Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
File:                     Ma-3caS5EQsRSqgHr7cIaxplN54.mft (raw, json)
Hash identifier:          olIQDeNgWGwlkgoKMrELwEnRxtQncjLdYyaqRU9cE+k=
Subject key identifier:   AB:F6:51:40:05:5E:DE:9C:B9:A7:5B:D1:2C:3F:A7:6A:A7:6D:DD:F1
Authority key identifier: 31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E
Certificate issuer:       /CN=31afb771a4b9110b114aa807afb7086b1a65379e
Certificate serial:       019A71B8F3D26C5CB72648166E181F82AE6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
Manifest number:          04DB
Signing time:             Tue 11 Nov 2025 07:02:17 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:17 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:17 +0000
Files and hashes:         1: Ma-3caS5EQsRSqgHr7cIaxplN54.crl (hash: IdlSkPIZ92Ki8bKb4r2O6vEuL0eblepE4mmPXeOfZfA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:f3:d2:6c:5c:b7:26:48:16:6e:18:1f:82:ae:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31afb771a4b9110b114aa807afb7086b1a65379e
        Validity
            Not Before: Nov 11 07:02:17 2025 GMT
            Not After : Nov 12 07:02:17 2025 GMT
        Subject: CN=abf65140055ede9cb9a75bd12c3fa76aa76dddf1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c5:af:22:d3:61:f8:81:61:99:ab:17:fe:ba:
                    41:36:6e:8d:73:68:27:8c:59:60:62:d8:99:8f:cb:
                    84:1c:2b:5e:bd:86:cd:13:a9:6c:81:3b:56:a2:04:
                    47:ff:bd:fc:af:21:92:c1:3e:06:59:8a:c6:b8:ff:
                    34:34:a3:73:b2:03:0d:d5:55:c0:1b:03:ed:45:62:
                    cd:bd:01:c5:52:ca:e0:33:00:f3:41:44:30:c8:6d:
                    1f:d9:87:c8:66:58:8c:63:19:a5:2d:ae:58:23:eb:
                    db:72:36:9b:4d:12:20:96:47:a5:36:95:6f:44:74:
                    f5:6e:4a:0a:77:dd:ec:78:13:9d:01:6b:d6:b8:25:
                    4c:e9:e0:d0:ed:64:e7:16:0f:4b:4f:08:65:08:b5:
                    93:5f:05:11:ec:70:f8:d7:82:cc:d1:db:74:58:ad:
                    b9:85:56:17:49:1a:75:85:08:fb:dc:b9:67:56:fd:
                    49:da:96:82:82:b1:bc:78:72:5a:48:63:b6:69:96:
                    86:63:ca:ac:08:15:9e:b9:4a:4f:b2:4f:d0:01:54:
                    78:2a:98:13:b5:9a:a1:a6:79:fb:f4:30:10:c6:39:
                    7f:69:b0:92:78:58:6a:a6:20:15:ed:5a:a9:38:6f:
                    a5:bb:d6:79:cd:b1:58:9f:cb:a0:13:4d:ba:41:16:
                    83:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:F6:51:40:05:5E:DE:9C:B9:A7:5B:D1:2C:3F:A7:6A:A7:6D:DD:F1
            X509v3 Authority Key Identifier:
                keyid:31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:a5:0d:28:d8:1a:82:cf:24:e1:14:11:03:82:ad:64:be:a9:
         c9:de:b8:9c:a5:dd:63:67:b2:a1:46:3c:a9:d1:c5:09:cc:24:
         06:39:ed:ed:2a:8e:2a:64:b5:85:e8:f1:ab:c0:dd:7a:73:29:
         a3:d0:a8:b6:5a:ab:1e:dc:8c:be:be:6a:02:df:1b:3b:a5:3f:
         4a:aa:e0:ed:41:3b:17:88:0c:68:fb:9a:c2:e6:f0:20:97:b7:
         21:01:a9:f4:af:32:0b:d8:fa:6b:d2:88:03:71:44:5e:cc:1a:
         84:ec:3f:c7:39:af:f3:ba:17:dd:e9:f8:30:80:a7:44:56:3f:
         c9:ea:f4:58:a0:68:ef:a5:0b:91:56:9c:09:3e:5d:df:84:61:
         e3:22:da:13:3a:1b:4f:14:a2:b7:99:0b:9a:67:50:14:76:20:
         63:53:5b:49:a3:f4:60:44:3c:18:f8:a2:39:bb:1c:3b:fd:cf:
         69:43:3f:7b:b1:08:18:00:1c:4b:64:d3:1e:d7:f9:9b:7b:98:
         6c:1f:19:ce:30:1d:79:28:b3:c7:e9:82:71:73:b2:cb:05:0e:
         72:1f:b8:9e:ab:0d:89:84:76:b3:79:3b:36:73:ef:8b:8e:65:
         9e:f7:14:98:6d:1c:c6:24:e1:12:47:8c:d0:74:09:2b:75:0d:
         c4:8f:04:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPPSbFy3JkgWbhgfgq5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYWZiNzcxYTRiOTExMGIxMTRhYTgwN2FmYjcwODZiMWE2
NTM3OWUwHhcNMjUxMTExMDcwMjE3WhcNMjUxMTEyMDcwMjE3WjAzMTEwLwYDVQQD
EyhhYmY2NTE0MDA1NWVkZTljYjlhNzViZDEyYzNmYTc2YWE3NmRkZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8WvItNh+IFhmasX/rpBNm6Nc2gn
jFlgYtiZj8uEHCtevYbNE6lsgTtWogRH/738ryGSwT4GWYrGuP80NKNzsgMN1VXA
GwPtRWLNvQHFUsrgMwDzQUQwyG0f2YfIZliMYxmlLa5YI+vbcjabTRIglkelNpVv
RHT1bkoKd93seBOdAWvWuCVM6eDQ7WTnFg9LTwhlCLWTXwUR7HD414LM0dt0WK25
hVYXSRp1hQj73LlnVv1J2paCgrG8eHJaSGO2aZaGY8qsCBWeuUpPsk/QAVR4KpgT
tZqhpnn79DAQxjl/abCSeFhqpiAV7VqpOG+lu9Z5zbFYn8ugE026QRaDLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKv2UUAFXt6cuadb0Sw/p2qnbd3xMB8GA1UdIwQY
MBaAFDGvt3GkuRELEUqoB6+3CGsaZTeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2It
YjBlYjRjMDZhMWU3LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2ItYjBlYjRjMDZhMWU3
LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqqUNKNga
gs8k4RQRA4KtZL6pyd64nKXdY2eyoUY8qdHFCcwkBjnt7SqOKmS1hejxq8DdenMp
o9CotlqrHtyMvr5qAt8bO6U/Sqrg7UE7F4gMaPuawubwIJe3IQGp9K8yC9j6a9KI
A3FEXswahOw/xzmv87oX3en4MICnRFY/yer0WKBo76ULkVacCT5d34Rh4yLaEzob
TxSit5kLmmdQFHYgY1NbSaP0YEQ8GPiiObscO/3PaUM/e7EIGAAcS2TTHtf5m3uY
bB8ZzjAdeSizx+mCcXOyywUOch+4nqsNiYR2s3k7NnPvi45lnvcUmG0cxiThEkeM
0HQJK3UNxI8ELA==
-----END CERTIFICATE-----