Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
File:                     3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json)
Hash identifier:          wbyd8PHj9qQRqz87IMJBoWxNhr5aRcA0g7Xr/t4DFAE=
Subject key identifier:   20:21:25:14:44:CC:ED:B8:A6:B0:73:C0:D9:80:B3:03:9D:4A:6E:34
Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07
Certificate issuer:       /CN=de17fd66577b3ed358b3862a7dd980944a85d507
Certificate serial:       019A70DC287822026BD0FA381C20D39EAA03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
Manifest number:          02DD
Signing time:             Tue 11 Nov 2025 03:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:07 +0000
Files and hashes:         1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: ntfHnh1X3nX9dAnw3mRSiZtQcjG+T/KXVhm3RZJ07U4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:28:78:22:02:6b:d0:fa:38:1c:20:d3:9e:aa:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507
        Validity
            Not Before: Nov 11 03:01:07 2025 GMT
            Not After : Nov 12 03:01:07 2025 GMT
        Subject: CN=2021251444ccedb8a6b073c0d980b3039d4a6e34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:a5:48:d7:b9:40:61:89:06:9b:41:bb:2a:97:
                    f8:b5:ae:ad:ae:91:b5:1b:ef:dd:d0:2f:d7:26:97:
                    10:a5:23:e1:2d:08:ea:aa:3a:32:47:77:57:df:bf:
                    09:3a:e8:df:0f:e6:84:ca:47:1e:b8:2f:0a:c2:19:
                    e9:4b:73:e0:7c:f4:47:5c:5b:d1:c7:94:8b:d0:96:
                    96:6f:ce:40:ab:be:9d:b5:3a:f7:5b:7c:0e:d8:7b:
                    9c:97:fb:4f:48:53:19:60:49:93:b0:00:57:2a:71:
                    63:87:6b:c9:0c:16:3b:20:7d:ab:57:df:f1:ac:94:
                    fd:34:90:16:08:0c:d7:68:1c:a8:26:e5:01:db:b5:
                    c2:a8:e9:2c:c6:a6:db:77:5a:ac:23:96:86:90:22:
                    42:b7:33:ac:d4:80:3c:ec:c5:cf:c5:2b:11:60:e2:
                    c4:8b:98:dd:28:93:ab:b9:fc:28:b6:de:09:3c:98:
                    b5:fa:23:b1:4d:ef:e4:8f:b5:0a:c4:62:61:3b:42:
                    70:39:96:2d:6f:a1:2d:81:c8:93:10:38:2b:35:0a:
                    d5:f0:51:9b:9f:af:5e:7a:17:9b:f6:7c:63:92:9d:
                    45:17:48:54:ab:3f:24:e2:ef:ee:bb:f4:bb:94:51:
                    3f:4f:ee:cd:bb:20:74:ba:7e:93:d7:3f:b6:39:9e:
                    31:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:21:25:14:44:CC:ED:B8:A6:B0:73:C0:D9:80:B3:03:9D:4A:6E:34
            X509v3 Authority Key Identifier:
                keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:42:e8:76:11:18:c7:e0:db:09:ec:ba:1f:ea:c4:f0:e7:88:
         d4:5f:d7:3c:a9:07:7c:3b:c6:3b:64:e3:92:c9:19:b3:7b:a9:
         77:1a:23:54:2c:b6:a2:b3:11:69:5f:60:a6:cc:70:24:5b:b5:
         f6:d0:a8:9e:75:7e:08:e9:c5:75:9e:14:1d:00:5d:cd:31:ce:
         a2:56:c0:fd:f3:1b:33:be:6b:d7:af:1a:8d:c7:05:81:48:3f:
         db:db:90:aa:4f:ce:95:8f:e3:b8:44:66:b0:fd:33:c1:02:c4:
         12:4b:15:84:8b:d9:c0:09:06:cd:e4:ec:dd:a5:3e:9d:76:7b:
         91:4d:29:cc:23:2e:0b:74:c6:7c:b1:dc:d8:ec:53:df:9d:32:
         07:b8:1b:c4:ad:21:ee:cb:e9:55:24:07:2b:03:52:88:c3:83:
         ea:9e:d1:c5:2d:d8:b6:62:9e:04:37:19:5d:70:c7:dc:ec:71:
         8b:89:94:40:48:3e:01:20:55:54:ee:80:0d:ca:f9:56:5d:4c:
         d4:70:24:04:10:90:0b:14:a2:b2:26:8b:59:d6:77:f6:22:c5:
         89:1b:22:21:12:07:18:76:1d:72:60:a8:2a:ad:de:d2:54:2a:
         b1:11:ed:02:1e:47:e3:30:8c:a5:0d:ee:1c:c6:b2:90:81:bf:
         ec:1c:4d:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3Ch4IgJr0Po4HCDTnqoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4
NWQ1MDcwHhcNMjUxMTExMDMwMTA3WhcNMjUxMTEyMDMwMTA3WjAzMTEwLwYDVQQD
EygyMDIxMjUxNDQ0Y2NlZGI4YTZiMDczYzBkOTgwYjMwMzlkNGE2ZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaVI17lAYYkGm0G7Kpf4ta6trpG1
G+/d0C/XJpcQpSPhLQjqqjoyR3dX378JOujfD+aEykceuC8KwhnpS3PgfPRHXFvR
x5SL0JaWb85Aq76dtTr3W3wO2Hucl/tPSFMZYEmTsABXKnFjh2vJDBY7IH2rV9/x
rJT9NJAWCAzXaByoJuUB27XCqOksxqbbd1qsI5aGkCJCtzOs1IA87MXPxSsRYOLE
i5jdKJOrufwott4JPJi1+iOxTe/kj7UKxGJhO0JwOZYtb6EtgciTEDgrNQrV8FGb
n69eeheb9nxjkp1FF0hUqz8k4u/uu/S7lFE/T+7NuyB0un6T1z+2OZ4xOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAhJRREzO24prBzwNmAswOdSm40MB8GA1UdIwQY
MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt
MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy
LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqkLodhEY
x+DbCey6H+rE8OeI1F/XPKkHfDvGO2TjkskZs3updxojVCy2orMRaV9gpsxwJFu1
9tConnV+COnFdZ4UHQBdzTHOolbA/fMbM75r168ajccFgUg/29uQqk/OlY/juERm
sP0zwQLEEksVhIvZwAkGzeTs3aU+nXZ7kU0pzCMuC3TGfLHc2OxT350yB7gbxK0h
7svpVSQHKwNSiMOD6p7RxS3YtmKeBDcZXXDH3Oxxi4mUQEg+ASBVVO6ADcr5Vl1M
1HAkBBCQCxSisiaLWdZ39iLFiRsiIRIHGHYdcmCoKq3e0lQqsRHtAh5H4zCMpQ3u
HMaykIG/7BxNLA==
-----END CERTIFICATE-----