Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
File:                     s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json)
Hash identifier:          4gVV1Fx3rrlm2dH0H9Dp31cTfLNJu/+/cDFm0yb55tI=
Subject key identifier:   B3:DC:72:74:87:D8:7B:57:B6:B3:1E:B5:D3:B4:EC:A8:D2:C1:BC:82
Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4
Certificate issuer:       /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
Certificate serial:       019A71EEA5513BCEA2F7D17F35CEAD8AE352
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
Manifest number:          05B3
Signing time:             Tue 11 Nov 2025 08:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:56 +0000
Files and hashes:         1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: hWaJt1hYiQgDs+qKC5UYAcOPm0tSQecSTRj+cEh5beE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:a5:51:3b:ce:a2:f7:d1:7f:35:ce:ad:8a:e3:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
        Validity
            Not Before: Nov 11 08:00:56 2025 GMT
            Not After : Nov 12 08:00:56 2025 GMT
        Subject: CN=b3dc727487d87b57b6b31eb5d3b4eca8d2c1bc82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:71:68:87:c9:ea:63:61:5e:7c:b8:2b:45:8d:
                    24:10:a6:21:1a:6b:43:55:5b:d1:c7:65:a4:ba:d1:
                    0f:13:d8:3d:0a:7e:50:f5:c9:6d:08:ca:7d:76:44:
                    98:b0:f5:99:bc:82:d5:22:4b:97:51:b2:3c:bc:31:
                    47:6a:2c:0f:56:a6:6b:85:8f:b3:08:ad:28:4b:d8:
                    e0:2b:bf:a1:52:6b:be:bd:7b:2b:28:81:54:d3:21:
                    54:91:07:37:79:4d:2e:5b:b2:13:6f:8d:fd:56:b0:
                    a6:ad:89:f6:38:dd:af:89:aa:8b:4d:24:8a:0e:6d:
                    e6:12:2c:0f:b3:a7:06:cf:c8:2b:57:75:0d:c2:30:
                    cd:d1:d5:ab:a3:92:c3:38:80:4b:d9:31:99:82:c6:
                    f4:4b:27:62:69:7b:94:4d:74:1a:c3:ad:4c:84:c3:
                    f7:7e:cd:1e:b7:f2:05:54:9e:3d:09:43:53:0a:9f:
                    f3:aa:a9:8a:23:98:e0:c9:2a:5c:4f:ef:78:ba:68:
                    42:d3:ab:bc:ed:7c:05:dc:c2:c5:05:47:17:75:e9:
                    e4:46:f3:23:74:49:cf:7b:ad:0e:2d:19:af:00:1e:
                    10:0b:e5:36:52:61:4f:3b:fb:96:d5:98:08:29:de:
                    e5:5d:95:27:2e:10:41:f8:a1:af:74:20:49:aa:19:
                    1f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:DC:72:74:87:D8:7B:57:B6:B3:1E:B5:D3:B4:EC:A8:D2:C1:BC:82
            X509v3 Authority Key Identifier:
                keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:3d:e5:51:3d:73:b6:99:7f:58:f3:de:4f:1d:7c:a6:76:2b:
         f2:b1:48:ab:5b:5a:b5:c6:72:2c:ee:9f:0f:7b:ab:3d:0a:90:
         8e:a6:e0:76:8b:18:7b:8e:04:32:75:e1:10:58:0e:18:c3:f5:
         a4:86:ee:b6:0b:9d:18:ff:01:b9:d4:df:b4:6c:b6:2a:fd:ff:
         f4:54:a8:50:fb:21:39:e7:5d:85:cf:3e:3c:69:b0:aa:3c:38:
         f1:c3:3a:41:ce:3e:19:15:28:00:ea:cd:c9:7c:81:95:76:52:
         21:a6:35:23:88:a0:93:2e:4b:d6:ff:d5:c2:3a:ec:c4:c0:f0:
         86:88:4f:50:a8:52:df:df:3f:90:9e:18:11:f1:35:c5:7c:44:
         a3:c6:ce:20:3e:b2:7c:ac:46:99:21:21:bb:a0:3a:a8:f4:75:
         da:1f:90:aa:f4:e3:8f:47:f8:65:d0:b3:32:94:25:e0:b6:c6:
         cd:fd:ad:48:64:92:82:47:4f:d0:22:90:62:d6:ad:4c:96:b4:
         c2:9c:4a:60:e4:63:ea:4d:5f:2e:12:89:b0:77:59:4b:c5:a2:
         60:76:0c:5a:e1:9c:8e:7d:cd:d7:d1:56:2b:94:b9:69:ef:6c:
         9a:e8:44:4f:90:75:74:ca:38:c1:b5:04:34:54:9d:3b:1c:cd:
         a0:e7:1c:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qVRO86i99F/Nc6tiuNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl
ZWQ2ZDQwHhcNMjUxMTExMDgwMDU2WhcNMjUxMTEyMDgwMDU2WjAzMTEwLwYDVQQD
EyhiM2RjNzI3NDg3ZDg3YjU3YjZiMzFlYjVkM2I0ZWNhOGQyYzFiYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXFoh8nqY2FefLgrRY0kEKYhGmtD
VVvRx2WkutEPE9g9Cn5Q9cltCMp9dkSYsPWZvILVIkuXUbI8vDFHaiwPVqZrhY+z
CK0oS9jgK7+hUmu+vXsrKIFU0yFUkQc3eU0uW7ITb439VrCmrYn2ON2viaqLTSSK
Dm3mEiwPs6cGz8grV3UNwjDN0dWro5LDOIBL2TGZgsb0SydiaXuUTXQaw61MhMP3
fs0et/IFVJ49CUNTCp/zqqmKI5jgySpcT+94umhC06u87XwF3MLFBUcXdenkRvMj
dEnPe60OLRmvAB4QC+U2UmFPO/uW1ZgIKd7lXZUnLhBB+KGvdCBJqhkfVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLPccnSH2HtXtrMetdO07KjSwbyCMB8GA1UdIwQY
MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt
ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0
LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcT3lUT1z
tpl/WPPeTx18pnYr8rFIq1tatcZyLO6fD3urPQqQjqbgdosYe44EMnXhEFgOGMP1
pIbutgudGP8BudTftGy2Kv3/9FSoUPshOeddhc8+PGmwqjw48cM6Qc4+GRUoAOrN
yXyBlXZSIaY1I4igky5L1v/VwjrsxMDwhohPUKhS398/kJ4YEfE1xXxEo8bOID6y
fKxGmSEhu6A6qPR12h+QqvTjj0f4ZdCzMpQl4LbGzf2tSGSSgkdP0CKQYtatTJa0
wpxKYORj6k1fLhKJsHdZS8WiYHYMWuGcjn3N19FWK5S5ae9smuhET5B1dMo4wbUE
NFSdOxzNoOccTA==
-----END CERTIFICATE-----