1b:c8:a5:3d:f2:30:c7:d5:
         3a:56:c3:57:9a:2d:b6:16:ad:e4:4f:4b:0e:b1:a4:4a:69:45:
         4c:12:71:54:78:30:43:bc:f8:6c:09:90:17:e9:c2:31:1e:c0:
         dd:81:bd:88:4a:ca:e0:2a:9b:10:f9:09:fc:0e:93:27:9d:f0:
         fb:c5:ba:e2:da:7e:d8:8a:8a:b3:b5:6c:39:27:9c:12:96:13:
         a8:c3:47:34:7e:ab:87:b6:b4:66:a9:56:2e:2e:47:92:d2:37:
         b9:42:4d:0d:99:41:d7:51:16:58:13:f1:30:32:a4:26:f4:40:
         c7:0d:59:b9:60:42:c0:88:4a:0b:48:b7:10:f9:89:c1:77:ad:
         a3:31:27:64:df:9d:b6:0e:db:3e:ac:6c:26:14:77:d4:5d:bf:
         d1:b5:0b:d8:29:9d:a9:27:f5:c0:50:17:fc:80:98:b8:7d:98:
         3e:bc:35:f4:69:2b:a3:d6:2f:42:db:24:5f:29:7f:cb:59:5a:
         25:49:f8:96:7a:6f:03:0d:8b:93:1c:90:b4:e6:d5:a3:93:0c:
         50:b3:ca:fa:2e:60:41:38:79:87:ca:68:3f:0b:c3:85:cc:53:
         21:18:21:25:2e:f0:a5:63:ed:79:23:7a:b5:23:58:d5:36:bc:
         ce:32:3d:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk0lNin2qN+AKsxjF8KtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExM2Y2ZWYxNmNlMmFjMjhhNTk5MDYwM2QxZmEyNWJkNDk3
NTk0ZGQwHhcNMjUxMTExMTEwMDQ2WhcNMjUxMTEyMTEwMDQ2WjAzMTEwLwYDVQQD
EygzOTgxYWFhMzdjMjNjMzYwMTQyZjU4NDdiY2EwMzVkZTQ1MGM3OTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzX3NRIhCaSaV9kXy1pIl0rm1WDA
1dTej0zL5el7MDLjdAtfSMuudSWSi55olZJ+cPXXd0O8urVfzOb1sFZ568r3KvXQ
1srsulZNQIzeRebWqAd265439/Zmmv23vaY1eYfpHgi1BbByLJkI6kOc6V+rGIPg
NO5TXOPLEe3PGWfh8qGOsNc2TQmTE8qUDslNR/vQ4m4w1jwwHqDTzZdJP5xLueJf
JYbnT6PmPpVNJaUDtnbojRtZxhYnwB5B6HaIpD+IWUz/nS81JWlQPOVHcizt4xkL
xSXFE3ILgYmeVN64K+m/x7IcqzkavGd2rI5XNjmeGokPBiR5iZp81eDQ4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmBqqN8I8NgFC9YR7ygNd5FDHkhMB8GA1UdIwQY
MBaAFBE/bvFs4qwopZkGA9H6Jb1JdZTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zYjU4NzctYWE2NS00OWZjLTg1OWQt
OTA1ZGJhYjhiZDU3LzEvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zYjU4NzctYWE2NS00OWZjLTg1OWQtOTA1ZGJhYjhiZDU3
LzEvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKMMTiagx
2aGEdRvIpT3yMMfVOlbDV5otthat5E9LDrGkSmlFTBJxVHgwQ7z4bAmQF+nCMR7A
3YG9iErK4CqbEPkJ/A6TJ53w+8W64tp+2IqKs7VsOSecEpYTqMNHNH6rh7a0ZqlW
Li5HktI3uUJNDZlB11EWWBPxMDKkJvRAxw1ZuWBCwIhKC0i3EPmJwXetozEnZN+d
tg7bPqxsJhR31F2/0bUL2CmdqSf1wFAX/ICYuH2YPrw19Gkro9YvQtskXyl/y1la
JUn4lnpvAw2LkxyQtObVo5MMULPK+i5gQTh5h8poPwvDhcxTIRghJS7wpWPteSN6
tSNY1Ta8zjI9SA==
-----END CERTIFICATE-----