Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
File:                     x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft (raw, json)
Hash identifier:          XXaJ2qa6gqdIHiGT3StODn805nuKNM61cNtPcSRU5IM=
Subject key identifier:   32:36:61:22:EE:BB:61:00:C4:52:C3:F1:64:7A:8C:C1:EA:03:4C:A2
Authority key identifier: C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9
Certificate issuer:       /CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
Certificate serial:       019A71B8ECACA48D9A3CA48BE3D651B947BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
Manifest number:          01D3
Signing time:             Tue 11 Nov 2025 07:02:15 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:15 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:15 +0000
Files and hashes:         1: x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl (hash: cIBCr8frcgOncrmiItJFSKx40SkUjneehUEKloR4+80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:ec:ac:a4:8d:9a:3c:a4:8b:e3:d6:51:b9:47:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
        Validity
            Not Before: Nov 11 07:02:15 2025 GMT
            Not After : Nov 12 07:02:15 2025 GMT
        Subject: CN=32366122eebb6100c452c3f1647a8cc1ea034ca2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f1:b2:5b:0b:4a:30:c4:81:f0:a8:99:de:88:
                    39:69:1c:92:de:59:1b:43:29:b4:d9:60:b7:66:f5:
                    8b:b6:9f:79:cf:64:3b:0a:01:5a:68:6f:44:14:15:
                    4a:c4:57:51:99:0e:13:b6:6f:f1:3e:f2:b6:40:19:
                    8b:06:8a:7d:6c:08:75:ab:11:20:bf:c1:61:31:45:
                    e0:d9:d6:9c:ed:93:17:76:41:fe:f8:3a:80:39:0d:
                    f7:4d:db:a5:70:5d:82:14:5c:cb:27:8f:fb:e5:2e:
                    8d:99:b3:f2:81:a6:f6:f4:d5:78:f6:fa:14:63:91:
                    a5:2b:87:b9:ee:fb:57:55:4f:61:7d:37:69:89:44:
                    e0:6b:3f:c3:04:e0:4a:a1:69:e4:69:30:2c:71:06:
                    d8:19:94:72:f8:7a:b1:c6:56:9f:2d:a7:15:b3:f3:
                    02:93:88:9d:d8:db:49:9b:58:ef:5b:c2:01:7c:54:
                    21:ea:bc:16:e1:4c:e4:df:f0:f2:8a:d7:03:84:d9:
                    46:71:19:1f:e4:e3:99:6f:09:68:73:47:2c:18:93:
                    40:96:fb:d7:88:7c:ec:9e:a9:c0:ba:d0:3b:b2:94:
                    92:73:f6:9a:2c:2f:9d:92:5b:c4:7f:f6:d0:11:98:
                    51:64:45:00:76:29:6f:f5:01:61:8b:90:53:36:ee:
                    3b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:36:61:22:EE:BB:61:00:C4:52:C3:F1:64:7A:8C:C1:EA:03:4C:A2
            X509v3 Authority Key Identifier:
                keyid:C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:3e:50:73:49:3d:32:00:59:e7:74:d5:e6:f3:49:2a:e6:c2:
         9a:d8:d9:a3:f0:27:b6:f4:9c:b9:b6:28:4e:49:de:8d:2b:51:
         24:a0:d7:f2:f1:ee:8d:40:01:56:23:73:26:8d:ff:bb:5d:08:
         36:b0:a0:a2:99:4e:d7:43:6e:74:92:67:e9:90:90:10:cd:9e:
         a0:40:a3:91:5d:7d:26:d9:51:c2:fa:68:6a:f4:e4:5d:76:b0:
         8d:12:3e:b4:99:94:6c:6a:26:33:55:80:da:1e:6a:f7:9b:47:
         77:12:97:71:21:8c:98:34:fa:55:3f:0f:ff:9b:4c:8c:29:8b:
         86:fc:ce:18:d6:23:1d:aa:dc:bd:4b:39:8e:9e:28:61:ac:27:
         1c:19:de:16:1b:c5:15:d1:ec:ff:d3:54:b5:cf:12:31:96:b3:
         94:e7:ac:0f:8e:82:0f:6b:1e:cf:5c:87:a4:44:55:df:20:3e:
         ae:ae:7f:59:81:7a:fa:67:11:75:c6:a2:39:36:bc:a0:bc:0e:
         72:8b:65:8e:37:a1:db:ea:e0:00:4f:2f:6e:18:83:0e:6d:e7:
         ad:1f:75:b2:8b:82:9b:1f:11:ab:27:ac:dc:d4:07:8d:96:ef:
         44:85:6b:39:29:d2:66:f5:01:eb:86:4e:8b:d9:cf:2c:fe:1f:
         d3:a4:5a:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOyspI2aPKSL49ZRuUe+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzI5YTZlY2UyZDBlYmU5YmJlNWQ4ZDc5NjJmNzNiZGM5
MjA0YTkwHhcNMjUxMTExMDcwMjE1WhcNMjUxMTEyMDcwMjE1WjAzMTEwLwYDVQQD
EygzMjM2NjEyMmVlYmI2MTAwYzQ1MmMzZjE2NDdhOGNjMWVhMDM0Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPGyWwtKMMSB8KiZ3og5aRyS3lkb
Qym02WC3ZvWLtp95z2Q7CgFaaG9EFBVKxFdRmQ4Ttm/xPvK2QBmLBop9bAh1qxEg
v8FhMUXg2dac7ZMXdkH++DqAOQ33TdulcF2CFFzLJ4/75S6NmbPygab29NV49voU
Y5GlK4e57vtXVU9hfTdpiUTgaz/DBOBKoWnkaTAscQbYGZRy+HqxxlafLacVs/MC
k4id2NtJm1jvW8IBfFQh6rwW4Uzk3/DyitcDhNlGcRkf5OOZbwloc0csGJNAlvvX
iHzsnqnAutA7spSSc/aaLC+dklvEf/bQEZhRZEUAdilv9QFhi5BTNu47OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDI2YSLuu2EAxFLD8WR6jMHqA0yiMB8GA1UdIwQY
MBaAFMdymm7OLQ6+m75djXli9zvckgSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEt
ZGMzNjUxY2NmOWFlLzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEtZGMzNjUxY2NmOWFl
LzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjT5Qc0k9
MgBZ53TV5vNJKubCmtjZo/AntvScubYoTknejStRJKDX8vHujUABViNzJo3/u10I
NrCgoplO10NudJJn6ZCQEM2eoECjkV19JtlRwvpoavTkXXawjRI+tJmUbGomM1WA
2h5q95tHdxKXcSGMmDT6VT8P/5tMjCmLhvzOGNYjHarcvUs5jp4oYawnHBneFhvF
FdHs/9NUtc8SMZazlOesD46CD2sez1yHpERV3yA+rq5/WYF6+mcRdcaiOTa8oLwO
cotljjeh2+rgAE8vbhiDDm3nrR91souCmx8Rqyes3NQHjZbvRIVrOSnSZvUB64ZO
i9nPLP4f06RaXQ==
-----END CERTIFICATE-----