Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          DV71dVb/wll41X+gFMDwrshY4C2arAelGZyJkDgVKBg=
Subject key identifier:   7C:73:01:B7:64:C3:9F:73:7A:ED:2C:4D:65:EE:2E:89:49:BE:48:5C
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       019A725C3A5218358841609A702018DBA9B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0AF1
Signing time:             Tue 11 Nov 2025 10:00:38 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:38 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:38 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: ND8YpzPVCWH8f3zVGAolzYa8aXW9/GkeRysDK3lTL7w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:3a:52:18:35:88:41:60:9a:70:20:18:db:a9:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Nov 11 10:00:38 2025 GMT
            Not After : Nov 12 10:00:38 2025 GMT
        Subject: CN=7c7301b764c39f737aed2c4d65ee2e8949be485c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d8:4b:43:1b:fd:f3:38:9c:7e:55:5c:6f:8c:
                    ee:ff:69:91:bc:10:7a:87:e6:ec:33:7a:85:4c:7e:
                    54:11:61:90:04:a2:6c:27:f0:a4:b9:e5:d9:2d:55:
                    eb:7a:e8:b2:98:31:61:55:e6:83:e8:3c:e2:bc:44:
                    a1:dc:cb:2e:a2:a1:01:bb:40:cd:e2:d3:80:49:40:
                    b1:23:73:57:c1:75:49:38:e9:4c:ec:71:5e:7e:91:
                    44:7b:7c:96:35:02:14:33:a9:91:f0:de:a8:28:ec:
                    f4:c1:71:a2:10:71:35:6a:f0:87:97:61:39:94:30:
                    52:14:8c:08:94:01:9f:e9:52:10:25:1e:23:8c:dd:
                    3b:5e:73:ea:7f:bc:6f:9b:f0:07:8c:7b:97:b8:83:
                    3a:ef:d1:ba:d0:61:c6:f7:78:e4:5a:e1:d8:86:f9:
                    f5:3e:a2:97:9b:8a:09:07:df:8d:c9:39:d1:9e:b3:
                    87:ce:ee:63:c3:29:41:f9:7f:db:f4:0c:48:03:c9:
                    99:97:30:a9:c1:48:69:f1:69:7e:3b:97:2e:e2:a0:
                    84:d7:95:04:9c:0a:a5:8a:4b:cb:30:52:93:01:af:
                    81:44:71:6f:a8:59:9e:a0:d5:06:1d:05:01:07:07:
                    05:4c:ec:a6:8f:59:ea:07:bf:5d:27:32:ed:9c:4f:
                    2a:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:73:01:B7:64:C3:9F:73:7A:ED:2C:4D:65:EE:2E:89:49:BE:48:5C
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:88:59:f5:ef:77:34:f9:64:1d:23:58:42:5c:6b:ca:e7:fb:
         03:1c:72:1d:c6:5d:2d:ae:5a:89:22:f0:64:4f:23:5f:00:ef:
         f4:14:46:d3:63:b4:88:09:2e:86:63:10:3c:ae:10:45:31:5b:
         00:37:7b:10:1e:76:ef:74:fc:30:1e:54:8f:d7:27:74:04:73:
         bf:37:e0:74:de:a0:08:86:71:9e:92:8e:81:d8:c5:d4:ac:a4:
         58:2d:b6:7c:e2:25:ce:df:9d:62:cf:36:74:57:b9:07:53:49:
         72:9e:b7:c9:32:d1:c8:d3:25:14:ef:d8:4b:a7:c5:0d:14:33:
         07:a4:c6:d6:26:ef:8d:9b:13:f7:20:cd:6e:ed:ef:92:cb:05:
         d0:f4:ab:e2:ba:34:33:8d:52:16:9d:2a:56:c2:5a:4d:ef:e0:
         63:2f:2c:9b:0f:b2:54:27:c9:07:6f:67:fd:58:f8:d4:1b:7a:
         c5:3e:25:86:a7:a1:db:10:3b:a1:77:82:10:26:ec:3e:dd:9e:
         0d:ff:84:b8:77:61:b5:fb:93:90:bd:b3:45:dc:ac:bb:ab:6b:
         56:42:ba:c0:80:3d:ba:a1:32:08:91:8a:31:bf:f4:9c:b1:2c:
         23:0c:9b:73:12:2f:c0:35:9a:b5:66:a1:fe:92:4f:da:a3:dd:
         aa:22:a0:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXDpSGDWIQWCacCAY26mzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjUxMTExMTAwMDM4WhcNMjUxMTEyMTAwMDM4WjAzMTEwLwYDVQQD
Eyg3YzczMDFiNzY0YzM5ZjczN2FlZDJjNGQ2NWVlMmU4OTQ5YmU0ODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9hLQxv98zicflVcb4zu/2mRvBB6
h+bsM3qFTH5UEWGQBKJsJ/CkueXZLVXreuiymDFhVeaD6DzivESh3MsuoqEBu0DN
4tOASUCxI3NXwXVJOOlM7HFefpFEe3yWNQIUM6mR8N6oKOz0wXGiEHE1avCHl2E5
lDBSFIwIlAGf6VIQJR4jjN07XnPqf7xvm/AHjHuXuIM679G60GHG93jkWuHYhvn1
PqKXm4oJB9+NyTnRnrOHzu5jwylB+X/b9AxIA8mZlzCpwUhp8Wl+O5cu4qCE15UE
nAqlikvLMFKTAa+BRHFvqFmeoNUGHQUBBwcFTOymj1nqB79dJzLtnE8q3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxzAbdkw59zeu0sTWXuLolJvkhcMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhIhZ9e93
NPlkHSNYQlxryuf7AxxyHcZdLa5aiSLwZE8jXwDv9BRG02O0iAkuhmMQPK4QRTFb
ADd7EB5273T8MB5Uj9cndARzvzfgdN6gCIZxnpKOgdjF1KykWC22fOIlzt+dYs82
dFe5B1NJcp63yTLRyNMlFO/YS6fFDRQzB6TG1ibvjZsT9yDNbu3vkssF0PSr4ro0
M41SFp0qVsJaTe/gYy8smw+yVCfJB29n/Vj41Bt6xT4lhqeh2xA7oXeCECbsPt2e
Df+EuHdhtfuTkL2zRdysu6trVkK6wIA9uqEyCJGKMb/0nLEsIwybcxIvwDWatWah
/pJP2qPdqiKg6g==
-----END CERTIFICATE-----