Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft
File:                     D1pCPdyX3TDeyLhnPCSWjic3JnY.mft (raw, json)
Hash identifier:          Og5Oclt9VcBJl/+mdUFEPe/BPapQelZ58AE+In/0P4Q=
Subject key identifier:   74:C6:3B:D4:36:14:76:ED:6E:39:9E:E2:13:8A:24:81:1D:DA:63:38
Authority key identifier: 0F:5A:42:3D:DC:97:DD:30:DE:C8:B8:67:3C:24:96:8E:27:37:26:76
Certificate issuer:       /CN=0f5a423ddc97dd30dec8b8673c24968e27372676
Certificate serial:       019A7293D3C19A22AC8035551B9E6351F09B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft
Manifest number:          01E3
Signing time:             Tue 11 Nov 2025 11:01:21 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:21 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:21 +0000
Files and hashes:         1: D1pCPdyX3TDeyLhnPCSWjic3JnY.crl (hash: OWItsSxxzH9flpLSYhJ9nx4PgQop4jdOOyYzCPwWuMc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:d3:c1:9a:22:ac:80:35:55:1b:9e:63:51:f0:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f5a423ddc97dd30dec8b8673c24968e27372676
        Validity
            Not Before: Nov 11 11:01:21 2025 GMT
            Not After : Nov 12 11:01:21 2025 GMT
        Subject: CN=74c63bd4361476ed6e399ee2138a24811dda6338
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b5:82:89:26:b2:7b:f4:3a:80:73:e1:75:b2:
                    48:79:7b:9c:bc:b3:5a:dc:19:54:cb:c3:18:0c:81:
                    b9:25:ed:5d:49:ec:07:88:71:91:58:37:29:59:16:
                    be:52:45:5e:ad:de:81:3a:0d:f4:03:21:96:9c:13:
                    2e:35:93:dd:ff:f8:f2:46:10:61:60:da:99:40:db:
                    26:d8:73:e3:f4:08:35:fa:48:c6:2c:5d:e0:01:62:
                    2b:6d:a3:e7:86:f9:51:db:82:ec:93:fe:64:2f:4a:
                    d4:87:4e:8f:48:ee:ea:63:76:e0:97:75:b0:15:96:
                    44:7d:37:3f:20:2e:98:6e:61:84:5b:f7:8c:ab:f9:
                    82:b9:86:d3:2a:3a:6b:d0:b4:01:9b:76:f3:27:ea:
                    cb:63:41:4e:a6:25:bb:1e:44:b9:e2:2e:95:f0:9d:
                    5e:50:c3:40:66:bd:fd:02:71:d9:33:a9:77:1d:a4:
                    07:82:26:05:a3:34:f9:af:7e:ee:e6:b8:f1:60:03:
                    35:eb:2c:c4:a6:bf:c7:80:12:45:e3:4a:8b:40:a3:
                    10:ea:c0:b9:0b:51:c6:24:5a:20:06:e8:14:ab:35:
                    4f:38:79:b6:ad:7d:30:4a:1f:c1:c7:bd:bb:47:df:
                    e8:32:b2:45:29:37:42:44:a9:e7:e0:c7:13:21:65:
                    49:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:C6:3B:D4:36:14:76:ED:6E:39:9E:E2:13:8A:24:81:1D:DA:63:38
