Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft
File:                     3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft (raw, json)
Hash identifier:          ZoZ+vBOolZqtEAvCxQ8an1vJ+4xKLA+IyRtk/AjDMZg=
Subject key identifier:   D3:66:72:77:33:B4:CD:DE:39:A8:DD:0E:71:FC:BA:5C:E2:CC:73:0A
Authority key identifier: DC:36:63:1C:A2:0E:C9:2D:19:5C:16:A8:D7:0A:63:F3:72:E5:9F:24
Certificate issuer:       /CN=dc36631ca20ec92d195c16a8d70a63f372e59f24
Certificate serial:       019A722634829C5D487400CBFD1177AE56D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DZjHKIOyS0ZXBao1wpj83LlnyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft
Manifest number:          0656
Signing time:             Tue 11 Nov 2025 09:01:37 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:37 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:37 +0000
Files and hashes:         1: 3DZjHKIOyS0ZXBao1wpj83LlnyQ.crl (hash: +HWNMgoZNutcHnkTimZHWATIGTqGxeHSewD3g2Uzoag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DZjHKIOyS0ZXBao1wpj83LlnyQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:34:82:9c:5d:48:74:00:cb:fd:11:77:ae:56:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc36631ca20ec92d195c16a8d70a63f372e59f24
        Validity
            Not Before: Nov 11 09:01:37 2025 GMT
            Not After : Nov 12 09:01:37 2025 GMT
        Subject: CN=d366727733b4cdde39a8dd0e71fcba5ce2cc730a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:0a:fe:7e:b1:be:eb:47:aa:40:e3:bf:08:d7:
                    c5:67:73:c7:8c:3d:01:83:73:b2:2f:99:04:d1:e8:
                    3f:1d:f6:7e:fc:39:53:19:3e:8e:86:cb:5b:e8:1d:
                    65:91:fb:3c:47:4a:2b:29:4e:a3:50:a3:9c:5e:c7:
                    d3:24:00:e3:48:66:e8:08:39:27:63:85:24:0d:e3:
                    d9:96:d4:07:af:dc:59:24:37:b2:fa:20:eb:62:d6:
                    74:56:99:7b:db:2f:20:d7:81:50:8d:34:55:19:d3:
                    00:e5:ea:af:a9:cb:d1:80:35:a4:37:f0:32:8a:12:
                    5f:15:4e:75:ed:c9:32:b9:4e:8c:e3:28:ce:18:51:
                    37:b0:56:ae:26:75:a3:80:18:53:38:23:93:28:0d:
                    71:9b:9c:14:a4:1d:71:35:9e:35:55:2f:55:91:9a:
                    54:8c:90:76:83:7c:a6:df:fa:4d:43:c7:bc:fc:8b:
                    0e:ca:32:ca:ea:c5:3b:3e:91:0a:01:93:4a:f4:e2:
                    65:10:f9:11:fa:98:f8:91:05:81:8c:1e:df:c7:1f:
                    14:78:29:3e:af:69:81:20:fd:31:73:f0:7a:83:ba:
                    77:3e:cf:25:36:77:ab:a6:48:d2:05:9a:58:5e:c8:
                    e1:75:29:0c:f0:8f:e1:91:5f:90:c5:b3:d8:c4:12:
                    0d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:66:72:77:33:B4:CD:DE:39:A8:DD:0E:71:FC:BA:5C:E2:CC:73:0A
            X509v3 Authority Key Identifier:
