Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File:                     PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier:          C1R2+S8Wr7riJ9hyVKxfKQXY2ySH/Lm750K+V6IGIbI=
Subject key identifier:   CB:01:B2:CE:3D:9F:1C:5D:A3:FD:02:CA:BE:53:00:A1:A6:D8:20:28
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer:       /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial:       019A73A650895C5A1CE3DAA6E0E51DFE9840
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number:          036F
Signing time:             Tue 11 Nov 2025 16:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 16:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 16:01:10 +0000
Files and hashes:         1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: TCstL8/NopPkUt5sd4NS7RYsUWiphI8gY1ZivMKUXOY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:50:89:5c:5a:1c:e3:da:a6:e0:e5:1d:fe:98:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
        Validity
            Not Before: Nov 11 16:01:10 2025 GMT
            Not After : Nov 12 16:01:10 2025 GMT
        Subject: CN=cb01b2ce3d9f1c5da3fd02cabe5300a1a6d82028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:5f:cf:90:94:67:68:bd:b8:1e:dd:1f:2c:23:
                    ad:ab:ba:10:b8:46:c0:c4:4e:e5:0c:36:f7:86:35:
                    f2:2d:79:30:89:aa:5f:8b:ec:e7:03:52:92:b1:e5:
                    67:13:bd:76:be:52:56:20:f4:8e:52:e2:68:27:7d:
                    0a:a5:56:fe:2c:22:c1:7c:7c:5b:14:fd:4a:5d:f1:
                    6a:c6:d8:17:93:58:9b:5c:bc:a6:28:d7:9f:b0:c9:
                    d8:61:e7:bc:7b:f7:62:67:c1:06:96:39:e8:41:ec:
                    78:71:6f:3c:19:33:e7:7d:53:b7:2a:bb:68:75:79:
                    5f:f3:7d:98:df:b6:78:17:f6:3a:f0:96:6d:1a:dd:
                    eb:82:98:d1:44:30:89:b8:aa:03:df:30:67:29:8c:
                    77:0c:2e:f5:83:20:59:76:b9:b0:e0:4b:db:5f:6d:
                    63:88:89:5e:a6:4d:ef:c1:c4:d4:71:98:02:db:b1:
                    be:17:4d:b5:25:87:a4:08:47:b4:a8:61:b8:88:b5:
                    b7:72:59:8e:43:a0:39:35:3b:de:2c:bb:ad:a1:b0:
                    b4:6a:ad:82:6c:48:9c:35:f0:73:a0:53:24:e2:13:
                    0d:63:e6:38:d8:39:90:a5:10:f3:cf:5e:25:b8:1a:
                    c7:cb:8b:5d:dc:d3:6a:a5:28:d0:90:f4:1e:05:ee:
                    5b:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:01:B2:CE:3D:9F:1C:5D:A3:FD:02:CA:BE:53:00:A1:A6:D8:20:28
            X509v3 Authority Key Identifier:
                keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:8c:66:3c:f7:56:dc:e5:0b:26:fe:c0:dc:4c:d5:c0:37:8b:
         c1:de:d9:6e:38:96:36:cc:60:20:cb:1a:20:9b:a9:55:3c:2e:
         2f:fa:4d:1e:97:57:24:a6:03:7b:cc:6b:00:87:74:10:51:c5:
         06:78:e2:ea:91:ad:e1:0b:ac:8f:63:d4:f2:b4:2e:93:a8:ff:
         77:24:bf:45:3c:bb:bc:b5:3c:b6:fd:27:b5:0d:c6:02:38:55:
         79:a1:a8:27:93:65:3a:1a:a7:d9:a5:69:b4:87:5b:7b:46:3d:
         94:e4:9e:ff:e5:9e:c5:3c:a4:80:6d:b6:0f:b5:d4:b3:0e:d8:
         5f:9a:bf:19:bc:f3:ba:e0:85:02:02:2e:56:55:27:17:59:ff:
         b1:9f:be:a0:3c:51:12:a9:f6:d5:67:e9:83:56:d2:9b:0d:9a:
         c9:eb:71:17:f4:2e:9b:e2:5e:fa:d7:82:04:94:9f:88:17:73:
         7f:12:1e:0a:b2:bf:90:2b:3a:bc:c7:6f:52:76:56:49:9f:21:
         6f:44:27:01:e2:03:bf:1c:8c:8a:db:fb:34:b5:5b:e4:ff:74:
         98:a3:2a:60:10:8b:d7:8c:87:db:fd:52:49:f7:5f:a7:4a:e9:
         03:e0:90:2e:af:54:2a:e0:b5:4f:c5:ae:f4:85:17:37:12:85:
         95:fa:cc:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzplCJXFoc49qm4OUd/phAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjUxMTExMTYwMTEwWhcNMjUxMTEyMTYwMTEwWjAzMTEwLwYDVQQD
EyhjYjAxYjJjZTNkOWYxYzVkYTNmZDAyY2FiZTUzMDBhMWE2ZDgyMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1V/PkJRnaL24Ht0fLCOtq7oQuEbA
xE7lDDb3hjXyLXkwiapfi+znA1KSseVnE712vlJWIPSOUuJoJ30KpVb+LCLBfHxb
FP1KXfFqxtgXk1ibXLymKNefsMnYYee8e/diZ8EGljnoQex4cW88GTPnfVO3Krto
dXlf832Y37Z4F/Y68JZtGt3rgpjRRDCJuKoD3zBnKYx3DC71gyBZdrmw4EvbX21j
iIlepk3vwcTUcZgC27G+F021JYekCEe0qGG4iLW3clmOQ6A5NTveLLutobC0aq2C
bEicNfBzoFMk4hMNY+Y42DmQpRDzz14luBrHy4td3NNqpSjQkPQeBe5bSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsBss49nxxdo/0Cyr5TAKGm2CAoMB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC4xmPPdW
3OULJv7A3EzVwDeLwd7ZbjiWNsxgIMsaIJupVTwuL/pNHpdXJKYDe8xrAId0EFHF
Bnji6pGt4Qusj2PU8rQuk6j/dyS/RTy7vLU8tv0ntQ3GAjhVeaGoJ5NlOhqn2aVp
tIdbe0Y9lOSe/+WexTykgG22D7XUsw7YX5q/GbzzuuCFAgIuVlUnF1n/sZ++oDxR
Eqn21Wfpg1bSmw2ayetxF/Qum+Je+teCBJSfiBdzfxIeCrK/kCs6vMdvUnZWSZ8h
b0QnAeIDvxyMitv7NLVb5P90mKMqYBCL14yH2/1SSfdfp0rpA+CQLq9UKuC1T8Wu
9IUXNxKFlfrMIQ==
-----END CERTIFICATE-----