Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
File:                     pU3VdP7HLUOUwlU2uoUyydOPQLo.mft (raw, json)
Hash identifier:          kplrAQXFlk7NRM3lTnwnfqpJAAGBGG15rRLLkmez4AI=
Subject key identifier:   9A:50:6F:71:08:E5:FD:5B:96:F9:46:D0:FA:5A:9F:98:14:81:64:9E
Authority key identifier: A5:4D:D5:74:FE:C7:2D:43:94:C2:55:36:BA:85:32:C9:D3:8F:40:BA
Certificate issuer:       /CN=a54dd574fec72d4394c25536ba8532c9d38f40ba
Certificate serial:       019A71B92B543238792BBCDFE700C3F36DDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
Manifest number:          0A34
Signing time:             Tue 11 Nov 2025 07:02:31 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:31 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:31 +0000
Files and hashes:         1: pU3VdP7HLUOUwlU2uoUyydOPQLo.crl (hash: APV+FYO6R+RhKMq+zxVX+3iTROpvDyAiiqjyrVKU+Sk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:2b:54:32:38:79:2b:bc:df:e7:00:c3:f3:6d:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a54dd574fec72d4394c25536ba8532c9d38f40ba
        Validity
            Not Before: Nov 11 07:02:31 2025 GMT
            Not After : Nov 12 07:02:31 2025 GMT
        Subject: CN=9a506f7108e5fd5b96f946d0fa5a9f981481649e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:4d:f6:73:51:a7:2e:a9:42:16:29:ab:cd:7d:
                    4d:3a:3f:af:a5:2f:eb:b6:2e:0b:19:cd:bc:ae:f3:
                    02:ac:ae:84:5d:f0:99:9a:f1:99:e9:f6:fa:b9:25:
                    a5:f2:a3:76:d9:d6:26:13:c1:f4:09:cf:f7:ef:65:
                    c7:23:00:92:54:25:8a:7b:8a:b2:84:7b:8c:c2:e6:
                    c2:64:53:1f:fd:8f:26:bf:9f:25:58:50:12:77:ba:
                    80:4e:ce:70:3d:86:17:93:7f:d1:6f:e7:cb:9d:eb:
                    3c:f3:d4:75:ce:a4:32:dc:df:25:fd:e4:4a:65:55:
                    2b:0c:61:15:6a:28:03:22:13:ad:28:9c:00:0b:61:
                    7a:2b:de:bb:52:51:1d:e6:0f:6f:ef:3e:21:06:2a:
                    79:8e:7b:4a:a8:f0:44:80:b1:bb:92:9d:44:a4:c0:
                    7c:fa:0d:dc:97:15:38:ab:ec:14:5b:fe:bf:ad:d1:
                    a2:84:7f:d9:86:73:57:a3:61:f9:9a:8c:9c:02:17:
                    4b:65:bb:2a:da:b2:c8:2e:c7:6b:54:96:58:60:41:
                    ef:bc:85:8b:6b:6a:87:f3:cb:93:33:e9:5e:25:24:
                    b6:76:21:4b:8c:c4:6b:16:62:1c:b6:88:9f:6b:cc:
                    fb:e0:32:e8:e2:4e:0a:e3:47:63:ac:46:93:c1:d0:
                    0b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:50:6F:71:08:E5:FD:5B:96:F9:46:D0:FA:5A:9F:98:14:81:64:9E