            X509v3 Authority Key Identifier:
                keyid:0F:5A:42:3D:DC:97:DD:30:DE:C8:B8:67:3C:24:96:8E:27:37:26:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:9c:46:1b:9a:2f:55:77:c6:e3:44:a1:09:5b:d8:5f:16:85:
         dc:62:9e:4c:89:23:be:56:0c:6d:0d:f7:eb:bd:79:d8:ae:37:
         84:53:21:ba:ea:d7:08:33:91:18:b7:ba:b3:e0:8a:73:e0:39:
         e2:df:3c:56:2a:4c:16:a7:00:28:12:7f:72:5b:2f:f9:69:24:
         9e:d2:6b:a1:f7:d5:7a:bc:3f:57:02:72:e9:34:b8:8a:7b:b1:
         21:3e:26:21:ca:f1:c9:81:54:07:58:ed:cc:a7:6e:00:fe:9d:
         04:e3:24:04:87:15:95:ed:fe:e0:8a:ef:bb:a8:46:bf:8a:3b:
         e8:1b:eb:4e:80:bd:61:f8:04:09:52:87:c7:3e:72:b9:64:05:
         dc:77:80:fb:ce:db:42:b3:f5:20:bc:14:c0:64:2c:ee:4e:3a:
         65:bd:5c:cc:07:41:8c:36:1d:27:b6:4c:f3:a8:76:31:57:93:
         06:db:2f:2c:bf:ca:da:49:7b:f3:c0:e8:bc:11:21:f5:73:e3:
         1b:d2:40:3a:26:8f:ed:7b:b9:ec:1a:6b:87:25:de:ad:c8:5c:
         aa:76:5b:89:16:4f:fa:fb:1d:ee:a6:d3:97:01:64:55:62:45:
         a1:0d:7e:79:a5:70:02:11:01:75:37:e4:27:a9:25:aa:c6:49:
         77:9a:65:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk9PBmiKsgDVVG55jUfCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNWE0MjNkZGM5N2RkMzBkZWM4Yjg2NzNjMjQ5NjhlMjcz
NzI2NzYwHhcNMjUxMTExMTEwMTIxWhcNMjUxMTEyMTEwMTIxWjAzMTEwLwYDVQQD
Eyg3NGM2M2JkNDM2MTQ3NmVkNmUzOTllZTIxMzhhMjQ4MTFkZGE2MzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrWCiSaye/Q6gHPhdbJIeXucvLNa
3BlUy8MYDIG5Je1dSewHiHGRWDcpWRa+UkVerd6BOg30AyGWnBMuNZPd//jyRhBh
YNqZQNsm2HPj9Ag1+kjGLF3gAWIrbaPnhvlR24Lsk/5kL0rUh06PSO7qY3bgl3Ww
FZZEfTc/IC6YbmGEW/eMq/mCuYbTKjpr0LQBm3bzJ+rLY0FOpiW7HkS54i6V8J1e
UMNAZr39AnHZM6l3HaQHgiYFozT5r37u5rjxYAM16yzEpr/HgBJF40qLQKMQ6sC5
C1HGJFogBugUqzVPOHm2rX0wSh/Bx727R9/oMrJFKTdCRKnn4McTIWVJUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTGO9Q2FHbtbjme4hOKJIEd2mM4MB8GA1UdIwQY
MBaAFA9aQj3cl90w3si4Zzwklo4nNyZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zN2NkNTAtNTc2OS00Y2RkLTk1ZWEt
Y2Y4OWJlNWE1ZmVhLzEvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zN2NkNTAtNTc2OS00Y2RkLTk1ZWEtY2Y4OWJlNWE1ZmVh
LzEvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH5xGG5ov
VXfG40ShCVvYXxaF3GKeTIkjvlYMbQ3367152K43hFMhuurXCDORGLe6s+CKc+A5
4t88VipMFqcAKBJ/clsv+WkkntJroffVerw/VwJy6TS4inuxIT4mIcrxyYFUB1jt
zKduAP6dBOMkBIcVle3+4Irvu6hGv4o76BvrToC9YfgECVKHxz5yuWQF3HeA+87b
QrP1ILwUwGQs7k46Zb1czAdBjDYdJ7ZM86h2MVeTBtsvLL/K2kl788DovBEh9XPj
G9JAOiaP7Xu57BprhyXerchcqnZbiRZP+vsd7qbTlwFkVWJFoQ1+eaVwAhEBdTfk
J6klqsZJd5plsw==
-----END CERTIFICATE-----