Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
File:                     3rwtwyLztJZucDtdjIi3FvDZsOk.mft (raw, json)
Hash identifier:          /yJ4JluIzd2E9n/6MI6YuxW21LfHUPaKlULyiZ9TMbw=
Subject key identifier:   1F:B3:19:92:FD:D8:0B:95:C7:7F:69:7E:89:83:EF:F5:18:5D:DC:65
Authority key identifier: DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9
Certificate issuer:       /CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
Certificate serial:       019A1EADACBB9F9A04B6699ABE945F826E0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
Manifest number:          14B2
Signing time:             Sun 26 Oct 2025 04:01:29 +0000
Manifest this update:     Sun 26 Oct 2025 04:01:29 +0000
Manifest next update:     Mon 27 Oct 2025 04:01:29 +0000
Files and hashes:         1: 3rwtwyLztJZucDtdjIi3FvDZsOk.crl (hash: QhE1nrKz5XxbAUAz6FLVJcIf9H+VMmszYT3yDpQm81Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 03:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:1e:ad:ac:bb:9f:9a:04:b6:69:9a:be:94:5f:82:6e:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
        Validity
            Not Before: Oct 26 04:01:29 2025 GMT
            Not After : Oct 27 04:01:29 2025 GMT
        Subject: CN=1fb31992fdd80b95c77f697e8983eff5185ddc65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e7:54:fd:49:4e:d4:ae:85:4f:40:b0:7a:44:
                    1d:1a:cd:4e:33:4b:9c:a7:ff:0b:6f:50:42:ea:ad:
                    11:04:85:7d:af:6b:77:30:a5:78:21:81:61:b4:4c:
                    6d:5b:b3:24:f9:b9:80:c2:9b:bb:b9:04:8c:ee:7e:
                    72:f1:90:18:02:78:4a:65:97:66:59:16:9d:34:bb:
                    87:37:ea:3e:a4:9d:e1:c0:6a:a5:6b:74:35:b9:34:
                    d7:bc:2e:5c:ef:7f:c4:cf:2a:a7:06:32:9d:54:bd:
                    9c:9d:cb:17:16:0c:7e:06:ed:85:50:5f:f1:7f:8b:
                    29:aa:67:99:60:28:33:b8:8f:30:ca:8f:e9:fc:3f:
                    1f:68:6c:c8:e9:d9:cd:ce:4c:e3:56:af:06:72:ee:
                    91:9a:cd:2d:3b:83:64:d5:1d:30:0c:12:2f:3e:98:
                    7b:32:53:38:60:b8:f0:99:12:cb:e5:01:0d:22:f0:
                    c1:de:68:30:e2:0c:92:10:f3:f3:f0:05:05:96:67:
                    6f:d7:e7:2f:da:1a:de:8b:fe:af:44:3e:52:c2:f2:
                    7c:3f:d2:96:00:b6:19:08:e3:31:05:ac:4c:45:4e:
                    e5:4c:25:eb:8a:34:44:b2:53:ba:5b:90:e1:8b:49:
                    b1:bb:d1:f3:25:27:6d:f8:58:a9:5d:e7:a3:3c:db:
                    34:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:B3:19:92:FD:D8:0B:95:C7:7F:69:7E:89:83:EF:F5:18:5D:DC:65
            X509v3 Authority Key Identifier:
                keyid:DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:7b:d8:41:89:3e:ab:a4:18:3a:a4:5e:61:98:c0:06:25:69:
         94:ea:34:2f:5d:7e:12:fa:0a:c3:58:40:20:e3:b6:55:7a:de:
         bd:f9:29:d8:96:ff:03:eb:49:e9:4d:fc:99:c7:43:0e:20:6a:
         07:df:9d:ba:fb:a3:31:bf:c3:cb:54:d8:fb:1b:d4:3f:a3:99:
         de:56:0a:24:a4:8a:76:cb:12:45:cc:89:1f:21:87:11:73:4b:
         1a:79:5a:f4:7d:97:45:12:ef:7f:91:ff:0c:02:04:80:ca:af:
         57:9b:53:b0:5e:a9:fb:f6:02:43:2a:c5:5f:9e:85:6c:3a:ca:
         15:39:29:34:0d:94:1c:ce:4d:84:01:65:cb:58:22:2a:24:b5:
         a2:4a:ac:68:b3:0c:15:9a:fe:b8:40:ea:61:38:35:d2:5c:61:
         12:e8:b9:db:c4:d1:61:d4:1e:02:1a:37:49:fb:7a:01:fe:e1:
         ac:6b:92:63:0e:f1:b3:c5:35:ad:c8:1c:b1:48:34:bf:88:27:
         76:e6:9d:ef:94:3b:d5:9b:d2:b9:54:17:23:ac:1a:d6:db:0e:
         7f:ae:ef:44:86:9b:a9:b4:9c:91:85:4a:3e:30:47:ad:37:73:
         d0:1b:5c:20:d4:e4:56:46:69:b0:61:8f:84:c0:38:44:60:e4:
         95:06:86:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoeray7n5oEtmmavpRfgm4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYmMyZGMzMjJmM2I0OTY2ZTcwM2I1ZDhjODhiNzE2ZjBk
OWIwZTkwHhcNMjUxMDI2MDQwMTI5WhcNMjUxMDI3MDQwMTI5WjAzMTEwLwYDVQQD
EygxZmIzMTk5MmZkZDgwYjk1Yzc3ZjY5N2U4OTgzZWZmNTE4NWRkYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnudU/UlO1K6FT0CwekQdGs1OM0uc
p/8Lb1BC6q0RBIV9r2t3MKV4IYFhtExtW7Mk+bmAwpu7uQSM7n5y8ZAYAnhKZZdm
WRadNLuHN+o+pJ3hwGqla3Q1uTTXvC5c73/EzyqnBjKdVL2cncsXFgx+Bu2FUF/x
f4spqmeZYCgzuI8wyo/p/D8faGzI6dnNzkzjVq8Gcu6Rms0tO4Nk1R0wDBIvPph7
MlM4YLjwmRLL5QENIvDB3mgw4gySEPPz8AUFlmdv1+cv2hrei/6vRD5SwvJ8P9KW
ALYZCOMxBaxMRU7lTCXrijREslO6W5Dhi0mxu9HzJSdt+FipXeejPNs0gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+zGZL92AuVx39pfomD7/UYXdxlMB8GA1UdIwQY
MBaAFN68LcMi87SWbnA7XYyItxbw2bDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2Mt
ZTg4ZTFhNjY4YmU0LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2MtZTg4ZTFhNjY4YmU0
LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHHvYQYk+
q6QYOqReYZjABiVplOo0L11+EvoKw1hAIOO2VXrevfkp2Jb/A+tJ6U38mcdDDiBq
B9+duvujMb/Dy1TY+xvUP6OZ3lYKJKSKdssSRcyJHyGHEXNLGnla9H2XRRLvf5H/
DAIEgMqvV5tTsF6p+/YCQyrFX56FbDrKFTkpNA2UHM5NhAFly1giKiS1okqsaLMM
FZr+uEDqYTg10lxhEui528TRYdQeAho3Sft6Af7hrGuSYw7xs8U1rcgcsUg0v4gn
duad75Q71ZvSuVQXI6wa1tsOf67vRIabqbSckYVKPjBHrTdz0BtcINTkVkZpsGGP
hMA4RGDklQaGXw==
-----END CERTIFICATE-----