Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
File:                     jR3ulkqib4m9ECJ21GVjP7guqig.mft (raw, json)
Hash identifier:          cHEmkGcOrntjhojAong440y6cADMNq+6h8SnoclyqAs=
Subject key identifier:   2D:17:4C:22:D1:73:96:6A:92:84:AE:34:78:3B:7B:AE:AA:DB:0D:65
Authority key identifier: 8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28
Certificate issuer:       /CN=8d1dee964aa26f89bd102276d465633fb82eaa28
Certificate serial:       019A706E19F709D229AFD068B5BE3A795F64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
Manifest number:          0B7E
Signing time:             Tue 11 Nov 2025 01:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 01:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 01:00:55 +0000
Files and hashes:         1: jR3ulkqib4m9ECJ21GVjP7guqig.crl (hash: WbUhpzlDnm65T7qJdjivIfmLpskuVkf26zJItGfVsjU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:19:f7:09:d2:29:af:d0:68:b5:be:3a:79:5f:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1dee964aa26f89bd102276d465633fb82eaa28
        Validity
            Not Before: Nov 11 01:00:55 2025 GMT
            Not After : Nov 12 01:00:55 2025 GMT
        Subject: CN=2d174c22d173966a9284ae34783b7baeaadb0d65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ae:7f:a3:3c:79:ec:d6:25:2c:9e:79:fd:22:
                    ab:ed:c5:43:c5:77:8e:e9:8d:8b:ef:71:fa:8f:23:
                    f8:b6:91:d4:5c:8e:55:38:01:9e:da:36:ee:1b:bf:
                    09:f8:f2:37:a8:0f:62:3e:ab:f1:c8:e9:3e:83:ca:
                    70:7b:b0:95:46:8e:0f:10:2c:c7:cd:31:8f:b9:4c:
                    86:64:f1:86:2d:07:ea:3d:4d:25:89:cf:75:ef:fb:
                    c6:69:e0:63:c8:e2:47:10:0a:2f:cb:e4:75:81:0d:
                    5f:db:97:d1:e2:ec:f5:3b:92:be:cf:bc:1b:7f:60:
                    64:ef:3c:f6:cf:a6:81:52:72:87:ee:f8:50:19:62:
                    58:94:29:b0:00:1f:36:0c:b7:57:3d:fc:f5:7c:92:
                    ed:27:34:93:ec:94:94:d4:34:8e:96:3e:06:95:aa:
                    f5:ba:0d:24:14:8e:6d:4b:f6:34:e7:e3:ce:d5:c0:
                    c8:ab:7f:00:b9:88:24:a1:a8:c4:af:15:c5:6e:81:
                    3a:46:5c:c7:9d:b7:ce:10:dd:ce:56:96:d4:0a:51:
                    bf:7f:b3:b4:30:10:69:18:b7:b7:cf:e7:4b:4a:cc:
                    8a:da:4c:c7:ce:34:02:f4:41:2b:de:7b:d0:27:84:
                    3f:f7:d7:e0:9c:26:75:83:e1:0c:14:b0:b8:e5:c7:
                    9c:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:17:4C:22:D1:73:96:6A:92:84:AE:34:78:3B:7B:AE:AA:DB:0D:65
            X509v3 Authority Key Identifier:
                keyid:8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:20:67:6e:a6:96:88:0e:80:f3:b9:74:59:81:4e:cf:7c:d0:
         df:e4:b3:d5:7f:5c:14:4d:33:db:5a:64:86:12:41:63:81:bc:
         4a:02:ba:b8:53:67:6e:1e:1d:e1:2d:41:0a:0e:d3:a0:dd:6d:
         b1:20:2c:3e:4f:ee:b9:d9:67:3b:26:9b:47:5d:ba:8f:22:16:
         70:10:5e:9b:bd:45:af:aa:5d:2a:98:da:a7:73:f9:89:64:c8:
         94:1c:3e:3d:9d:63:6a:fe:73:7c:98:1c:17:1f:9d:87:15:25:
         2b:7a:aa:dd:f3:54:90:f7:99:dc:37:3b:b2:c7:a5:da:9f:dd:
         83:cb:90:d7:b3:a8:0a:fc:13:b5:66:dd:d9:c2:cf:a2:65:6a:
         0f:90:21:48:38:e7:fc:4b:12:14:94:31:60:51:58:c8:df:fb:
         a8:f4:3a:be:3c:47:f6:46:1c:98:6b:c4:4d:17:5b:ac:34:27:
         bb:2f:df:bf:1f:4a:e5:13:d0:61:9a:59:11:1f:d3:52:ab:f6:
         2f:9f:48:15:83:92:74:5f:c1:7a:dc:77:1d:fc:a3:b1:81:cd:
         32:c9:4d:10:8f:d6:de:0c:b1:04:28:50:a4:6b:ec:05:cc:a4:
         2e:7b:e5:d2:6a:11:5c:4d:17:b7:98:36:0d:d3:28:de:34:c5:
         02:35:03:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbhn3CdIpr9Botb46eV9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWRlZTk2NGFhMjZmODliZDEwMjI3NmQ0NjU2MzNmYjgy
ZWFhMjgwHhcNMjUxMTExMDEwMDU1WhcNMjUxMTEyMDEwMDU1WjAzMTEwLwYDVQQD
EygyZDE3NGMyMmQxNzM5NjZhOTI4NGFlMzQ3ODNiN2JhZWFhZGIwZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq5/ozx57NYlLJ55/SKr7cVDxXeO
6Y2L73H6jyP4tpHUXI5VOAGe2jbuG78J+PI3qA9iPqvxyOk+g8pwe7CVRo4PECzH
zTGPuUyGZPGGLQfqPU0lic917/vGaeBjyOJHEAovy+R1gQ1f25fR4uz1O5K+z7wb
f2Bk7zz2z6aBUnKH7vhQGWJYlCmwAB82DLdXPfz1fJLtJzST7JSU1DSOlj4Glar1
ug0kFI5tS/Y05+PO1cDIq38AuYgkoajErxXFboE6RlzHnbfOEN3OVpbUClG/f7O0
MBBpGLe3z+dLSsyK2kzHzjQC9EEr3nvQJ4Q/99fgnCZ1g+EMFLC45cec7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0XTCLRc5ZqkoSuNHg7e66q2w1lMB8GA1UdIwQY
MBaAFI0d7pZKom+JvRAidtRlYz+4LqooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYt
MjU5NDIwZDMyNDcyLzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYtMjU5NDIwZDMyNDcy
LzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdCBnbqaW
iA6A87l0WYFOz3zQ3+Sz1X9cFE0z21pkhhJBY4G8SgK6uFNnbh4d4S1BCg7ToN1t
sSAsPk/uudlnOyabR126jyIWcBBem71Fr6pdKpjap3P5iWTIlBw+PZ1jav5zfJgc
Fx+dhxUlK3qq3fNUkPeZ3Dc7ssel2p/dg8uQ17OoCvwTtWbd2cLPomVqD5AhSDjn
/EsSFJQxYFFYyN/7qPQ6vjxH9kYcmGvETRdbrDQnuy/fvx9K5RPQYZpZER/TUqv2
L59IFYOSdF/Betx3HfyjsYHNMslNEI/W3gyxBChQpGvsBcykLnvl0moRXE0Xt5g2
DdMo3jTFAjUDtw==
-----END CERTIFICATE-----