Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          NqPfGRZaXe390r8tZXduChqF5akXqWv4LFtlaR6D1dw=
Subject key identifier:   08:A1:B3:DD:B1:79:2C:67:B7:E9:F9:99:2D:D2:D2:6E:67:DA:DB:0C
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       019A722619E4DE3F3DAC40BA59191577F038
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0ECA
Signing time:             Tue 11 Nov 2025 09:01:30 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:30 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:30 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: be82dxAlnhBkGeXieUfe4nnjrTm7XgRD+iIONS8SIDc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:19:e4:de:3f:3d:ac:40:ba:59:19:15:77:f0:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Nov 11 09:01:30 2025 GMT
            Not After : Nov 12 09:01:30 2025 GMT
        Subject: CN=08a1b3ddb1792c67b7e9f9992dd2d26e67dadb0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2f:c2:86:aa:44:70:22:41:08:f4:5b:87:b8:
                    59:2d:de:10:ab:1c:c2:d1:ce:5b:15:7a:f3:ac:f3:
                    52:57:98:77:f6:09:68:f2:be:48:ff:6d:76:80:99:
                    71:65:35:19:ac:e9:4e:1c:6a:c8:42:66:c8:66:67:
                    da:7e:05:fe:2e:96:0e:c3:aa:97:b7:bb:96:f7:cd:
                    44:5f:dc:8c:9b:57:57:bb:8e:00:16:69:1e:98:65:
                    39:62:83:86:bb:94:7d:47:44:66:b4:51:d0:a5:8f:
                    a9:41:9b:b0:a6:a8:73:2c:98:40:d6:96:54:95:4e:
                    82:8c:bf:b3:a8:4f:f1:dc:d5:eb:d9:c8:c5:f4:24:
                    22:8e:05:35:6e:7a:29:36:ce:17:e2:27:e8:72:cf:
                    18:da:82:e2:57:8c:4e:5b:94:64:21:f4:6d:61:33:
                    01:01:b9:de:fe:4d:a2:59:15:db:45:74:46:a6:27:
                    2c:fd:93:58:7f:38:91:16:49:4c:1d:97:11:c2:78:
                    92:19:42:97:c3:0d:33:7d:32:4d:37:53:44:95:db:
                    1e:f9:b4:01:83:ae:fa:c1:93:3d:28:f6:f8:cd:f1:
                    ba:06:12:76:27:27:8c:50:0c:25:a6:0d:52:7c:16:
                    6b:0f:5b:6c:66:12:e8:27:ca:f5:9e:d8:33:e8:c5:
                    60:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:A1:B3:DD:B1:79:2C:67:B7:E9:F9:99:2D:D2:D2:6E:67:DA:DB:0C
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:64:01:a7:35:95:9f:c9:7b:90:8b:9b:05:29:9f:d4:f7:84:
         23:e6:cb:4d:87:1a:f3:4f:c7:ac:74:90:6d:5e:bb:5a:b6:46:
         8b:ee:92:e0:0a:14:78:95:fa:bf:85:b3:b7:0c:c0:a2:fe:c8:
         52:b5:18:84:2b:03:35:d3:29:cc:19:c5:b6:c4:c8:35:e7:40:
         a0:a9:40:be:94:c8:7a:59:43:1b:b6:9b:9c:e5:ff:4d:9b:37:
         9c:60:61:b7:68:14:e7:0d:e4:4d:52:dd:5a:23:0b:9d:c2:b4:
         3c:36:c9:48:c0:5a:18:95:74:df:0a:c0:06:6e:b4:c5:e3:03:
         2a:8a:b2:56:da:c0:8a:11:4d:2d:87:a7:53:22:c8:3e:f7:35:
         35:e4:e4:88:13:5d:46:25:6c:35:d8:1b:b0:e1:7b:7e:ba:ae:
         34:6a:46:e7:da:34:7c:34:ed:1d:dc:02:3a:c6:01:ad:0f:49:
         6c:a8:fc:d7:b7:17:9f:91:ca:93:f6:13:5f:09:c3:27:ae:04:
         5e:9d:5c:59:6b:38:3c:1b:95:7c:7a:bd:d1:22:d1:32:4d:50:
         de:b2:70:b9:bc:c0:73:a2:68:3c:2f:ca:c8:d0:b2:4c:f0:fc:
         8f:bd:0e:b5:20:07:32:19:1e:e7:c1:2c:31:73:5d:2f:ad:55:
         c7:c4:fa:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhnk3j89rEC6WRkVd/A4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUxMTExMDkwMTMwWhcNMjUxMTEyMDkwMTMwWjAzMTEwLwYDVQQD
EygwOGExYjNkZGIxNzkyYzY3YjdlOWY5OTkyZGQyZDI2ZTY3ZGFkYjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC/ChqpEcCJBCPRbh7hZLd4QqxzC
0c5bFXrzrPNSV5h39glo8r5I/212gJlxZTUZrOlOHGrIQmbIZmfafgX+LpYOw6qX
t7uW981EX9yMm1dXu44AFmkemGU5YoOGu5R9R0RmtFHQpY+pQZuwpqhzLJhA1pZU
lU6CjL+zqE/x3NXr2cjF9CQijgU1bnopNs4X4ifocs8Y2oLiV4xOW5RkIfRtYTMB
Abne/k2iWRXbRXRGpics/ZNYfziRFklMHZcRwniSGUKXww0zfTJNN1NEldse+bQB
g676wZM9KPb4zfG6BhJ2JyeMUAwlpg1SfBZrD1tsZhLoJ8r1ntgz6MVguwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAihs92xeSxnt+n5mS3S0m5n2tsMMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzWQBpzWV
n8l7kIubBSmf1PeEI+bLTYca80/HrHSQbV67WrZGi+6S4AoUeJX6v4WztwzAov7I
UrUYhCsDNdMpzBnFtsTINedAoKlAvpTIellDG7abnOX/TZs3nGBht2gU5w3kTVLd
WiMLncK0PDbJSMBaGJV03wrABm60xeMDKoqyVtrAihFNLYenUyLIPvc1NeTkiBNd
RiVsNdgbsOF7frquNGpG59o0fDTtHdwCOsYBrQ9JbKj817cXn5HKk/YTXwnDJ64E
Xp1cWWs4PBuVfHq90SLRMk1Q3rJwubzAc6JoPC/KyNCyTPD8j70OtSAHMhke58Es
MXNdL61Vx8T67A==
-----END CERTIFICATE-----