                keyid:DC:36:63:1C:A2:0E:C9:2D:19:5C:16:A8:D7:0A:63:F3:72:E5:9F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DZjHKIOyS0ZXBao1wpj83LlnyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/4ac162-e16e-406e-b985-5ef56f86ab83/1/3DZjHKIOyS0ZXBao1wpj83LlnyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:e1:c6:38:c0:eb:84:eb:6e:c4:c0:36:15:d6:0b:07:9e:24:
         4f:1f:33:9e:8b:a9:88:c7:8f:85:6c:2a:2c:85:7d:ab:05:99:
         97:aa:08:76:ab:a3:cf:30:c5:44:44:b5:38:86:b8:f9:13:33:
         3a:fa:fd:a2:ca:fa:01:f0:fd:52:31:ae:36:e2:25:4c:38:4e:
         bb:f8:a1:c8:f8:07:bf:9d:95:33:3d:cf:61:1b:7a:6c:18:47:
         51:a4:75:d1:d0:3d:fa:71:41:b2:33:23:65:45:bd:aa:53:01:
         c8:37:55:4a:30:40:9e:63:66:ed:41:40:5b:0a:43:c0:ce:ae:
         db:38:18:c1:0d:da:88:7d:23:f1:9c:2f:44:db:6e:d5:58:aa:
         fc:2d:6f:2f:2c:97:2a:e3:a8:ff:84:e8:1b:d3:0b:fe:12:06:
         d3:66:21:fe:b9:87:fa:86:e3:19:27:6e:63:f3:15:df:7c:50:
         f4:eb:60:40:ee:54:56:a8:73:03:f4:ef:91:cd:c2:49:52:3d:
         4b:38:8e:5c:f3:ce:f8:37:4b:a1:ee:0c:d2:d9:86:9a:01:29:
         17:ef:bc:a4:eb:94:74:5e:80:ed:b1:cd:fc:51:dd:fd:31:dc:
         36:6a:dc:1b:62:ed:00:d4:c9:ec:9e:e0:d6:cb:bb:9d:06:30:
         cb:08:f3:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJjSCnF1IdADL/RF3rlbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzY2MzFjYTIwZWM5MmQxOTVjMTZhOGQ3MGE2M2YzNzJl
NTlmMjQwHhcNMjUxMTExMDkwMTM3WhcNMjUxMTEyMDkwMTM3WjAzMTEwLwYDVQQD
EyhkMzY2NzI3NzMzYjRjZGRlMzlhOGRkMGU3MWZjYmE1Y2UyY2M3MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogr+frG+60eqQOO/CNfFZ3PHjD0B
g3OyL5kE0eg/HfZ+/DlTGT6Ohstb6B1lkfs8R0orKU6jUKOcXsfTJADjSGboCDkn
Y4UkDePZltQHr9xZJDey+iDrYtZ0Vpl72y8g14FQjTRVGdMA5eqvqcvRgDWkN/Ay
ihJfFU517ckyuU6M4yjOGFE3sFauJnWjgBhTOCOTKA1xm5wUpB1xNZ41VS9VkZpU
jJB2g3ym3/pNQ8e8/IsOyjLK6sU7PpEKAZNK9OJlEPkR+pj4kQWBjB7fxx8UeCk+
r2mBIP0xc/B6g7p3Ps8lNnerpkjSBZpYXsjhdSkM8I/hkV+QxbPYxBINbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNNmcncztM3eOajdDnH8ulzizHMKMB8GA1UdIwQY
MBaAFNw2YxyiDsktGVwWqNcKY/Ny5Z8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RaakhLSU95UzBaWEJhbzF3cGo4M0xsbnlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80YWMxNjItZTE2ZS00MDZlLWI5ODUt
NWVmNTZmODZhYjgzLzEvM0RaakhLSU95UzBaWEJhbzF3cGo4M0xsbnlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80YWMxNjItZTE2ZS00MDZlLWI5ODUtNWVmNTZmODZhYjgz
LzEvM0RaakhLSU95UzBaWEJhbzF3cGo4M0xsbnlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuOHGOMDr
hOtuxMA2FdYLB54kTx8znoupiMePhWwqLIV9qwWZl6oIdqujzzDFRES1OIa4+RMz
Ovr9osr6AfD9UjGuNuIlTDhOu/ihyPgHv52VMz3PYRt6bBhHUaR10dA9+nFBsjMj
ZUW9qlMByDdVSjBAnmNm7UFAWwpDwM6u2zgYwQ3aiH0j8ZwvRNtu1Viq/C1vLyyX
KuOo/4ToG9ML/hIG02Yh/rmH+objGSduY/MV33xQ9OtgQO5UVqhzA/Tvkc3CSVI9
SziOXPPO+DdLoe4M0tmGmgEpF++8pOuUdF6A7bHN/FHd/THcNmrcG2LtANTJ7J7g
1su7nQYwywjzRg==
-----END CERTIFICATE-----