Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          NcU/p7z5CyDvGNslpKb8O2m49WxVO9fmQ/fLBCSgZQY=
Subject key identifier:   B9:F0:06:3F:38:17:D3:C8:CD:AB:3C:35:48:21:CB:B7:C0:23:01:ED
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       019A71B88ACF573F3DD8ADC5A03CDB28F7A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0E11
Signing time:             Tue 11 Nov 2025 07:01:50 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:50 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:50 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: vGJPud33F1OUpho2rDQyuVCPot1gvFxwvnr/1xiOgJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:8a:cf:57:3f:3d:d8:ad:c5:a0:3c:db:28:f7:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Nov 11 07:01:50 2025 GMT
            Not After : Nov 12 07:01:50 2025 GMT
        Subject: CN=b9f0063f3817d3c8cdab3c354821cbb7c02301ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:65:e7:3e:02:c7:7e:33:41:a0:ee:eb:75:44:
                    96:aa:e0:04:76:66:65:f3:d7:08:05:bb:e8:01:8f:
                    8d:2c:44:57:46:47:80:79:fb:a8:5c:b9:20:8b:8d:
                    d6:7a:7a:87:d4:d6:fc:67:2f:9a:39:b9:3b:e8:78:
                    81:a8:76:f5:32:3c:61:4b:f4:7a:3e:b8:e7:f0:a2:
                    83:ac:75:49:d9:a3:d6:17:82:f9:4a:3b:8c:db:ea:
                    16:32:d0:8d:ea:a6:04:9d:0e:b8:1f:cb:96:81:3a:
                    e5:19:f8:84:9e:be:33:cc:ea:a8:0b:6c:9d:47:df:
                    8e:51:e9:f0:a5:d3:05:87:37:aa:22:e9:18:39:e3:
                    19:70:ad:02:8f:bc:c3:49:2f:25:95:06:9b:92:02:
                    71:6b:8d:95:c2:62:b6:57:a5:60:91:f8:47:a0:11:
                    5a:85:7a:48:e1:77:ee:65:51:4b:69:12:b7:a5:ca:
                    44:cd:c4:da:95:ce:25:f7:d4:a1:2b:2a:cf:57:87:
                    0e:28:46:76:df:d4:ca:70:e9:72:a0:a0:a7:24:8d:
                    b2:07:82:50:1e:24:34:1d:7e:52:e4:f7:cc:49:d6:
                    1b:1b:d7:84:c4:9f:40:2b:9b:12:47:4d:86:bf:ad:
                    6d:05:19:f8:19:3a:6d:ea:99:cb:36:a1:b0:53:c0:
                    54:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F0:06:3F:38:17:D3:C8:CD:AB:3C:35:48:21:CB:B7:C0:23:01:ED
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:61:d5:88:c7:cb:a5:0c:74:c1:00:36:9f:b1:93:5f:b4:f8:
         36:b7:fe:b6:57:13:91:ce:3c:d8:71:35:c9:7b:7d:3a:5b:7f:
         77:c0:cd:2c:29:09:97:e6:03:a5:c7:84:85:e6:31:b7:32:aa:
         06:ab:d7:24:db:be:20:1c:6a:7b:c2:5a:d7:e5:af:ba:2e:50:
         1a:c1:a0:08:67:4e:e7:af:01:f7:15:38:3a:8d:6b:a5:ed:84:
         97:51:60:c3:f7:13:2b:f8:f4:83:30:51:ad:e1:e1:0e:aa:46:
         e6:70:d7:ec:3c:9c:52:1e:77:78:d6:5b:c8:ac:68:0c:6e:e4:
         d9:6d:30:c7:e6:66:05:75:1e:0e:b2:71:16:e6:fb:b0:b7:53:
         4b:44:cb:93:5d:ee:86:60:fd:54:d4:2d:4e:37:7b:6b:93:97:
         1f:41:cf:63:bd:ad:11:a8:f4:05:db:0f:66:30:cc:64:47:cf:
         2c:c8:81:4a:24:9d:86:ed:20:6e:8a:6c:d1:36:90:7a:35:4e:
         48:6b:d6:00:6a:bf:b4:73:d2:91:c0:41:2e:eb:60:5f:ad:4f:
         cb:a5:a9:66:64:9e:15:18:3c:4b:dd:0c:0f:41:3f:62:c1:49:
         f8:61:47:81:d1:b2:9c:a8:fa:e6:45:29:be:d5:01:99:30:7c:
         f2:94:0e:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuIrPVz892K3FoDzbKPehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjUxMTExMDcwMTUwWhcNMjUxMTEyMDcwMTUwWjAzMTEwLwYDVQQD
EyhiOWYwMDYzZjM4MTdkM2M4Y2RhYjNjMzU0ODIxY2JiN2MwMjMwMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52XnPgLHfjNBoO7rdUSWquAEdmZl
89cIBbvoAY+NLERXRkeAefuoXLkgi43WenqH1Nb8Zy+aObk76HiBqHb1MjxhS/R6
Prjn8KKDrHVJ2aPWF4L5SjuM2+oWMtCN6qYEnQ64H8uWgTrlGfiEnr4zzOqoC2yd
R9+OUenwpdMFhzeqIukYOeMZcK0Cj7zDSS8llQabkgJxa42VwmK2V6VgkfhHoBFa
hXpI4XfuZVFLaRK3pcpEzcTalc4l99ShKyrPV4cOKEZ239TKcOlyoKCnJI2yB4JQ
HiQ0HX5S5PfMSdYbG9eExJ9AK5sSR02Gv61tBRn4GTpt6pnLNqGwU8BUYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnwBj84F9PIzas8NUghy7fAIwHtMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzGHViMfL
pQx0wQA2n7GTX7T4Nrf+tlcTkc482HE1yXt9Olt/d8DNLCkJl+YDpceEheYxtzKq
BqvXJNu+IBxqe8Ja1+Wvui5QGsGgCGdO568B9xU4Oo1rpe2El1Fgw/cTK/j0gzBR
reHhDqpG5nDX7DycUh53eNZbyKxoDG7k2W0wx+ZmBXUeDrJxFub7sLdTS0TLk13u
hmD9VNQtTjd7a5OXH0HPY72tEaj0BdsPZjDMZEfPLMiBSiSdhu0gbops0TaQejVO
SGvWAGq/tHPSkcBBLutgX61Py6WpZmSeFRg8S90MD0E/YsFJ+GFHgdGynKj65kUp
vtUBmTB88pQOGw==
-----END CERTIFICATE-----