Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft
File:                     3mshhKwi402MRNprhFSbunH9VT0.mft (raw, json)
Hash identifier:          JQwweRCHphLqtdqqJ+2DWbMufhkhl1rWFuncYQX3h+g=
Subject key identifier:   42:52:83:E2:74:41:F9:25:11:C3:7C:B6:9B:4B:80:5D:E8:12:99:E0
Authority key identifier: DE:6B:21:84:AC:22:E3:4D:8C:44:DA:6B:84:54:9B:BA:71:FD:55:3D
Certificate issuer:       /CN=de6b2184ac22e34d8c44da6b84549bba71fd553d
Certificate serial:       019A7149B7C83D6566A0F691BAD1291496A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3mshhKwi402MRNprhFSbunH9VT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft
Manifest number:          49
Signing time:             Tue 11 Nov 2025 05:00:47 +0000
Manifest this update:     Tue 11 Nov 2025 05:00:47 +0000
Manifest next update:     Wed 12 Nov 2025 05:00:47 +0000
Files and hashes:         1: 3mshhKwi402MRNprhFSbunH9VT0.crl (hash: wVWCSXORJrVNdE4O0t9uctD23hmct+sKwY21Zl/b0sc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3mshhKwi402MRNprhFSbunH9VT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:b7:c8:3d:65:66:a0:f6:91:ba:d1:29:14:96:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de6b2184ac22e34d8c44da6b84549bba71fd553d
        Validity
            Not Before: Nov 11 05:00:47 2025 GMT
            Not After : Nov 12 05:00:47 2025 GMT
        Subject: CN=425283e27441f92511c37cb69b4b805de81299e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:b7:04:da:56:13:a2:48:ed:6b:fb:e3:fe:7d:
                    c3:0f:dc:8f:15:e1:cd:65:a6:d5:23:8b:dd:f5:b4:
                    a8:42:7c:b1:6c:35:03:dc:a3:cd:07:d6:bf:2d:09:
                    1f:69:85:65:62:6e:75:4e:d7:2b:34:b8:7f:ad:b5:
                    a5:83:ba:bd:a1:8c:51:a6:df:0b:67:30:08:e4:d1:
                    6c:17:b0:37:5a:69:43:21:6d:fc:6c:d0:ba:ec:e9:
                    0b:28:79:c9:4d:ae:4f:3f:d5:aa:ed:a2:4f:b7:d4:
                    f3:8a:67:af:65:23:65:c4:1e:51:c8:aa:71:33:5f:
                    c0:7a:7c:4e:db:b1:96:6a:fa:63:d7:95:00:f0:ef:
                    21:c3:cb:11:76:cc:81:72:62:8f:e4:ae:65:78:d2:
                    8d:92:df:33:71:73:10:1c:5e:11:41:c0:b0:ec:9f:
                    66:66:87:48:26:a6:22:64:88:1b:d0:8a:c5:53:86:
                    e0:31:de:4b:7c:f3:6c:67:64:a4:4a:1b:4d:2d:ca:
                    57:65:26:c8:42:07:69:ce:90:6b:58:4e:f0:5d:65:
                    5d:cc:a4:39:e0:41:bf:44:26:f1:61:5f:da:81:4d:
                    f8:db:49:31:30:cd:38:5a:f5:18:01:7b:9a:6b:c8:
                    00:cf:55:34:b9:4b:06:65:ef:dd:d0:c6:f1:29:09:
                    33:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:52:83:E2:74:41:F9:25:11:C3:7C:B6:9B:4B:80:5D:E8:12:99:E0
            X509v3 Authority Key Identifier:
                keyid:DE:6B:21:84:AC:22:E3:4D:8C:44:DA:6B:84:54:9B:BA:71:FD:55:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mshhKwi402MRNprhFSbunH9VT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:8e:3c:1e:be:e0:07:a7:9e:aa:00:af:0e:2c:0b:4b:8e:9d:
         06:6a:21:b9:d0:54:e4:17:e8:a1:88:4d:b5:a2:c0:ee:19:79:
         cd:9c:a8:bb:ba:4f:b6:5a:eb:8e:71:a0:5b:f5:bd:57:cb:78:
         d9:3a:37:9d:9e:94:18:45:19:db:a9:d2:c0:4c:ec:31:a8:74:
         6f:a4:50:81:f7:09:3e:90:6f:29:0c:63:bd:33:24:ee:24:d3:
         ec:dc:df:d7:20:5d:da:fe:4b:55:be:5a:11:9e:20:97:21:67:
         ae:91:2d:5b:7a:77:32:ca:84:19:e5:1d:8e:97:f8:89:40:c2:
         aa:f1:aa:5e:bb:21:75:1c:8e:85:48:e6:75:69:dd:c4:03:ce:
         88:1b:24:92:a7:e1:f4:09:e6:38:a0:34:a8:96:b0:c0:2c:9e:
         56:34:31:2e:e2:2b:90:d0:46:43:c8:56:66:0b:03:11:63:07:
         9a:4f:59:66:33:80:8f:be:b8:07:56:73:60:81:69:ae:75:e2:
         eb:57:86:9c:3d:f7:9f:1d:f5:1d:34:d8:42:c8:fa:be:eb:6e:
         4d:4f:c4:ea:c5:33:fc:8b:22:2c:ad:d1:62:8d:55:e9:6f:1d:
         ac:5e:9e:01:a5:74:45:73:49:8a:c5:f3:4f:6d:76:08:c8:84:
         b3:1d:fd:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSbfIPWVmoPaRutEpFJaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNmIyMTg0YWMyMmUzNGQ4YzQ0ZGE2Yjg0NTQ5YmJhNzFm
ZDU1M2QwHhcNMjUxMTExMDUwMDQ3WhcNMjUxMTEyMDUwMDQ3WjAzMTEwLwYDVQQD
Eyg0MjUyODNlMjc0NDFmOTI1MTFjMzdjYjY5YjRiODA1ZGU4MTI5OWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7cE2lYTokjta/vj/n3DD9yPFeHN
ZabVI4vd9bSoQnyxbDUD3KPNB9a/LQkfaYVlYm51TtcrNLh/rbWlg7q9oYxRpt8L
ZzAI5NFsF7A3WmlDIW38bNC67OkLKHnJTa5PP9Wq7aJPt9TzimevZSNlxB5RyKpx
M1/AenxO27GWavpj15UA8O8hw8sRdsyBcmKP5K5leNKNkt8zcXMQHF4RQcCw7J9m
ZodIJqYiZIgb0IrFU4bgMd5LfPNsZ2SkShtNLcpXZSbIQgdpzpBrWE7wXWVdzKQ5
4EG/RCbxYV/agU3420kxMM04WvUYAXuaa8gAz1U0uUsGZe/d0MbxKQkzRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJSg+J0QfklEcN8tptLgF3oEpngMB8GA1UdIwQY
MBaAFN5rIYSsIuNNjETaa4RUm7px/VU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21zaGhLd2k0MDJNUk5wcmhGU2J1bkg5VlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8wYTg2ZmMtZGUwOC00MjM0LWE1YzQt
MTE2NTBjZGI5YzkxLzEvM21zaGhLd2k0MDJNUk5wcmhGU2J1bkg5VlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8wYTg2ZmMtZGUwOC00MjM0LWE1YzQtMTE2NTBjZGI5Yzkx
LzEvM21zaGhLd2k0MDJNUk5wcmhGU2J1bkg5VlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeI48Hr7g
B6eeqgCvDiwLS46dBmohudBU5BfooYhNtaLA7hl5zZyou7pPtlrrjnGgW/W9V8t4
2To3nZ6UGEUZ26nSwEzsMah0b6RQgfcJPpBvKQxjvTMk7iTT7Nzf1yBd2v5LVb5a
EZ4glyFnrpEtW3p3MsqEGeUdjpf4iUDCqvGqXrshdRyOhUjmdWndxAPOiBskkqfh
9AnmOKA0qJawwCyeVjQxLuIrkNBGQ8hWZgsDEWMHmk9ZZjOAj764B1ZzYIFprnXi
61eGnD33nx31HTTYQsj6vutuTU/E6sUz/IsiLK3RYo1V6W8drF6eAaV0RXNJisXz
T212CMiEsx394Q==
-----END CERTIFICATE-----