Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          NVaYx/OcD9AI+2yQCDiWUxGretA7XAO2aX7zjTRoDRc=
Subject key identifier:   DC:F0:FB:3E:33:E3:40:97:85:70:90:8B:6B:47:D7:DA:39:43:08:AD
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       019A70DC36C435DF16CC612236F506E29DDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          03DD
Signing time:             Tue 11 Nov 2025 03:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:11 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: CN0RCswAk+CYUml008ilZkwAQ4RK8zj4BLdYnPT2l84=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:36:c4:35:df:16:cc:61:22:36:f5:06:e2:9d:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Nov 11 03:01:11 2025 GMT
            Not After : Nov 12 03:01:11 2025 GMT
        Subject: CN=dcf0fb3e33e340978570908b6b47d7da394308ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d1:d5:94:c7:57:75:dc:ef:1d:67:5c:cb:4b:
                    36:1f:7e:ce:71:1b:cc:ee:25:7d:1e:01:48:07:b8:
                    8c:fd:92:f9:a9:eb:3a:c4:5c:7b:3c:e3:99:3b:63:
                    71:e3:82:ee:07:16:75:24:a4:de:fd:ab:ff:db:0c:
                    84:26:28:ed:35:de:e0:40:79:12:7d:1c:39:0a:9d:
                    5b:79:2d:6c:7e:bd:69:4a:0f:f1:4d:b1:de:3b:0d:
                    69:15:79:19:4f:83:01:a6:91:4f:b3:be:03:db:cb:
                    c0:7c:f6:f0:5a:e4:2b:35:75:e5:a9:f0:89:04:ae:
                    5d:4a:fa:65:a3:85:9c:8b:ee:e4:9e:81:50:88:2c:
                    de:61:10:d6:09:b6:19:03:fb:2b:0b:39:d8:3f:7a:
                    29:88:a1:3b:0f:dc:a2:2b:3d:cb:fb:0c:79:d9:53:
                    fb:2a:c3:4b:57:1f:b9:e9:68:5b:7a:bd:73:f7:a3:
                    5d:ed:03:c0:97:af:94:f1:a9:4a:7d:e4:66:0e:9c:
                    8b:31:90:cc:ba:e7:f7:26:52:72:25:6c:56:c6:c3:
                    8b:8f:a3:7e:e8:52:09:59:f5:10:eb:16:24:60:59:
                    e0:79:f1:c4:db:ea:59:98:87:0a:67:cf:79:fb:4c:
                    29:45:af:d6:26:1d:25:ce:2b:78:7d:07:6f:d0:22:
                    aa:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:F0:FB:3E:33:E3:40:97:85:70:90:8B:6B:47:D7:DA:39:43:08:AD
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:b6:db:22:26:9a:6d:0b:b6:b9:33:61:b2:fc:40:f3:ae:ec:
         bb:c7:5d:2a:98:e6:eb:5d:06:0a:e2:19:bc:fa:69:a9:d3:ed:
         d9:0d:45:a0:0a:bf:79:6e:96:17:ea:16:7d:2a:2e:7c:e0:06:
         00:18:81:cd:13:bd:14:64:98:36:0c:45:7a:31:f3:6f:95:5b:
         35:25:ce:f2:af:fe:85:85:71:f7:f6:d4:f5:7c:bd:db:d2:63:
         82:2a:ea:0a:df:e8:e9:db:c3:ed:8e:22:0d:3b:1a:45:e3:93:
         f4:f6:0d:6b:f3:8a:95:d7:03:09:58:09:15:08:43:ad:a2:55:
         87:f2:b2:33:ed:97:d5:e3:30:1f:7d:ad:13:d1:b9:93:e5:a7:
         2f:e7:3d:82:6b:93:28:69:98:8f:1f:92:ab:5c:f8:34:ab:99:
         84:6e:69:fe:5d:84:f7:99:67:17:15:d6:38:4f:03:96:31:45:
         b1:c2:df:40:98:32:a3:10:cc:f3:46:9c:ad:a0:e6:53:6d:83:
         7a:b3:d1:0c:c8:cb:9f:3c:12:81:62:d7:f8:a2:a1:c7:98:1a:
         f4:fc:c2:b2:58:78:08:92:a5:31:9f:ca:9f:5e:25:79:e8:26:
         9c:2e:57:d7:ef:14:cd:30:f7:92:c0:66:33:ad:66:f6:08:d0:
         39:ba:89:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3DbENd8WzGEiNvUG4p3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjUxMTExMDMwMTExWhcNMjUxMTEyMDMwMTExWjAzMTEwLwYDVQQD
EyhkY2YwZmIzZTMzZTM0MDk3ODU3MDkwOGI2YjQ3ZDdkYTM5NDMwOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldHVlMdXddzvHWdcy0s2H37OcRvM
7iV9HgFIB7iM/ZL5qes6xFx7POOZO2Nx44LuBxZ1JKTe/av/2wyEJijtNd7gQHkS
fRw5Cp1beS1sfr1pSg/xTbHeOw1pFXkZT4MBppFPs74D28vAfPbwWuQrNXXlqfCJ
BK5dSvplo4Wci+7knoFQiCzeYRDWCbYZA/srCznYP3opiKE7D9yiKz3L+wx52VP7
KsNLVx+56Whber1z96Nd7QPAl6+U8alKfeRmDpyLMZDMuuf3JlJyJWxWxsOLj6N+
6FIJWfUQ6xYkYFngefHE2+pZmIcKZ895+0wpRa/WJh0lzit4fQdv0CKqBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzw+z4z40CXhXCQi2tH19o5QwitMB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAObbbIiaa
bQu2uTNhsvxA867su8ddKpjm610GCuIZvPppqdPt2Q1FoAq/eW6WF+oWfSoufOAG
ABiBzRO9FGSYNgxFejHzb5VbNSXO8q/+hYVx9/bU9Xy929JjgirqCt/o6dvD7Y4i
DTsaReOT9PYNa/OKldcDCVgJFQhDraJVh/KyM+2X1eMwH32tE9G5k+WnL+c9gmuT
KGmYjx+Sq1z4NKuZhG5p/l2E95lnFxXWOE8DljFFscLfQJgyoxDM80acraDmU22D
erPRDMjLnzwSgWLX+KKhx5ga9PzCslh4CJKlMZ/Kn14leegmnC5X1+8UzTD3ksBm
M61m9gjQObqJ6g==
-----END CERTIFICATE-----