            X509v3 Authority Key Identifier:
                keyid:A5:4D:D5:74:FE:C7:2D:43:94:C2:55:36:BA:85:32:C9:D3:8F:40:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:15:5b:3a:12:cb:72:4b:03:88:01:61:b1:d9:8e:a2:46:89:
         96:23:1d:15:4a:4b:99:a0:eb:97:c3:e2:94:a9:60:8b:cb:4c:
         e3:20:1e:c4:54:71:89:a7:3d:a9:96:43:f2:8e:a7:ff:02:02:
         ea:4c:a7:19:c6:e6:4f:07:6a:b2:86:7d:62:2e:31:e0:d9:74:
         2b:8c:fa:3b:8c:21:fb:63:41:26:65:90:b9:6b:83:54:8f:61:
         19:51:59:54:bc:1b:ca:77:4e:d1:4f:2c:73:4d:7d:bf:05:16:
         e4:c8:5e:91:60:c2:78:09:b2:ac:7c:48:7b:56:50:a5:df:25:
         f5:64:cd:53:49:28:82:7a:2f:d9:2a:66:fd:3c:1a:8e:50:09:
         f6:0a:83:e4:3d:8c:a2:58:a5:17:84:00:6a:fb:af:00:22:d5:
         c5:5c:cd:22:5c:97:da:28:c4:38:e3:84:5c:0f:f2:51:be:1f:
         3a:3e:75:6b:c7:e2:0f:8a:f6:9b:fa:19:16:11:98:a0:d5:4a:
         8d:bc:91:7b:8e:42:f5:49:65:9c:17:c8:35:c8:66:49:76:8c:
         8f:c2:28:4d:df:ed:5c:d5:01:15:37:1b:49:67:55:3a:78:97:
         91:01:c8:df:d2:73:bc:cf:97:a5:11:3e:0f:38:9c:f0:aa:7d:
         11:34:52:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuStUMjh5K7zf5wDD823eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NGRkNTc0ZmVjNzJkNDM5NGMyNTUzNmJhODUzMmM5ZDM4
ZjQwYmEwHhcNMjUxMTExMDcwMjMxWhcNMjUxMTEyMDcwMjMxWjAzMTEwLwYDVQQD
Eyg5YTUwNmY3MTA4ZTVmZDViOTZmOTQ2ZDBmYTVhOWY5ODE0ODE2NDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5032c1GnLqlCFimrzX1NOj+vpS/r
ti4LGc28rvMCrK6EXfCZmvGZ6fb6uSWl8qN22dYmE8H0Cc/372XHIwCSVCWKe4qy
hHuMwubCZFMf/Y8mv58lWFASd7qATs5wPYYXk3/Rb+fLnes889R1zqQy3N8l/eRK
ZVUrDGEVaigDIhOtKJwAC2F6K967UlEd5g9v7z4hBip5jntKqPBEgLG7kp1EpMB8
+g3clxU4q+wUW/6/rdGihH/ZhnNXo2H5moycAhdLZbsq2rLILsdrVJZYYEHvvIWL
a2qH88uTM+leJSS2diFLjMRrFmIctoifa8z74DLo4k4K40djrEaTwdALIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpQb3EI5f1blvlG0Ppan5gUgWSeMB8GA1UdIwQY
MBaAFKVN1XT+xy1DlMJVNrqFMsnTj0C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82OTM0YjUtOTZjMC00NzZkLWJmNTQt
MjM3ZjY1YjY0MzI3LzEvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82OTM0YjUtOTZjMC00NzZkLWJmNTQtMjM3ZjY1YjY0MzI3
LzEvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANhVbOhLL
cksDiAFhsdmOokaJliMdFUpLmaDrl8PilKlgi8tM4yAexFRxiac9qZZD8o6n/wIC
6kynGcbmTwdqsoZ9Yi4x4Nl0K4z6O4wh+2NBJmWQuWuDVI9hGVFZVLwbyndO0U8s
c019vwUW5MhekWDCeAmyrHxIe1ZQpd8l9WTNU0kognov2Spm/TwajlAJ9gqD5D2M
olilF4QAavuvACLVxVzNIlyX2ijEOOOEXA/yUb4fOj51a8fiD4r2m/oZFhGYoNVK
jbyRe45C9UllnBfINchmSXaMj8IoTd/tXNUBFTcbSWdVOniXkQHI39JzvM+XpRE+
Dzic8Kp9ETRSQg==
-----END CERTIFICATE-----