Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft
File:                     3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft (raw, json)
Hash identifier:          D21ugQVkQ9Gp+54w6h60H7vp85S+oa6G4julWzOl1W0=
Subject key identifier:   1F:39:19:1C:EC:70:6E:3D:E9:86:67:FD:E8:07:28:27:11:26:AD:E0
Authority key identifier: DD:38:73:30:3D:2D:6E:23:8A:5B:D8:5E:D5:86:7B:64:31:58:FC:14
Certificate issuer:       /CN=dd3873303d2d6e238a5bd85ed5867b643158fc14
Certificate serial:       019A72CA42DADD4DFAB398AB62AC1456BE4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft
Manifest number:          DB
Signing time:             Tue 11 Nov 2025 12:00:49 +0000
Manifest this update:     Tue 11 Nov 2025 12:00:49 +0000
Manifest next update:     Wed 12 Nov 2025 12:00:49 +0000
Files and hashes:         1: 3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl (hash: L7/evtig4twS4u7hKBFVWLyPiZIkn8tB3gzfEPrary8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:42:da:dd:4d:fa:b3:98:ab:62:ac:14:56:be:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd3873303d2d6e238a5bd85ed5867b643158fc14
        Validity
            Not Before: Nov 11 12:00:49 2025 GMT
            Not After : Nov 12 12:00:49 2025 GMT
        Subject: CN=1f39191cec706e3de98667fde80728271126ade0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0d:db:59:7d:c1:8f:b0:c9:e8:53:9a:07:23:
                    e0:7d:d8:f7:5a:80:e3:2e:b5:b0:a9:9e:82:51:54:
                    24:98:49:c0:d1:65:02:a2:08:d9:32:5b:10:84:26:
                    ad:29:ed:b4:40:06:5a:1d:92:f0:91:db:06:75:0e:
                    3d:02:97:cf:09:c2:7c:e4:47:a9:49:55:54:7e:6f:
                    e4:66:13:18:36:33:8c:05:82:07:fe:e1:d4:cb:33:
                    e6:c3:93:3e:2a:0c:50:77:0c:09:16:7e:ca:d8:ae:
                    c7:5e:0f:a6:0f:f0:40:4d:17:e7:2f:bf:f5:74:ca:
                    79:b1:dd:bf:3e:d0:b2:8f:a0:88:b8:7e:97:34:5a:
                    3b:5a:df:86:0b:ad:64:ac:7d:fb:c6:4c:df:78:17:
                    98:84:2e:a9:fc:23:52:7f:76:f5:96:1f:90:c4:89:
                    59:1a:80:46:5c:97:d6:fb:88:1b:2b:1d:f0:88:77:
                    61:64:28:bd:a0:e9:91:d1:67:f5:c4:99:7a:57:c4:
                    95:8c:3f:3b:d7:1e:65:9f:91:a4:ad:60:05:08:6e:
                    65:4b:da:7e:6c:84:f1:69:24:d5:d6:f9:58:83:c2:
                    be:44:f5:04:22:45:a6:f3:92:86:e2:52:31:41:94:
                    a4:19:c9:c2:2a:05:78:17:51:11:a9:40:3c:df:4a:
                    e8:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:39:19:1C:EC:70:6E:3D:E9:86:67:FD:E8:07:28:27:11:26:AD:E0
            X509v3 Authority Key Identifier:
                keyid:DD:38:73:30:3D:2D:6E:23:8A:5B:D8:5E:D5:86:7B:64:31:58:FC:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5e28da-32e1-40b9-bb30-d3db277ecdfa/1/3ThzMD0tbiOKW9he1YZ7ZDFY_BQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:c3:fd:3a:be:73:80:15:d5:ba:e2:5c:39:7c:6d:18:47:71:
         40:4c:04:a7:00:bf:33:d0:4c:8e:44:7c:79:ee:8b:4a:8b:6c:
         b5:38:67:b9:cf:2a:6a:08:49:85:ee:bf:d9:95:9f:c8:60:f2:
         64:67:79:0b:a3:cb:f9:a6:d4:54:f6:c5:39:b2:eb:f0:5a:3f:
         e1:1d:2b:5d:78:05:6c:fd:1d:38:6d:e7:10:99:52:b0:df:4e:
         f4:16:fa:bb:a4:20:8c:97:d2:3f:26:65:0f:99:86:9e:46:6d:
         0a:04:14:4d:dc:4f:a3:a0:2f:0d:6f:4b:bc:9f:45:30:9c:6c:
         60:9e:a3:c0:3f:25:bc:c9:d6:1c:ce:8e:00:52:49:ad:37:3b:
         15:de:f2:f2:6f:2e:95:0e:35:0f:83:80:09:78:19:7f:aa:7a:
         3f:98:47:92:03:6d:d7:91:59:e8:19:d5:b6:d2:bf:b7:f2:95:
         eb:4e:4f:bb:8a:a1:2c:89:d1:f2:73:21:59:29:f6:20:8e:04:
         01:42:73:21:d9:81:b1:9e:eb:70:87:73:fd:da:df:48:86:ef:
         c8:64:50:f9:62:f1:f9:2a:9a:56:61:99:3d:99:90:bb:a0:7f:
         af:73:c7:45:eb:42:ee:1e:10:e9:5d:f7:81:e7:4c:7e:81:ba:
         d7:e0:75:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyykLa3U36s5irYqwUVr5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzg3MzMwM2QyZDZlMjM4YTViZDg1ZWQ1ODY3YjY0MzE1
OGZjMTQwHhcNMjUxMTExMTIwMDQ5WhcNMjUxMTEyMTIwMDQ5WjAzMTEwLwYDVQQD
EygxZjM5MTkxY2VjNzA2ZTNkZTk4NjY3ZmRlODA3MjgyNzExMjZhZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA3bWX3Bj7DJ6FOaByPgfdj3WoDj
LrWwqZ6CUVQkmEnA0WUCogjZMlsQhCatKe20QAZaHZLwkdsGdQ49ApfPCcJ85Eep
SVVUfm/kZhMYNjOMBYIH/uHUyzPmw5M+KgxQdwwJFn7K2K7HXg+mD/BATRfnL7/1
dMp5sd2/PtCyj6CIuH6XNFo7Wt+GC61krH37xkzfeBeYhC6p/CNSf3b1lh+QxIlZ
GoBGXJfW+4gbKx3wiHdhZCi9oOmR0Wf1xJl6V8SVjD871x5ln5GkrWAFCG5lS9p+
bITxaSTV1vlYg8K+RPUEIkWm85KG4lIxQZSkGcnCKgV4F1ERqUA830roxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB85GRzscG496YZn/egHKCcRJq3gMB8GA1UdIwQY
MBaAFN04czA9LW4jilvYXtWGe2QxWPwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC81ZTI4ZGEtMzJlMS00MGI5LWJiMzAt
ZDNkYjI3N2VjZGZhLzEvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC81ZTI4ZGEtMzJlMS00MGI5LWJiMzAtZDNkYjI3N2VjZGZh
LzEvM1Roek1EMHRiaU9LVzloZTFZWjdaREZZX0JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjsP9Or5z
gBXVuuJcOXxtGEdxQEwEpwC/M9BMjkR8ee6LSotstThnuc8qaghJhe6/2ZWfyGDy
ZGd5C6PL+abUVPbFObLr8Fo/4R0rXXgFbP0dOG3nEJlSsN9O9Bb6u6QgjJfSPyZl
D5mGnkZtCgQUTdxPo6AvDW9LvJ9FMJxsYJ6jwD8lvMnWHM6OAFJJrTc7Fd7y8m8u
lQ41D4OACXgZf6p6P5hHkgNt15FZ6BnVttK/t/KV605Pu4qhLInR8nMhWSn2II4E
AUJzIdmBsZ7rcIdz/drfSIbvyGRQ+WLx+SqaVmGZPZmQu6B/r3PHRetC7h4Q6V33
gedMfoG61+B1jQ==
-----END CERTIFICATE-----