Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
File:                     _D39VAG24EhxYrQuBDdnosKTGnc.mft (raw, json)
Hash identifier:          RrMkV8RMHLsfA//pjQ2muftIWguCUyTPiYzrTZ3tvaQ=
Subject key identifier:   82:23:50:0D:72:32:99:71:E8:DF:40:30:EA:F1:25:F0:D3:31:5D:72
Authority key identifier: FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
Certificate issuer:       /CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Certificate serial:       019A71B7E5690E44AEC8B119D42C7DD26FBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
Manifest number:          0AA1
Signing time:             Tue 11 Nov 2025 07:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:08 +0000
Files and hashes:         1: _D39VAG24EhxYrQuBDdnosKTGnc.crl (hash: p/tl6pnnCU9YURbBzI8yvt33PQKuMluEe+FVqGj6Duc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:e5:69:0e:44:ae:c8:b1:19:d4:2c:7d:d2:6f:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
        Validity
            Not Before: Nov 11 07:01:08 2025 GMT
            Not After : Nov 12 07:01:08 2025 GMT
        Subject: CN=8223500d72329971e8df4030eaf125f0d3315d72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:15:85:1b:8e:d3:f6:b3:c3:ab:8c:ea:ba:d1:
                    8a:2d:9e:ef:38:55:af:c5:33:c7:a7:fe:d7:f9:1a:
                    42:29:48:b3:3b:dd:af:6e:87:fb:4a:d5:a2:c4:3b:
                    0a:ea:f8:f5:ce:30:32:fa:60:bd:bc:e6:e7:67:52:
                    62:4c:99:2d:b2:9f:7d:ad:9b:b0:d7:1c:66:b1:86:
                    b6:85:b0:28:76:a2:7e:2e:cd:fc:c5:c2:d8:d7:0e:
                    e5:a1:26:d7:9f:a4:1d:3e:89:d6:86:10:65:b2:af:
                    42:ff:69:5c:51:3a:c8:f1:b9:0c:91:90:f7:73:a3:
                    dc:5e:5a:a1:be:44:cd:a7:ed:44:3a:cd:11:b7:bb:
                    f8:2b:03:21:9f:8e:cb:9b:8b:52:cc:ed:76:cd:a7:
                    07:91:22:53:e7:c6:5e:2c:7a:ac:44:04:83:ee:d1:
                    d8:3c:36:60:8f:cb:b5:56:40:ea:79:14:08:c9:84:
                    d1:c5:cc:d2:44:95:11:e0:71:1d:4d:ba:1f:4b:80:
                    af:5a:a3:11:c4:88:69:d8:71:3a:38:49:e3:31:90:
                    d8:5d:3d:93:28:7d:30:52:07:21:10:d4:51:56:d1:
                    6f:97:9d:f7:b8:45:4a:75:7d:86:79:62:19:55:ac:
                    7f:44:0d:18:0e:33:07:80:06:13:8d:6a:da:c3:e5:
                    52:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:23:50:0D:72:32:99:71:E8:DF:40:30:EA:F1:25:F0:D3:31:5D:72
            X509v3 Authority Key Identifier:
                keyid:FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:af:f2:a3:63:c2:a8:11:87:dd:86:82:88:7a:11:db:84:d7:
         09:88:e2:ef:7c:a6:15:4c:33:43:ce:a7:04:03:4d:a5:55:6a:
         b5:69:01:33:63:28:c7:c4:5f:21:ba:12:82:77:12:00:6c:79:
         b1:84:2e:83:f1:74:dc:a0:f3:f7:c2:89:c6:48:55:af:b8:45:
         a2:2f:7d:4b:2e:28:f8:1c:65:84:67:31:e8:de:0b:97:1a:c9:
         f5:03:62:18:ca:13:65:89:57:49:90:6b:00:c0:1b:8b:c4:71:
         7f:35:80:56:b1:45:c5:cd:b4:f3:18:63:44:c3:47:65:5d:3a:
         62:56:3d:2b:b7:ac:ef:40:47:fb:ba:6c:5f:13:7a:bb:81:28:
         ad:1f:3b:c1:07:b5:08:13:9b:4c:9f:dd:e2:bc:e8:fe:f6:b1:
         a3:5a:0b:fe:50:0d:23:b5:79:54:2d:49:c3:21:da:e8:b7:38:
         07:c5:70:89:5d:b6:76:fd:30:4b:81:5f:16:97:cf:a2:cb:44:
         f1:6a:10:25:f2:31:1f:35:33:23:f6:49:cc:94:c7:50:10:45:
         16:51:30:16:d5:5a:a1:f6:37:64:01:ac:75:9b:d3:25:d4:27:
         df:aa:70:11:68:3e:d8:5c:5c:93:e4:a7:c4:e9:8c:29:6b:79:
         7c:f7:d7:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+VpDkSuyLEZ1Cx90m+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2RmZDU0MDFiNmUwNDg3MTYyYjQyZTA0Mzc2N2EyYzI5
MzFhNzcwHhcNMjUxMTExMDcwMTA4WhcNMjUxMTEyMDcwMTA4WjAzMTEwLwYDVQQD
Eyg4MjIzNTAwZDcyMzI5OTcxZThkZjQwMzBlYWYxMjVmMGQzMzE1ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhWFG47T9rPDq4zqutGKLZ7vOFWv
xTPHp/7X+RpCKUizO92vbof7StWixDsK6vj1zjAy+mC9vObnZ1JiTJktsp99rZuw
1xxmsYa2hbAodqJ+Ls38xcLY1w7loSbXn6QdPonWhhBlsq9C/2lcUTrI8bkMkZD3
c6PcXlqhvkTNp+1EOs0Rt7v4KwMhn47Lm4tSzO12zacHkSJT58ZeLHqsRASD7tHY
PDZgj8u1VkDqeRQIyYTRxczSRJUR4HEdTbofS4CvWqMRxIhp2HE6OEnjMZDYXT2T
KH0wUgchENRRVtFvl533uEVKdX2GeWIZVax/RA0YDjMHgAYTjWraw+VSXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIjUA1yMplx6N9AMOrxJfDTMV1yMB8GA1UdIwQY
MBaAFPw9/VQBtuBIcWK0LgQ3Z6LCkxp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEt
ZGRhZGUzZDM0MWM3LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEtZGRhZGUzZDM0MWM3
LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApq/yo2PC
qBGH3YaCiHoR24TXCYji73ymFUwzQ86nBANNpVVqtWkBM2Mox8RfIboSgncSAGx5
sYQug/F03KDz98KJxkhVr7hFoi99Sy4o+BxlhGcx6N4LlxrJ9QNiGMoTZYlXSZBr
AMAbi8RxfzWAVrFFxc208xhjRMNHZV06YlY9K7es70BH+7psXxN6u4EorR87wQe1
CBObTJ/d4rzo/vaxo1oL/lANI7V5VC1JwyHa6Lc4B8VwiV22dv0wS4FfFpfPostE
8WoQJfIxHzUzI/ZJzJTHUBBFFlEwFtVaofY3ZAGsdZvTJdQn36pwEWg+2Fxck+Sn
xOmMKWt5fPfXgg==
-----END CERTIFICATE-----