Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
File:                     3Mx29__HFoYLOtY56_kdxN1hMAA.mft (raw, json)
Hash identifier:          VwZ5R+Hch/Fr64C8JbQTYzvIKIIHvz/TtAcBmcKwuxI=
Subject key identifier:   58:3D:6C:BB:FB:98:48:C4:53:98:F2:45:21:B4:0E:89:9B:2E:02:76
Authority key identifier: DC:CC:76:F7:FF:C7:16:86:0B:3A:D6:39:EB:F9:1D:C4:DD:61:30:00
Certificate issuer:       /CN=dccc76f7ffc716860b3ad639ebf91dc4dd613000
Certificate serial:       019A71B8133C9746951FD52AE013DE999B3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
Manifest number:          0AE2
Signing time:             Tue 11 Nov 2025 07:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:20 +0000
Files and hashes:         1: 3Mx29__HFoYLOtY56_kdxN1hMAA.crl (hash: 1e9yGf+9ykP6ufNatm8uYawtNJzK7yLuvNlFWinPj7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:13:3c:97:46:95:1f:d5:2a:e0:13:de:99:9b:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dccc76f7ffc716860b3ad639ebf91dc4dd613000
        Validity
            Not Before: Nov 11 07:01:20 2025 GMT
            Not After : Nov 12 07:01:20 2025 GMT
        Subject: CN=583d6cbbfb9848c45398f24521b40e899b2e0276
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:6e:1e:41:e5:3a:74:c2:fd:f5:81:8f:1c:d4:
                    d1:08:55:9b:a2:71:d8:a9:1f:07:16:a1:1f:c3:3c:
                    8c:f6:da:09:90:b5:0e:fe:b2:15:d0:7c:b2:33:e2:
                    ce:d3:2a:63:1a:26:92:ee:8f:9e:8e:50:f5:c1:f7:
                    51:7f:67:8f:85:4d:29:6a:54:92:cd:8c:0e:da:33:
                    f5:1d:3f:a3:2d:2a:84:26:39:1c:17:0c:37:51:24:
                    d1:a2:76:04:d5:75:77:49:59:ea:85:ec:21:41:1c:
                    4f:31:91:61:4f:c7:5f:40:80:fd:d1:f2:bd:c5:89:
                    e7:f9:77:c1:6e:63:9a:0d:69:d8:0b:e4:c6:cc:63:
                    6c:b5:cc:89:39:6b:9b:90:17:fb:60:fa:46:3a:8b:
                    95:c6:bd:19:4d:7b:a0:aa:9d:9a:1f:30:05:cd:2e:
                    ad:2e:d5:e3:bb:54:80:08:e4:32:db:18:5b:89:c2:
                    c6:0a:a5:fc:47:3f:ce:f6:aa:98:7d:53:ab:18:7d:
                    7a:0d:04:70:d5:82:15:4e:8b:d6:89:39:e0:7e:03:
                    36:74:23:76:a3:c2:52:e7:f5:79:d9:bb:86:0a:e5:
                    44:7f:6e:71:f1:8a:06:16:39:98:f7:36:0e:84:e9:
                    63:29:9d:2f:36:9c:e7:cc:44:1d:5c:1c:7c:53:27:
                    54:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:3D:6C:BB:FB:98:48:C4:53:98:F2:45:21:B4:0E:89:9B:2E:02:76
            X509v3 Authority Key Identifier:
                keyid:DC:CC:76:F7:FF:C7:16:86:0B:3A:D6:39:EB:F9:1D:C4:DD:61:30:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:37:e7:46:88:7b:50:53:b7:b5:95:b1:dd:f2:ce:37:bc:44:
         45:4f:de:42:fa:f1:ba:ec:e8:3d:ad:de:2e:bc:1f:fc:cc:25:
         55:e3:63:c3:6d:b2:3f:fb:6e:7e:d5:0a:01:aa:16:47:76:d7:
         7a:98:e3:74:04:c8:a5:f6:ee:21:7d:d6:56:f5:95:74:bf:00:
         2b:be:d4:41:f1:de:e4:b8:3d:47:81:71:77:24:00:4e:8d:fa:
         ac:f5:85:a3:45:99:f2:90:10:86:c1:d8:b4:8b:d9:27:6e:04:
         42:ba:f0:aa:87:0a:dc:f3:71:7f:37:c4:ca:0e:9b:28:1c:5f:
         64:4e:79:6b:ae:ce:1a:55:80:e5:e7:1b:7e:9e:37:69:01:3b:
         29:cb:0f:c9:47:82:24:a4:06:93:bd:84:05:b8:d9:18:91:21:
         05:65:6c:2d:78:14:54:9e:dd:1e:79:b1:7a:49:56:b3:5d:fd:
         09:74:4a:b9:38:f3:d7:f1:79:d7:54:19:ad:52:5e:e5:d4:6a:
         b9:7d:d1:51:89:82:e3:a1:4f:25:9f:ae:3a:83:81:22:cc:05:
         b1:02:65:67:ae:dd:02:00:dd:49:33:fd:54:26:f1:71:79:1e:
         af:da:bf:5a:0f:7f:3b:db:e4:80:3c:6a:06:fa:0e:2f:7a:5b:
         96:8a:f3:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBM8l0aVH9Uq4BPemZs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2M3NmY3ZmZjNzE2ODYwYjNhZDYzOWViZjkxZGM0ZGQ2
MTMwMDAwHhcNMjUxMTExMDcwMTIwWhcNMjUxMTEyMDcwMTIwWjAzMTEwLwYDVQQD
Eyg1ODNkNmNiYmZiOTg0OGM0NTM5OGYyNDUyMWI0MGU4OTliMmUwMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp24eQeU6dML99YGPHNTRCFWbonHY
qR8HFqEfwzyM9toJkLUO/rIV0HyyM+LO0ypjGiaS7o+ejlD1wfdRf2ePhU0palSS
zYwO2jP1HT+jLSqEJjkcFww3USTRonYE1XV3SVnqhewhQRxPMZFhT8dfQID90fK9
xYnn+XfBbmOaDWnYC+TGzGNstcyJOWubkBf7YPpGOouVxr0ZTXugqp2aHzAFzS6t
LtXju1SACOQy2xhbicLGCqX8Rz/O9qqYfVOrGH16DQRw1YIVTovWiTngfgM2dCN2
o8JS5/V52buGCuVEf25x8YoGFjmY9zYOhOljKZ0vNpznzEQdXBx8UydUbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFg9bLv7mEjEU5jyRSG0DombLgJ2MB8GA1UdIwQY
MBaAFNzMdvf/xxaGCzrWOev5HcTdYTAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8xOGE2N2UtN2NiZC00YzQ1LTg4OWMt
YWU3Yjg5MTc0NzEwLzEvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8xOGE2N2UtN2NiZC00YzQ1LTg4OWMtYWU3Yjg5MTc0NzEw
LzEvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdzfnRoh7
UFO3tZWx3fLON7xERU/eQvrxuuzoPa3eLrwf/MwlVeNjw22yP/tuftUKAaoWR3bX
epjjdATIpfbuIX3WVvWVdL8AK77UQfHe5Lg9R4FxdyQATo36rPWFo0WZ8pAQhsHY
tIvZJ24EQrrwqocK3PNxfzfEyg6bKBxfZE55a67OGlWA5ecbfp43aQE7KcsPyUeC
JKQGk72EBbjZGJEhBWVsLXgUVJ7dHnmxeklWs139CXRKuTjz1/F511QZrVJe5dRq
uX3RUYmC46FPJZ+uOoOBIswFsQJlZ67dAgDdSTP9VCbxcXker9q/Wg9/O9vkgDxq
BvoOL3pblorzHA==
-----END CERTIFICATE-----