Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft
File:                     l3rc9I_t4Rk44XfcBNxnnGktjBw.mft (raw, json)
Hash identifier:          iHG4RlYjiVNsx2T9LvLJh61VurepyVtUTNhTfF6AY9U=
Subject key identifier:   A0:F5:91:36:07:33:5A:AC:D8:ED:84:13:4B:5E:3B:2D:75:48:44:CB
Authority key identifier: 97:7A:DC:F4:8F:ED:E1:19:38:E1:77:DC:04:DC:67:9C:69:2D:8C:1C
Certificate issuer:       /CN=977adcf48fede11938e177dc04dc679c692d8c1c
Certificate serial:       019A71B9027B7C5E00A5753427F0BE23B94E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l3rc9I_t4Rk44XfcBNxnnGktjBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft
Manifest number:          D0
Signing time:             Tue 11 Nov 2025 07:02:21 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:21 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:21 +0000
Files and hashes:         1: l3rc9I_t4Rk44XfcBNxnnGktjBw.crl (hash: oPiGiCPM40YzUs5z5pcDf6d2PXAdaLFyK6kF1pzzst0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l3rc9I_t4Rk44XfcBNxnnGktjBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:02:7b:7c:5e:00:a5:75:34:27:f0:be:23:b9:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977adcf48fede11938e177dc04dc679c692d8c1c
        Validity
            Not Before: Nov 11 07:02:21 2025 GMT
            Not After : Nov 12 07:02:21 2025 GMT
        Subject: CN=a0f5913607335aacd8ed84134b5e3b2d754844cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:b7:7d:66:13:a1:77:ae:37:04:29:7a:2a:f0:
                    26:59:40:d2:8f:23:d0:0e:cb:e8:d4:21:a9:34:86:
                    87:07:1a:30:c8:9e:78:c6:24:c9:8c:dd:ed:5e:8b:
                    8c:46:e3:a0:1b:cc:38:72:8d:5e:c1:71:f1:8b:bf:
                    23:d7:f2:fb:58:00:e1:6d:00:96:84:c9:4a:ba:7f:
                    29:f3:c2:d8:8a:67:28:6f:e4:6c:45:1d:12:80:71:
                    bc:05:24:a3:44:3f:35:50:b0:bb:5d:40:c7:fd:d6:
                    39:51:0e:47:06:55:9a:87:f1:e8:2f:35:e5:eb:9b:
                    73:62:7b:40:e6:16:e2:d7:3a:fa:e9:8d:47:c4:94:
                    b8:17:3f:89:fb:62:4d:4d:8e:57:68:c5:80:e4:ec:
                    9e:55:3f:85:02:4b:62:8d:eb:0d:5f:04:c3:0f:26:
                    76:61:3a:11:d9:e6:37:39:7d:25:6d:14:4a:bb:9c:
                    6b:c3:29:2b:7d:2c:15:e1:77:b9:b9:5d:d9:69:30:
                    47:3e:13:64:c1:4e:76:79:94:71:50:fe:40:65:1c:
                    e2:19:44:6c:07:31:12:7e:41:81:1d:95:d9:b5:ce:
                    b0:df:5d:37:5d:29:ef:ef:20:e6:4f:21:78:6d:13:
                    fd:e2:26:98:3e:e1:8b:2d:5c:fe:c0:8e:76:a5:12:
                    18:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:F5:91:36:07:33:5A:AC:D8:ED:84:13:4B:5E:3B:2D:75:48:44:CB
            X509v3 Authority Key Identifier:
                keyid:97:7A:DC:F4:8F:ED:E1:19:38:E1:77:DC:04:DC:67:9C:69:2D:8C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3rc9I_t4Rk44XfcBNxnnGktjBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/fe6725-7609-4bc2-b48b-25477dad9434/1/l3rc9I_t4Rk44XfcBNxnnGktjBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:c7:24:a1:ef:2c:f5:0b:89:ec:d4:6a:0d:91:ff:a1:be:52:
         cf:12:85:f1:c4:42:c1:a5:a7:ea:30:37:34:17:a2:59:90:dc:
         6e:82:38:61:8b:3f:eb:af:d6:30:d8:07:c1:dc:22:c7:38:99:
         c8:ad:45:3b:aa:2e:e1:72:3a:6e:4b:5d:42:53:ab:ab:5e:4e:
         76:6c:a1:3e:e3:59:78:f6:f4:3e:f3:da:37:e3:86:c5:2b:fb:
         6a:a4:a4:3f:49:7e:4c:77:d9:d6:64:5c:09:77:db:23:44:db:
         1a:13:02:3e:e2:3a:29:fd:6c:29:75:38:84:a3:26:f9:c2:3f:
         03:62:69:c4:25:fd:ae:f4:e9:65:8b:09:92:70:85:aa:e6:a8:
         d7:a1:f1:8b:61:20:33:24:c0:75:c7:ad:0d:f1:65:6a:4c:30:
         b3:53:fe:b2:6b:24:95:f0:19:8c:5b:a4:f6:40:83:6c:3d:c0:
         3f:0c:2e:81:d8:cb:f3:65:14:3a:b0:d0:4d:14:4e:f9:e1:f3:
         73:d4:30:72:fc:a6:ee:b1:d4:04:d1:9e:e7:fd:d2:80:67:e8:
         8e:4e:b4:76:d8:cb:e9:15:df:f3:4e:1f:2a:59:15:8c:12:01:
         b7:15:f4:10:89:4a:14:c7:2e:de:b6:3f:9a:cd:82:15:42:c0:
         ee:a5:b8:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuQJ7fF4ApXU0J/C+I7lOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2FkY2Y0OGZlZGUxMTkzOGUxNzdkYzA0ZGM2NzljNjky
ZDhjMWMwHhcNMjUxMTExMDcwMjIxWhcNMjUxMTEyMDcwMjIxWjAzMTEwLwYDVQQD
EyhhMGY1OTEzNjA3MzM1YWFjZDhlZDg0MTM0YjVlM2IyZDc1NDg0NGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbd9ZhOhd643BCl6KvAmWUDSjyPQ
Dsvo1CGpNIaHBxowyJ54xiTJjN3tXouMRuOgG8w4co1ewXHxi78j1/L7WADhbQCW
hMlKun8p88LYimcob+RsRR0SgHG8BSSjRD81ULC7XUDH/dY5UQ5HBlWah/HoLzXl
65tzYntA5hbi1zr66Y1HxJS4Fz+J+2JNTY5XaMWA5OyeVT+FAktijesNXwTDDyZ2
YToR2eY3OX0lbRRKu5xrwykrfSwV4Xe5uV3ZaTBHPhNkwU52eZRxUP5AZRziGURs
BzESfkGBHZXZtc6w3103XSnv7yDmTyF4bRP94iaYPuGLLVz+wI52pRIY5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKD1kTYHM1qs2O2EE0teOy11SETLMB8GA1UdIwQY
MBaAFJd63PSP7eEZOOF33ATcZ5xpLYwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNyYzlJX3Q0Ums0NFhmY0JOeG5uR2t0akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mZTY3MjUtNzYwOS00YmMyLWI0OGIt
MjU0NzdkYWQ5NDM0LzEvbDNyYzlJX3Q0Ums0NFhmY0JOeG5uR2t0akJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mZTY3MjUtNzYwOS00YmMyLWI0OGItMjU0NzdkYWQ5NDM0
LzEvbDNyYzlJX3Q0Ums0NFhmY0JOeG5uR2t0akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHMckoe8s
9QuJ7NRqDZH/ob5SzxKF8cRCwaWn6jA3NBeiWZDcboI4YYs/66/WMNgHwdwixziZ
yK1FO6ou4XI6bktdQlOrq15OdmyhPuNZePb0PvPaN+OGxSv7aqSkP0l+THfZ1mRc
CXfbI0TbGhMCPuI6Kf1sKXU4hKMm+cI/A2JpxCX9rvTpZYsJknCFquao16Hxi2Eg
MyTAdcetDfFlakwws1P+smsklfAZjFuk9kCDbD3APwwugdjL82UUOrDQTRRO+eHz
c9Qwcvym7rHUBNGe5/3SgGfojk60dtjL6RXf804fKlkVjBIBtxX0EIlKFMcu3rY/
ms2CFULA7qW4UA==
-----END CERTIFICATE-----