Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          hY8J+G6r4TTgSkVn3pOjsHEUv5IVryBxyyrghN0EXkA=
Subject key identifier:   BB:E2:96:10:5B:D4:DF:DD:92:1E:4E:8A:FA:C5:86:B9:7B:76:37:81
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       019A71B83F3DF85623412C5914FC5473FC50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          09EB
Signing time:             Tue 11 Nov 2025 07:01:31 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:31 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:31 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: r2fudnFv3UmHy2w2SwYh5r6sI2eGSc4jdzfvnhqdDy4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:3f:3d:f8:56:23:41:2c:59:14:fc:54:73:fc:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Nov 11 07:01:31 2025 GMT
            Not After : Nov 12 07:01:31 2025 GMT
        Subject: CN=bbe296105bd4dfdd921e4e8afac586b97b763781
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:74:67:26:36:1a:ac:b6:c2:08:9c:65:3a:53:
                    a8:97:d9:85:20:35:de:f2:8a:bf:21:d8:6a:7d:bb:
                    83:13:02:34:f6:55:84:7b:55:31:a3:29:68:91:35:
                    a4:81:db:0a:d6:94:57:42:78:a0:41:4d:46:5a:41:
                    3f:b7:99:ab:07:b9:ae:ec:50:2e:c4:9a:6a:35:37:
                    e2:17:6d:7f:84:d2:9d:b8:6a:da:ed:ac:11:9a:d4:
                    00:63:28:62:ce:5d:c0:ed:63:c0:47:4d:09:44:e7:
                    e3:02:98:fd:ec:a0:2a:c6:5d:27:68:b9:b9:06:91:
                    27:77:9b:e8:09:6a:74:4d:f9:ff:cf:e3:f4:52:b7:
                    61:18:18:9d:cd:d6:50:a0:ba:cd:ef:33:b1:ef:d6:
                    6a:1a:8b:be:7b:ee:02:e9:24:5d:ec:24:77:9e:ad:
                    85:63:ee:12:51:60:ef:31:64:e2:0d:1a:32:37:e1:
                    e9:d9:08:69:d3:fb:08:07:0d:3e:66:2d:6c:7a:f0:
                    bf:03:ea:0e:99:52:3b:e8:1d:1f:ad:75:91:f4:33:
                    e3:a8:5a:90:c7:a4:25:49:18:47:ef:7d:c1:2c:49:
                    b7:74:d8:3e:6d:d0:98:9f:62:04:ce:0c:4b:1e:ab:
                    5d:33:0e:d6:11:1f:69:62:6a:51:a5:21:b9:d7:5a:
                    1f:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:E2:96:10:5B:D4:DF:DD:92:1E:4E:8A:FA:C5:86:B9:7B:76:37:81
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:89:b0:e6:aa:7b:a0:27:49:97:88:ef:d3:61:36:f7:ab:fe:
         85:ac:5d:ec:07:db:44:9d:ac:08:b9:d5:5b:3d:3d:de:0a:77:
         fb:07:f6:29:15:21:ed:7e:fb:e8:6e:6c:12:59:82:b3:97:98:
         db:1b:9f:4a:78:5f:23:0f:14:df:92:ee:d9:e5:c5:01:ed:2b:
         1b:02:e8:7a:76:64:50:70:f4:24:2d:a2:75:56:de:79:65:2d:
         e4:2e:db:c2:69:e1:99:c0:f4:ec:d3:66:c5:6b:8f:c8:7d:0d:
         63:31:44:97:e7:ae:89:04:85:04:78:83:50:56:55:b6:a6:0e:
         8f:75:12:50:e2:76:90:b7:4f:31:b6:72:d2:a8:11:fb:4c:31:
         8a:20:a0:bb:e4:c5:20:63:b3:70:74:84:06:ab:3c:fb:e9:23:
         34:06:ef:9c:87:fe:01:77:b9:ef:de:49:8a:65:8e:49:18:ff:
         26:d0:af:62:f9:1e:71:20:86:8c:d5:5e:0a:5d:88:ef:7e:5f:
         83:1c:aa:90:e5:33:f5:b2:cc:d1:d6:81:51:bd:c2:4b:3c:39:
         3c:c0:75:c1:91:42:0e:6f:4f:59:86:b7:f8:f6:08:f0:4e:72:
         44:d4:73:bf:81:63:80:f8:64:e0:ef:d0:b5:63:f9:75:49:af:
         07:73:22:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuD89+FYjQSxZFPxUc/xQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjUxMTExMDcwMTMxWhcNMjUxMTEyMDcwMTMxWjAzMTEwLwYDVQQD
EyhiYmUyOTYxMDViZDRkZmRkOTIxZTRlOGFmYWM1ODZiOTdiNzYzNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXRnJjYarLbCCJxlOlOol9mFIDXe
8oq/IdhqfbuDEwI09lWEe1UxoylokTWkgdsK1pRXQnigQU1GWkE/t5mrB7mu7FAu
xJpqNTfiF21/hNKduGra7awRmtQAYyhizl3A7WPAR00JROfjApj97KAqxl0naLm5
BpEnd5voCWp0Tfn/z+P0UrdhGBidzdZQoLrN7zOx79ZqGou+e+4C6SRd7CR3nq2F
Y+4SUWDvMWTiDRoyN+Hp2Qhp0/sIBw0+Zi1sevC/A+oOmVI76B0frXWR9DPjqFqQ
x6QlSRhH733BLEm3dNg+bdCYn2IEzgxLHqtdMw7WER9pYmpRpSG511ofgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvilhBb1N/dkh5OivrFhrl7djeBMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf4mw5qp7
oCdJl4jv02E296v+haxd7AfbRJ2sCLnVWz093gp3+wf2KRUh7X776G5sElmCs5eY
2xufSnhfIw8U35Lu2eXFAe0rGwLoenZkUHD0JC2idVbeeWUt5C7bwmnhmcD07NNm
xWuPyH0NYzFEl+euiQSFBHiDUFZVtqYOj3USUOJ2kLdPMbZy0qgR+0wxiiCgu+TF
IGOzcHSEBqs8++kjNAbvnIf+AXe5795JimWOSRj/JtCvYvkecSCGjNVeCl2I735f
gxyqkOUz9bLM0daBUb3CSzw5PMB1wZFCDm9PWYa3+PYI8E5yRNRzv4FjgPhk4O/Q
tWP5dUmvB3MikQ==
-----END CERTIFICATE-----