Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
File:                     DW3GbMOENrasMel-cS0hlAfIPPQ.mft (raw, json)
Hash identifier:          Ldv2mijZJ0DMxTtIfLWXJDlXQNmWQfsFPnDL0joEz/8=
Subject key identifier:   8E:10:5A:F6:55:12:FD:C7:CB:9B:D0:3C:62:50:72:59:78:FD:FF:DF
Authority key identifier: 0D:6D:C6:6C:C3:84:36:B6:AC:31:E9:7E:71:2D:21:94:07:C8:3C:F4
Certificate issuer:       /CN=0d6dc66cc38436b6ac31e97e712d219407c83cf4
Certificate serial:       019A71130F17296ADA3DD37340F0580BCD47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
Manifest number:          05A2
Signing time:             Tue 11 Nov 2025 04:01:05 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:05 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:05 +0000
Files and hashes:         1: DW3GbMOENrasMel-cS0hlAfIPPQ.crl (hash: 0fV9op0EhyBjFUBHyWlSaef4khDK7nqPhVNua2Jbb6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:0f:17:29:6a:da:3d:d3:73:40:f0:58:0b:cd:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d6dc66cc38436b6ac31e97e712d219407c83cf4
        Validity
            Not Before: Nov 11 04:01:05 2025 GMT
            Not After : Nov 12 04:01:05 2025 GMT
        Subject: CN=8e105af65512fdc7cb9bd03c6250725978fdffdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:19:e4:fe:62:7d:30:e1:d7:97:9a:a5:9b:c4:
                    2e:d4:3b:49:b1:a9:64:5e:0d:7d:0e:c3:e6:6e:50:
                    05:2d:f3:3c:98:ca:ce:57:c6:6e:63:b6:f5:3a:9e:
                    b1:61:1f:eb:99:ed:95:06:09:e7:ac:3c:84:b4:65:
                    34:b9:61:df:69:9a:66:83:35:77:ec:8c:c5:0e:7c:
                    89:c6:a6:be:e6:2c:32:39:3b:33:3b:79:ee:a2:ee:
                    9e:fc:a6:35:42:a6:f8:84:f3:b5:c9:a6:70:7c:d1:
                    68:cf:c8:77:e6:40:74:c3:12:c1:14:d5:d2:c9:5c:
                    e0:33:60:0e:b6:da:25:e6:bc:a5:79:ad:d1:d3:06:
                    ab:49:b8:80:e2:05:4e:bd:19:4c:ec:34:8f:24:25:
                    ff:11:bf:8b:ce:0f:d9:14:d0:a8:d1:72:fc:d2:33:
                    4b:f0:62:78:d2:0b:66:f2:eb:ad:b4:bb:d0:aa:1a:
                    90:28:6a:ea:2d:fe:5f:17:53:8a:9d:bf:a8:6e:38:
                    18:90:6a:b4:e0:bf:fb:50:54:28:eb:7c:d3:c4:ef:
                    f5:11:dd:6d:2d:ef:5d:86:df:91:16:da:3f:41:27:
                    e4:e5:50:79:59:18:da:a6:9d:ad:66:b2:6b:33:02:
                    e3:46:79:1c:55:56:73:80:be:73:88:ac:cf:98:41:
                    02:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:10:5A:F6:55:12:FD:C7:CB:9B:D0:3C:62:50:72:59:78:FD:FF:DF
