Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File:                     3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier:          n0I87+P9ZWiaOrpUjVqazixWZvn9xsBwqwoVjmuxl1Y=
Subject key identifier:   57:DB:E1:75:53:AE:4D:D0:E2:9C:DF:7F:AA:3C:19:58:BE:3D:77:6E
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       019A7225EBA76320A25C0B6663E62D1A9FAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number:          07CE
Signing time:             Tue 11 Nov 2025 09:01:19 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:19 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:19 +0000
Files and hashes:         1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: 9e9DlWs7ym/fm94eiAwKsSKkFYS2vQPNlptN+z2GwjE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:eb:a7:63:20:a2:5c:0b:66:63:e6:2d:1a:9f:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: Nov 11 09:01:19 2025 GMT
            Not After : Nov 12 09:01:19 2025 GMT
        Subject: CN=57dbe17553ae4dd0e29cdf7faa3c1958be3d776e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:65:cc:2d:93:6d:a2:46:9b:d2:b7:9b:4a:fd:
                    f7:fd:37:4a:b6:e5:f8:9e:ea:41:d2:1c:7c:d1:fd:
                    c5:31:6f:e2:dd:35:5a:d4:c8:c0:ea:a6:68:37:1a:
                    dd:d0:65:c6:36:9b:f9:9b:5c:15:80:d7:b1:f4:bd:
                    e9:70:26:d2:4f:c5:27:52:c9:af:cf:3a:0f:90:0a:
                    f0:8e:7a:b5:46:79:95:43:38:84:32:df:0b:32:ef:
                    a0:73:f5:f5:95:a9:26:28:44:42:d4:07:65:d8:e5:
                    80:52:55:b4:7c:a2:d8:a0:ec:18:f3:fa:ea:9b:e8:
                    14:77:ae:a4:ea:11:f3:c4:7a:cc:21:ab:9f:ad:96:
                    09:8e:57:f2:40:40:00:ae:23:c9:c7:6f:0c:82:ef:
                    01:09:e7:45:12:a8:80:4b:2a:d9:1f:a8:36:ca:70:
                    f3:4e:40:fb:fe:da:ad:0a:fa:a7:f0:40:52:7a:7c:
                    75:f5:70:ca:a7:11:99:b3:02:71:4a:bc:29:0d:4c:
                    6d:5f:06:7e:90:b9:3c:80:a8:e7:74:5b:b3:72:05:
                    e4:88:a1:d2:d3:8d:b4:35:ed:f4:89:40:9b:c3:4e:
                    69:69:f5:17:7c:27:a2:59:90:ce:f4:7f:14:09:ac:
                    00:22:bf:45:4d:97:d2:c5:ba:31:0d:ca:49:a9:25:
                    95:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:DB:E1:75:53:AE:4D:D0:E2:9C:DF:7F:AA:3C:19:58:BE:3D:77:6E
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:51:4c:2a:63:6b:99:bc:3c:d0:bd:c5:21:06:26:3d:cb:a5:
         5b:b2:24:5b:4e:d2:ec:20:c1:25:bd:e3:55:25:21:61:6d:55:
         a6:fa:53:03:81:6d:81:d2:5e:29:05:f6:3f:fb:35:64:b4:54:
         92:a9:5e:aa:79:b1:e7:4a:9b:65:97:ae:89:fc:55:e9:06:1b:
         94:9e:57:bc:29:70:54:40:5f:3f:53:c5:b1:78:7e:f1:d8:2a:
         7f:3e:1b:69:f2:41:1c:b6:98:60:46:6d:22:67:d0:46:7c:e4:
         c3:f5:a9:61:eb:04:0b:da:76:b8:2f:91:b1:56:bb:ec:08:cc:
         58:ec:e1:b0:e5:b3:26:95:f7:b2:ed:5e:36:74:0f:99:89:e3:
         09:6f:ab:08:df:31:c0:84:65:c5:42:83:b6:5f:67:00:e5:56:
         2f:77:ed:a0:61:70:03:ce:e5:a8:10:3e:57:37:49:a4:ae:9c:
         a5:06:94:58:99:a1:cf:9c:5d:67:92:97:ca:96:3d:20:ac:bc:
         3a:8c:6f:24:37:a2:7d:79:74:97:16:dd:3b:ff:ef:af:27:fc:
         83:cf:55:ea:5e:61:af:fe:bd:d9:34:44:ca:a4:98:69:00:84:
         2a:f5:43:15:cd:2e:85:65:1a:bc:40:3b:a3:cd:81:82:b6:5b:
         e7:8c:87:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJeunYyCiXAtmY+YtGp+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjUxMTExMDkwMTE5WhcNMjUxMTEyMDkwMTE5WjAzMTEwLwYDVQQD
Eyg1N2RiZTE3NTUzYWU0ZGQwZTI5Y2RmN2ZhYTNjMTk1OGJlM2Q3NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWXMLZNtokab0rebSv33/TdKtuX4
nupB0hx80f3FMW/i3TVa1MjA6qZoNxrd0GXGNpv5m1wVgNex9L3pcCbST8UnUsmv
zzoPkArwjnq1RnmVQziEMt8LMu+gc/X1lakmKERC1Adl2OWAUlW0fKLYoOwY8/rq
m+gUd66k6hHzxHrMIaufrZYJjlfyQEAAriPJx28Mgu8BCedFEqiASyrZH6g2ynDz
TkD7/tqtCvqn8EBSenx19XDKpxGZswJxSrwpDUxtXwZ+kLk8gKjndFuzcgXkiKHS
0420Ne30iUCbw05pafUXfCeiWZDO9H8UCawAIr9FTZfSxboxDcpJqSWVDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfb4XVTrk3Q4pzff6o8GVi+PXduMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADFFMKmNr
mbw80L3FIQYmPculW7IkW07S7CDBJb3jVSUhYW1VpvpTA4FtgdJeKQX2P/s1ZLRU
kqleqnmx50qbZZeuifxV6QYblJ5XvClwVEBfP1PFsXh+8dgqfz4bafJBHLaYYEZt
ImfQRnzkw/WpYesEC9p2uC+RsVa77AjMWOzhsOWzJpX3su1eNnQPmYnjCW+rCN8x
wIRlxUKDtl9nAOVWL3ftoGFwA87lqBA+VzdJpK6cpQaUWJmhz5xdZ5KXypY9IKy8
OoxvJDeifXl0lxbdO//vryf8g89V6l5hr/692TREyqSYaQCEKvVDFc0uhWUavEA7
o82BgrZb54yH6A==
-----END CERTIFICATE-----