Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.mft
File:                     3xgOBUPUcdzw2Dhg1r5jlcK4iIg.mft (raw, json)
Hash identifier:          caxcW/kjoK6HEEj/kYOwiCkFw/zZUcKtw8U9Wn4KzXw=
Subject key identifier:   29:0D:16:93:5B:0B:7A:DD:1E:79:65:D8:3F:C2:30:78:B3:DC:4B:91
Authority key identifier: DF:18:0E:05:43:D4:71:DC:F0:D8:38:60:D6:BE:63:95:C2:B8:88:88
Certificate issuer:       /CN=df180e0543d471dcf0d83860d6be6395c2b88888
Certificate serial:       019A71B88B91F7F145EBF4129BEC9CA5AD11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.mft
Manifest number:          0A7B
Signing time:             Tue 11 Nov 2025 07:01:50 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:50 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:50 +0000
Files and hashes:         1: 3xgOBUPUcdzw2Dhg1r5jlcK4iIg.crl (hash: 1Ce9zaRXNIXlu/RIv/vvwgUv06gNEgLMrXiIwiLEr7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:8b:91:f7:f1:45:eb:f4:12:9b:ec:9c:a5:ad:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df180e0543d471dcf0d83860d6be6395c2b88888
        Validity
            Not Before: Nov 11 07:01:50 2025 GMT
            Not After : Nov 12 07:01:50 2025 GMT
        Subject: CN=290d16935b0b7add1e7965d83fc23078b3dc4b91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:b7:57:63:a3:60:31:e2:76:c9:cf:ba:4c:46:
                    45:80:47:7d:38:8e:89:2b:ae:21:e7:5e:01:c7:76:
                    3e:a6:60:cd:4b:3e:a3:3c:c5:74:14:65:66:56:9b:
                    e6:0c:3b:84:1e:02:46:96:b6:ff:c2:27:3f:c0:88:
                    6f:c6:80:51:7e:b8:0e:bd:e6:32:dc:88:e2:f2:42:
                    0f:96:c7:4f:2a:09:5e:b5:7d:f3:70:95:fc:46:c1:
                    1e:21:b8:f4:5b:3c:03:bb:12:8e:b4:40:06:af:77:
                    6d:61:c7:92:98:ce:54:4b:e5:2a:d3:da:a3:69:a2:
                    1d:69:15:78:bc:75:9b:55:a8:a0:c6:65:8d:e9:e1:
                    72:d2:c0:6a:e2:c0:87:d7:b8:0d:10:34:1a:1d:71:
                    26:ab:64:3b:1d:ef:8a:9d:90:d1:c3:41:cf:e4:71:
                    bd:41:c3:3b:bc:04:2a:06:90:b0:de:58:79:a6:29:
                    ec:38:19:48:f1:8c:1d:03:42:35:8b:2a:a7:a5:f6:
                    a7:8b:9f:9e:22:89:aa:c9:5c:35:e0:f3:f9:2b:ed:
                    72:d4:83:c8:e5:80:55:41:f2:fa:3f:d0:ba:2b:f4:
                    37:db:65:61:25:e7:e9:24:c1:59:f1:26:e1:88:0b:
                    6d:66:a2:78:63:ca:f5:ab:5d:30:0b:32:96:9f:ce:
                    af:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:0D:16:93:5B:0B:7A:DD:1E:79:65:D8:3F:C2:30:78:B3:DC:4B:91
            X509v3 Authority Key Identifier:
                keyid:DF:18:0E:05:43:D4:71:DC:F0:D8:38:60:D6:BE:63:95:C2:B8:88:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/30f410-82bb-411a-b2bc-c4b1446c0d8b/1/3xgOBUPUcdzw2Dhg1r5jlcK4iIg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:84:15:04:dd:f2:1e:8d:7d:1e:cc:ac:e9:2c:a1:a0:f5:88:
         fb:8c:8c:7d:22:2a:14:f1:d1:71:37:f7:51:fe:4a:dd:9b:90:
         68:38:a7:36:07:4b:e1:c8:f3:75:5f:3c:20:e7:3c:a1:13:f3:
         a0:50:27:59:c0:94:22:86:82:fa:44:d6:08:c5:31:87:66:a0:
         25:53:04:eb:0c:5f:06:77:85:5c:3d:ad:9b:06:24:5e:c3:be:
         ec:be:c5:91:2c:ef:d9:36:5b:d6:c2:3f:5b:1d:be:fa:0b:e6:
         3e:a4:0a:35:6b:1c:ad:09:24:db:0d:57:b5:31:af:e2:40:4f:
         b0:e6:e3:7b:66:30:c8:4a:86:60:10:ec:f9:0b:3b:9c:59:7c:
         6c:00:a3:98:06:b9:78:80:2b:e9:95:9e:c7:17:bf:14:ee:8c:
         8d:19:f8:51:0f:43:f6:e6:b7:a6:5d:68:3b:06:3a:3f:aa:c5:
         0a:e8:a6:22:3b:80:4a:a4:66:f0:41:61:79:ef:98:b9:65:08:
         18:6e:29:49:f9:e3:cb:cd:ba:91:a3:12:30:90:b9:31:8c:6d:
         9f:55:ab:43:e4:d6:cb:8f:66:44:6d:34:d3:13:a5:28:ca:a8:
         19:7d:f0:d3:4b:16:a2:f8:3e:3a:32:27:60:43:32:86:bf:eb:
         69:8b:4d:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIuR9/FF6/QSm+ycpa0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMTgwZTA1NDNkNDcxZGNmMGQ4Mzg2MGQ2YmU2Mzk1YzJi
ODg4ODgwHhcNMjUxMTExMDcwMTUwWhcNMjUxMTEyMDcwMTUwWjAzMTEwLwYDVQQD
EygyOTBkMTY5MzViMGI3YWRkMWU3OTY1ZDgzZmMyMzA3OGIzZGM0YjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rdXY6NgMeJ2yc+6TEZFgEd9OI6J
K64h514Bx3Y+pmDNSz6jPMV0FGVmVpvmDDuEHgJGlrb/wic/wIhvxoBRfrgOveYy
3Iji8kIPlsdPKgletX3zcJX8RsEeIbj0WzwDuxKOtEAGr3dtYceSmM5US+Uq09qj
aaIdaRV4vHWbVaigxmWN6eFy0sBq4sCH17gNEDQaHXEmq2Q7He+KnZDRw0HP5HG9
QcM7vAQqBpCw3lh5pinsOBlI8YwdA0I1iyqnpfani5+eIomqyVw14PP5K+1y1IPI
5YBVQfL6P9C6K/Q322VhJefpJMFZ8SbhiAttZqJ4Y8r1q10wCzKWn86vnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkNFpNbC3rdHnll2D/CMHiz3EuRMB8GA1UdIwQY
MBaAFN8YDgVD1HHc8Ng4YNa+Y5XCuIiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3hnT0JVUFVjZHp3MkRoZzFyNWpsY0s0aUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zMGY0MTAtODJiYi00MTFhLWIyYmMt
YzRiMTQ0NmMwZDhiLzEvM3hnT0JVUFVjZHp3MkRoZzFyNWpsY0s0aUlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8zMGY0MTAtODJiYi00MTFhLWIyYmMtYzRiMTQ0NmMwZDhi
LzEvM3hnT0JVUFVjZHp3MkRoZzFyNWpsY0s0aUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASYQVBN3y
Ho19Hsys6SyhoPWI+4yMfSIqFPHRcTf3Uf5K3ZuQaDinNgdL4cjzdV88IOc8oRPz
oFAnWcCUIoaC+kTWCMUxh2agJVME6wxfBneFXD2tmwYkXsO+7L7FkSzv2TZb1sI/
Wx2++gvmPqQKNWscrQkk2w1XtTGv4kBPsObje2YwyEqGYBDs+Qs7nFl8bACjmAa5
eIAr6ZWexxe/FO6MjRn4UQ9D9ua3pl1oOwY6P6rFCuimIjuASqRm8EFhee+YuWUI
GG4pSfnjy826kaMSMJC5MYxtn1WrQ+TWy49mRG000xOlKMqoGX3w00sWovg+OjIn
YEMyhr/raYtNlA==
-----END CERTIFICATE-----