            X509v3 Authority Key Identifier:
                keyid:0D:6D:C6:6C:C3:84:36:B6:AC:31:E9:7E:71:2D:21:94:07:C8:3C:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:b5:9f:e0:90:1e:ee:c5:2c:bd:a0:78:57:15:e2:72:0a:3f:
         d5:c6:87:2f:ca:dd:d5:ba:3a:c6:b5:6c:16:0d:76:4e:e7:66:
         a3:b8:48:76:7c:ae:97:27:5e:ca:b1:c9:6c:40:30:20:fe:f9:
         f8:d0:e2:cc:cb:cc:45:35:34:7c:ef:40:d0:58:12:0b:fb:0f:
         63:82:81:3e:12:52:dd:d2:5a:ea:87:e4:06:61:51:37:d6:36:
         50:b2:a0:66:3c:44:03:77:12:a3:d1:71:20:1a:ea:3d:b1:b9:
         40:4f:e4:a6:85:21:fe:5b:6c:15:2f:47:bb:66:5e:85:53:82:
         63:26:33:67:52:dc:42:de:c0:8f:9a:77:d0:33:cd:20:99:a3:
         51:85:17:e9:15:ad:56:26:0e:e4:e8:a5:01:0f:76:78:0a:a9:
         e0:b8:5d:2e:72:24:e6:d4:0b:5e:30:e6:3b:d1:83:c6:65:a8:
         d0:fa:9b:0e:92:38:ef:74:a3:cd:51:09:aa:b5:15:3e:77:be:
         0f:75:5c:bb:f3:9a:37:07:cc:7f:df:38:6c:07:41:96:fa:b0:
         95:13:04:82:c4:7e:86:f1:b0:91:04:ca:72:71:b5:6f:a7:5f:
         09:09:b7:9e:be:0b:f1:19:98:0c:36:14:c4:ac:39:5c:11:16:
         2b:cb:ac:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEw8XKWraPdNzQPBYC81HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNmRjNjZjYzM4NDM2YjZhYzMxZTk3ZTcxMmQyMTk0MDdj
ODNjZjQwHhcNMjUxMTExMDQwMTA1WhcNMjUxMTEyMDQwMTA1WjAzMTEwLwYDVQQD
Eyg4ZTEwNWFmNjU1MTJmZGM3Y2I5YmQwM2M2MjUwNzI1OTc4ZmRmZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhnk/mJ9MOHXl5qlm8Qu1DtJsalk
Xg19DsPmblAFLfM8mMrOV8ZuY7b1Op6xYR/rme2VBgnnrDyEtGU0uWHfaZpmgzV3
7IzFDnyJxqa+5iwyOTszO3nuou6e/KY1Qqb4hPO1yaZwfNFoz8h35kB0wxLBFNXS
yVzgM2AOttol5rylea3R0warSbiA4gVOvRlM7DSPJCX/Eb+Lzg/ZFNCo0XL80jNL
8GJ40gtm8uuttLvQqhqQKGrqLf5fF1OKnb+objgYkGq04L/7UFQo63zTxO/1Ed1t
Le9dht+RFto/QSfk5VB5WRjapp2tZrJrMwLjRnkcVVZzgL5ziKzPmEEC3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4QWvZVEv3Hy5vQPGJQcll4/f/fMB8GA1UdIwQY
MBaAFA1txmzDhDa2rDHpfnEtIZQHyDz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODU5ZTYtNDNhYy00Yzc0LWI0ZmEt
OWRkNTIzMTNhZTdjLzEvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODU5ZTYtNDNhYy00Yzc0LWI0ZmEtOWRkNTIzMTNhZTdj
LzEvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlbWf4JAe
7sUsvaB4VxXicgo/1caHL8rd1bo6xrVsFg12Tudmo7hIdnyulydeyrHJbEAwIP75
+NDizMvMRTU0fO9A0FgSC/sPY4KBPhJS3dJa6ofkBmFRN9Y2ULKgZjxEA3cSo9Fx
IBrqPbG5QE/kpoUh/ltsFS9Hu2ZehVOCYyYzZ1LcQt7Aj5p30DPNIJmjUYUX6RWt
ViYO5OilAQ92eAqp4LhdLnIk5tQLXjDmO9GDxmWo0PqbDpI473SjzVEJqrUVPne+
D3Vcu/OaNwfMf984bAdBlvqwlRMEgsR+hvGwkQTKcnG1b6dfCQm3nr4L8RmYDDYU
xKw5XBEWK8usXg==
-----END CERTIFICATE-----