Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          i4qFV+sSlmljXaFMrKvEerQQSa5k0FnGvR25GSyswWM=
Subject key identifier:   95:AC:51:74:DB:FA:9A:3D:A9:02:A2:11:5B:67:EA:B4:44:21:DC:1C
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019A71B78AB20417DFD5552B8F3E5A2CC8D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          0845
Signing time:             Tue 11 Nov 2025 07:00:45 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:45 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:45 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: HPhJxqf3/U8eOe7edrLpiSlGbxUXTUaUgCkGvid2xWo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:8a:b2:04:17:df:d5:55:2b:8f:3e:5a:2c:c8:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Nov 11 07:00:45 2025 GMT
            Not After : Nov 12 07:00:45 2025 GMT
        Subject: CN=95ac5174dbfa9a3da902a2115b67eab44421dc1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:8d:97:a9:f0:34:6c:1e:d1:2b:3c:01:ff:6b:
                    38:0f:82:c0:cd:84:de:3b:5e:0b:98:09:a4:a2:85:
                    44:b7:fe:2e:86:c9:5c:43:7b:9a:05:88:36:10:c2:
                    1b:dc:70:31:bd:c2:73:fa:df:39:02:24:96:9f:61:
                    81:5d:ea:f7:2c:98:db:7e:ce:92:5f:2a:e4:e3:d3:
                    26:cc:66:2a:7e:19:bf:02:4b:ec:4f:81:f8:d2:2b:
                    6e:fd:34:93:23:c8:21:b9:31:48:ac:63:24:a6:da:
                    01:e5:2e:c7:1f:ef:c9:e3:a4:50:11:5c:3d:c4:af:
                    c0:a3:31:8d:8c:b3:37:e9:bb:aa:80:4e:c8:91:f3:
                    b0:01:3f:dd:5e:5f:94:7a:93:14:1f:94:43:b1:92:
                    11:aa:a7:fd:ee:55:7e:d1:e3:92:f3:71:27:d1:01:
                    3c:ea:5e:ed:93:a7:36:ee:2b:9c:c5:30:c4:a3:88:
                    30:99:09:8e:5d:73:35:3a:20:67:20:14:c6:fd:60:
                    eb:4b:ce:74:d5:4c:99:74:fd:ca:b5:e2:a2:5e:2e:
                    9d:e7:60:6a:22:96:0c:e2:b7:ee:56:59:29:20:15:
                    01:99:52:ed:2f:25:0a:13:7b:87:cb:22:74:60:c8:
                    d8:e4:3d:89:5a:8c:44:50:0d:c0:74:41:aa:c2:f8:
                    3c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:AC:51:74:DB:FA:9A:3D:A9:02:A2:11:5B:67:EA:B4:44:21:DC:1C
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:ed:69:9e:b8:97:b9:3c:ae:e7:b4:3f:cf:17:24:62:a4:c7:
         ac:27:97:b9:03:fe:4b:38:f0:79:dc:82:7e:9e:98:4e:30:56:
         10:82:f1:94:85:04:aa:78:8d:45:a5:7a:d8:35:63:7f:ab:34:
         97:d5:66:87:e1:d9:80:81:18:ed:05:f4:8c:5f:77:7c:68:4a:
         fe:0b:17:92:b0:93:25:a5:8d:98:99:45:5d:f0:b5:3e:a4:cd:
         c7:ec:73:f8:6f:df:88:8a:86:88:99:52:6b:10:4a:56:6e:c4:
         26:5a:42:c9:72:8f:c7:4a:75:90:34:2d:df:c5:58:af:e6:b4:
         27:0e:05:1c:f9:9e:39:6b:35:20:17:e9:6f:31:35:3d:53:51:
         58:4b:09:0c:bc:93:6c:1e:94:79:df:e1:ce:94:92:c6:8b:2a:
         c6:21:13:88:5a:ce:52:00:29:7e:04:09:e6:b6:5c:eb:bb:40:
         81:1b:97:01:49:68:7e:02:c7:1c:7b:5e:95:8b:41:ea:d5:fb:
         08:12:e4:4a:47:7a:b2:c4:98:09:a4:27:f0:a9:98:97:a0:1e:
         4c:ad:aa:29:d6:01:6e:91:99:9b:bc:8c:78:7f:f0:3e:d9:32:
         c7:4e:ae:80:75:6c:ba:4a:9d:c9:c0:0c:ea:d8:99:9d:79:34:
         15:64:ae:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4qyBBff1VUrjz5aLMjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjUxMTExMDcwMDQ1WhcNMjUxMTEyMDcwMDQ1WjAzMTEwLwYDVQQD
Eyg5NWFjNTE3NGRiZmE5YTNkYTkwMmEyMTE1YjY3ZWFiNDQ0MjFkYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyY2XqfA0bB7RKzwB/2s4D4LAzYTe
O14LmAmkooVEt/4uhslcQ3uaBYg2EMIb3HAxvcJz+t85AiSWn2GBXer3LJjbfs6S
Xyrk49MmzGYqfhm/AkvsT4H40itu/TSTI8ghuTFIrGMkptoB5S7HH+/J46RQEVw9
xK/AozGNjLM36buqgE7IkfOwAT/dXl+UepMUH5RDsZIRqqf97lV+0eOS83En0QE8
6l7tk6c27iucxTDEo4gwmQmOXXM1OiBnIBTG/WDrS8501UyZdP3KteKiXi6d52Bq
IpYM4rfuVlkpIBUBmVLtLyUKE3uHyyJ0YMjY5D2JWoxEUA3AdEGqwvg8VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWsUXTb+po9qQKiEVtn6rREIdwcMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVe1pnriX
uTyu57Q/zxckYqTHrCeXuQP+SzjwedyCfp6YTjBWEILxlIUEqniNRaV62DVjf6s0
l9Vmh+HZgIEY7QX0jF93fGhK/gsXkrCTJaWNmJlFXfC1PqTNx+xz+G/fiIqGiJlS
axBKVm7EJlpCyXKPx0p1kDQt38VYr+a0Jw4FHPmeOWs1IBfpbzE1PVNRWEsJDLyT
bB6Ued/hzpSSxosqxiETiFrOUgApfgQJ5rZc67tAgRuXAUlofgLHHHtelYtB6tX7
CBLkSkd6ssSYCaQn8KmYl6AeTK2qKdYBbpGZm7yMeH/wPtkyx06ugHVsukqdycAM
6tiZnXk0FWSuKQ==
-----END CERTIFICATE-----