Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
File:                     3XF0IQf16FBis-CuZa-kuuZw4Es.mft (raw, json)
Hash identifier:          C1pZ0ghR+5Aq0qRV1Ves6fy1W0ATAO+d5qnAI874MMY=
Subject key identifier:   E3:29:F6:4E:31:5C:C4:CE:0F:36:6C:9F:DF:93:7E:C2:7A:12:EE:9A
Authority key identifier: DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B
Certificate issuer:       /CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
Certificate serial:       019A7301060CDCE91A8CAF978B9583B238E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
Manifest number:          05A0
Signing time:             Tue 11 Nov 2025 13:00:37 +0000
Manifest this update:     Tue 11 Nov 2025 13:00:37 +0000
Manifest next update:     Wed 12 Nov 2025 13:00:37 +0000
Files and hashes:         1: 3XF0IQf16FBis-CuZa-kuuZw4Es.crl (hash: BxvJ8fKZv091nHU5lT5dOXQDF5jKtr9cdFc1//RN1OU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:06:0c:dc:e9:1a:8c:af:97:8b:95:83:b2:38:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
        Validity
            Not Before: Nov 11 13:00:37 2025 GMT
            Not After : Nov 12 13:00:37 2025 GMT
        Subject: CN=e329f64e315cc4ce0f366c9fdf937ec27a12ee9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:2a:1a:1a:51:af:2e:bd:62:11:cd:7c:91:f0:
                    64:e3:fa:bc:94:a8:df:9c:a7:32:2d:c4:6a:8c:a0:
                    80:4a:3e:9b:d0:fe:ad:9f:b4:51:a4:70:8a:42:ef:
                    9b:78:9b:06:ea:3b:96:68:8d:af:9f:04:80:19:0d:
                    d2:a4:5f:5a:2b:33:1b:5a:de:8a:43:0f:88:b4:56:
                    1f:29:0b:d9:1f:1c:b3:79:da:c1:10:43:c8:3e:92:
                    e7:26:16:c8:89:a7:35:a6:47:a2:1c:55:e5:04:d8:
                    6f:dc:da:d6:3f:a8:11:c9:4e:71:4d:4c:bd:c0:bc:
                    34:fa:8c:9a:59:13:18:2a:f2:01:24:3b:a6:e3:a6:
                    4f:a4:6f:37:4f:90:e3:2c:b6:d1:77:04:79:2a:29:
                    ec:70:da:5a:99:4c:b4:c9:d9:c4:38:56:7d:da:d1:
                    e3:02:62:77:ce:30:fd:99:e5:99:8d:8d:75:4f:63:
                    8b:b8:b2:97:3a:cc:16:a8:da:d4:b2:c0:e7:1b:08:
                    5d:73:8b:c0:3e:86:9e:62:a8:99:97:b0:c9:eb:a0:
                    0e:6b:39:a4:6a:36:e0:3f:14:d4:cb:20:e3:4f:66:
                    f0:af:36:39:52:ed:8f:30:0e:49:99:79:18:3a:ed:
                    37:5e:33:5b:1e:55:2d:83:37:7d:b4:ac:ff:dc:34:
                    44:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:29:F6:4E:31:5C:C4:CE:0F:36:6C:9F:DF:93:7E:C2:7A:12:EE:9A
            X509v3 Authority Key Identifier:
                keyid:DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:40:95:a5:0c:93:09:9e:69:b2:2b:ef:04:a0:26:0e:5e:e6:
         db:2d:45:a3:71:e8:5b:a9:e8:8d:67:a3:09:db:83:d1:8f:43:
         ba:31:31:ac:b1:35:a1:c9:74:12:09:55:dd:0a:1a:59:d6:26:
         72:36:91:41:cb:05:91:ea:46:9c:e0:51:03:d6:74:23:79:2f:
         5b:5e:b5:8d:16:c0:d9:36:b8:f5:e6:08:df:82:26:50:12:0d:
         81:ac:6f:c1:39:b2:a4:64:8a:6e:c6:ca:13:bf:93:4a:d6:a5:
         7e:46:80:ef:8b:b4:c3:65:49:57:c0:ce:9f:28:72:b2:a0:ac:
         1c:db:f9:20:9e:c6:54:28:7c:6f:e5:89:0a:f0:a4:7f:6c:18:
         80:84:69:90:ee:a2:ee:7f:b7:a1:41:8e:4e:5a:91:44:3c:e6:
         f3:f6:4e:21:f8:e9:ba:75:71:b1:31:9f:2a:a0:a3:9a:18:4a:
         47:70:63:4a:30:cc:4b:3a:ab:70:8a:b8:59:b6:ba:08:b4:94:
         60:5b:c1:b5:c8:5c:ab:f1:a9:4e:9d:2a:7d:31:b9:53:ee:26:
         e2:2f:5e:c1:a7:4e:54:85:b0:7d:90:d7:05:46:c9:9f:a8:85:
         60:94:b1:7b:29:61:f7:ab:6f:96:2d:6f:2f:6b:00:d1:4b:2a:
         a5:e0:17:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAQYM3OkajK+Xi5WDsjjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzE3NDIxMDdmNWU4NTA2MmIzZTBhZTY1YWZhNGJhZTY3
MGUwNGIwHhcNMjUxMTExMTMwMDM3WhcNMjUxMTEyMTMwMDM3WjAzMTEwLwYDVQQD
EyhlMzI5ZjY0ZTMxNWNjNGNlMGYzNjZjOWZkZjkzN2VjMjdhMTJlZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSoaGlGvLr1iEc18kfBk4/q8lKjf
nKcyLcRqjKCASj6b0P6tn7RRpHCKQu+beJsG6juWaI2vnwSAGQ3SpF9aKzMbWt6K
Qw+ItFYfKQvZHxyzedrBEEPIPpLnJhbIiac1pkeiHFXlBNhv3NrWP6gRyU5xTUy9
wLw0+oyaWRMYKvIBJDum46ZPpG83T5DjLLbRdwR5KinscNpamUy0ydnEOFZ92tHj
AmJ3zjD9meWZjY11T2OLuLKXOswWqNrUssDnGwhdc4vAPoaeYqiZl7DJ66AOazmk
ajbgPxTUyyDjT2bwrzY5Uu2PMA5JmXkYOu03XjNbHlUtgzd9tKz/3DREawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMp9k4xXMTODzZsn9+TfsJ6Eu6aMB8GA1UdIwQY
MBaAFN1xdCEH9ehQYrPgrmWvpLrmcOBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTct
YTc3MDZiYTMwODg5LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTctYTc3MDZiYTMwODg5
LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZUCVpQyT
CZ5psivvBKAmDl7m2y1Fo3HoW6nojWejCduD0Y9DujExrLE1ocl0EglV3QoaWdYm
cjaRQcsFkepGnOBRA9Z0I3kvW161jRbA2Ta49eYI34ImUBINgaxvwTmypGSKbsbK
E7+TStalfkaA74u0w2VJV8DOnyhysqCsHNv5IJ7GVCh8b+WJCvCkf2wYgIRpkO6i
7n+3oUGOTlqRRDzm8/ZOIfjpunVxsTGfKqCjmhhKR3BjSjDMSzqrcIq4Wba6CLSU
YFvBtchcq/GpTp0qfTG5U+4m4i9ewadOVIWwfZDXBUbJn6iFYJSxeylh96tvli1v
L2sA0UsqpeAXvg==
-----END CERTIFICATE-----