Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
File:                     DTr3NGYY2GMOAUanZREkQ-DCyP8.mft (raw, json)
Hash identifier:          p73ONVBW0CPr/MkkgIx0gA5kBhzzoomFyv2TpSYP1M0=
Subject key identifier:   F3:BB:75:F2:E2:BA:44:B8:44:51:6A:EB:04:77:27:7F:C7:BC:E4:ED
Authority key identifier: 0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF
Certificate issuer:       /CN=0d3af7346618d8630e0146a765112443e0c2c8ff
Certificate serial:       019A71B8A7C079ACFD33597528569995BE80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
Manifest number:          07B2
Signing time:             Tue 11 Nov 2025 07:01:58 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:58 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:58 +0000
Files and hashes:         1: DTr3NGYY2GMOAUanZREkQ-DCyP8.crl (hash: XzbiMYtuwsyE6087HokSiffVkDKcW4F+H7Y7qJwuFdo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a7:c0:79:ac:fd:33:59:75:28:56:99:95:be:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3af7346618d8630e0146a765112443e0c2c8ff
        Validity
            Not Before: Nov 11 07:01:58 2025 GMT
            Not After : Nov 12 07:01:58 2025 GMT
        Subject: CN=f3bb75f2e2ba44b844516aeb0477277fc7bce4ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c1:4c:0d:1c:d8:bb:8b:02:95:d2:78:85:e0:
                    81:79:5f:eb:21:99:c7:3b:99:db:38:ea:e8:f2:0e:
                    79:65:36:35:af:4f:08:73:23:02:1f:91:e8:9f:9c:
                    cd:85:1c:6f:fc:93:75:d5:18:cf:66:1a:45:15:1d:
                    0e:56:84:96:c5:eb:a1:64:1b:bd:45:d8:d1:17:14:
                    35:83:82:a6:13:68:03:cd:5a:fa:ce:3d:82:5c:8b:
                    b0:3a:61:94:e2:7a:eb:58:10:07:69:40:ba:ec:0e:
                    29:13:03:2a:e0:7f:d0:d4:36:6c:ee:a0:01:40:3a:
                    48:ea:40:c8:18:0e:cc:b3:94:97:b7:62:d6:9c:6a:
                    24:f4:78:d0:42:c7:54:23:3e:2a:ce:2c:dd:73:92:
                    a7:a6:3e:73:3b:29:ae:9f:6c:01:1f:28:cd:28:a9:
                    9b:27:c4:0c:63:18:13:5b:0d:c4:1e:d5:1d:02:64:
                    1e:22:04:fc:6d:91:cf:3b:d0:e4:b1:fa:45:fa:d5:
                    02:d8:da:1c:52:2b:1d:ef:fc:3e:0a:89:9a:dc:53:
                    c2:0a:7b:46:98:73:74:8e:4f:9a:dd:9c:00:5d:a1:
                    9f:ae:20:62:23:cf:95:14:13:71:b7:39:5c:5a:11:
                    72:2b:09:dd:1e:48:7b:40:27:57:a6:89:14:4f:7d:
                    15:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:BB:75:F2:E2:BA:44:B8:44:51:6A:EB:04:77:27:7F:C7:BC:E4:ED
            X509v3 Authority Key Identifier:
                keyid:0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:42:75:f9:ae:3d:f1:27:39:24:d5:37:82:80:09:12:bc:0e:
         94:64:db:ae:91:7f:19:c9:15:89:55:4f:3d:ce:8c:3d:78:64:
         9c:44:33:da:e9:0c:a8:41:01:98:1c:ed:56:4c:54:5e:33:b4:
         14:9e:c3:89:66:16:30:45:98:c2:de:32:b5:dd:7c:b5:4d:63:
         4d:60:73:65:48:3c:d9:a5:06:2e:d3:20:6d:8d:3e:ff:8a:28:
         98:0e:9d:2a:68:50:27:63:11:60:f9:6d:b4:c4:d3:04:8f:d0:
         47:08:3d:f7:14:dd:ec:0d:c8:58:38:f9:b8:e2:67:b8:cc:4f:
         4e:08:41:1b:a6:14:14:70:99:6d:70:0d:17:9e:b7:f4:e6:4f:
         db:cb:cf:f1:05:fe:18:80:13:9e:cf:5d:4a:32:fb:30:92:0b:
         e7:d7:77:10:36:a9:e3:72:54:21:f7:f0:05:07:bb:37:c8:97:
         8a:71:91:78:2e:4c:fc:27:3d:5c:85:f4:42:62:fe:47:fc:58:
         ed:8a:21:7e:fc:67:5e:66:64:cd:40:35:70:cc:3f:e4:26:9a:
         ce:1b:ea:b1:61:96:a9:88:c3:77:95:f5:94:62:c7:0e:73:a0:
         90:69:50:d4:fb:d8:5c:15:f6:54:15:14:09:25:be:b8:cf:b8:
         1e:a9:72:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKfAeaz9M1l1KFaZlb6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2FmNzM0NjYxOGQ4NjMwZTAxNDZhNzY1MTEyNDQzZTBj
MmM4ZmYwHhcNMjUxMTExMDcwMTU4WhcNMjUxMTEyMDcwMTU4WjAzMTEwLwYDVQQD
EyhmM2JiNzVmMmUyYmE0NGI4NDQ1MTZhZWIwNDc3Mjc3ZmM3YmNlNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcFMDRzYu4sCldJ4heCBeV/rIZnH
O5nbOOro8g55ZTY1r08IcyMCH5Hon5zNhRxv/JN11RjPZhpFFR0OVoSWxeuhZBu9
RdjRFxQ1g4KmE2gDzVr6zj2CXIuwOmGU4nrrWBAHaUC67A4pEwMq4H/Q1DZs7qAB
QDpI6kDIGA7Ms5SXt2LWnGok9HjQQsdUIz4qzizdc5Knpj5zOymun2wBHyjNKKmb
J8QMYxgTWw3EHtUdAmQeIgT8bZHPO9DksfpF+tUC2NocUisd7/w+Coma3FPCCntG
mHN0jk+a3ZwAXaGfriBiI8+VFBNxtzlcWhFyKwndHkh7QCdXpokUT30VbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPO7dfLiukS4RFFq6wR3J3/HvOTtMB8GA1UdIwQY
MBaAFA069zRmGNhjDgFGp2URJEPgwsj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2Et
ZjNiOWIwYjhkZDcwLzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2EtZjNiOWIwYjhkZDcw
LzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAekJ1+a49
8Sc5JNU3goAJErwOlGTbrpF/GckViVVPPc6MPXhknEQz2ukMqEEBmBztVkxUXjO0
FJ7DiWYWMEWYwt4ytd18tU1jTWBzZUg82aUGLtMgbY0+/4oomA6dKmhQJ2MRYPlt
tMTTBI/QRwg99xTd7A3IWDj5uOJnuMxPTghBG6YUFHCZbXANF5639OZP28vP8QX+
GIATns9dSjL7MJIL59d3EDap43JUIffwBQe7N8iXinGReC5M/Cc9XIX0QmL+R/xY
7YohfvxnXmZkzUA1cMw/5CaazhvqsWGWqYjDd5X1lGLHDnOgkGlQ1PvYXBX2VBUU
CSW+uM+4HqlyEw==
-----END CERTIFICATE-----