Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
File:                     e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft (raw, json)
Hash identifier:          hInmQmmSCK5b3wVH8kRNfVnL+eJRSmwQmc21j5UfOaM=
Subject key identifier:   2F:D7:A4:57:6E:C5:F1:31:F6:C3:C1:65:01:7D:EC:F0:0C:6E:27:E3
Authority key identifier: 7B:78:73:F8:9C:2A:98:53:27:EA:79:96:26:74:23:A7:75:1C:61:69
Certificate issuer:       /CN=7b7873f89c2a985327ea7996267423a7751c6169
Certificate serial:       019A71B85046A5A0F72FC60DBA64A608D7D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:01:35 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:35 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:35 +0000
Files and hashes:         1: e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl (hash: Wk0ezCPgMsR832smXW+ei9eTaiiuht1G/reA7B/0hvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:50:46:a5:a0:f7:2f:c6:0d:ba:64:a6:08:d7:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b7873f89c2a985327ea7996267423a7751c6169
        Validity
            Not Before: Nov 11 07:01:35 2025 GMT
            Not After : Nov 12 07:01:35 2025 GMT
        Subject: CN=2fd7a4576ec5f131f6c3c165017decf00c6e27e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:a5:8f:7c:36:c2:b0:a1:e1:8e:14:38:d5:4a:
                    b0:f9:5e:47:f8:dc:bf:ec:c0:76:64:bc:89:4a:e0:
                    2c:69:2f:b4:49:0d:14:87:ce:eb:ee:2f:ab:a8:0b:
                    ea:7c:96:db:6d:e6:0f:81:f0:d2:b3:b0:f5:5a:78:
                    86:f5:54:2a:7b:01:8c:26:d9:2f:f8:0a:8f:89:04:
                    14:32:cb:8b:1a:54:9e:76:0a:a5:34:bf:98:5a:23:
                    61:8c:5a:69:fb:5a:45:05:2b:67:60:be:91:a8:63:
                    19:0c:79:75:f7:a2:b7:53:c7:5a:73:e7:c1:e0:92:
                    52:41:3e:15:bb:55:cd:11:76:f9:12:21:23:d3:40:
                    e4:dd:d8:cc:d8:19:7c:07:30:70:6e:9d:a6:8d:d6:
                    1a:92:d5:0a:58:cb:2d:6a:08:1d:20:b8:3d:2c:f4:
                    4d:38:59:0d:68:5d:e8:55:26:88:bf:16:a9:47:6b:
                    23:ec:7a:42:9a:2c:8a:78:33:5b:00:71:07:a8:67:
                    7a:88:46:fd:1f:69:e2:9d:24:da:4a:74:33:a9:f7:
                    74:ab:9d:fc:12:c9:ca:dc:24:69:e9:a5:46:f2:7c:
                    ea:e3:0b:c7:63:f4:57:92:e4:07:9e:54:4f:18:24:
                    76:bd:87:89:15:82:61:88:b1:ce:3b:fd:6d:ad:df:
                    b4:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:D7:A4:57:6E:C5:F1:31:F6:C3:C1:65:01:7D:EC:F0:0C:6E:27:E3
            X509v3 Authority Key Identifier:
                keyid:7B:78:73:F8:9C:2A:98:53:27:EA:79:96:26:74:23:A7:75:1C:61:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:ed:73:51:1a:ee:bc:9b:50:c9:18:15:ec:37:5f:9d:c0:69:
         df:f6:c2:c5:41:2b:41:53:d7:45:e8:62:15:42:7a:7b:dd:d3:
         07:42:70:b0:e0:aa:32:73:05:ab:06:8d:30:55:49:04:bf:64:
         c2:cb:b2:53:eb:9e:8b:52:ba:43:3d:ea:7a:6c:59:99:dc:0d:
         0d:fd:a0:f6:94:e0:df:e4:ef:f0:17:96:17:28:76:9b:9c:2a:
         fc:68:ca:9a:22:cb:54:80:4d:c5:83:83:95:13:27:fc:07:52:
         10:bd:66:83:c7:76:de:9f:05:7b:2d:65:08:d4:58:06:44:45:
         14:e9:a9:8f:20:7a:4e:94:e1:a3:6e:9f:c6:27:9b:61:d9:7d:
         b0:98:36:b7:3a:8d:52:b2:35:d9:eb:dd:d5:6d:fe:c5:c6:72:
         2c:c2:5f:4f:4a:67:db:4e:75:31:b4:f8:05:ee:c6:20:9f:9f:
         d9:2f:b5:2f:fc:fd:03:8e:bd:df:c8:4b:fb:11:98:dd:97:31:
         ac:99:48:a5:a3:4e:70:9a:47:48:a5:0e:7c:68:72:91:e2:f9:
         9f:da:f6:1b:bb:f0:d7:77:2f:d0:d6:b8:61:9d:a7:4a:fb:b4:
         85:c0:9d:71:ff:58:b8:d6:9f:85:aa:0e:2b:c8:d7:34:9a:4c:
         86:4c:2d:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuFBGpaD3L8YNumSmCNfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNzg3M2Y4OWMyYTk4NTMyN2VhNzk5NjI2NzQyM2E3NzUx
YzYxNjkwHhcNMjUxMTExMDcwMTM1WhcNMjUxMTEyMDcwMTM1WjAzMTEwLwYDVQQD
EygyZmQ3YTQ1NzZlYzVmMTMxZjZjM2MxNjUwMTdkZWNmMDBjNmUyN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqWPfDbCsKHhjhQ41Uqw+V5H+Ny/
7MB2ZLyJSuAsaS+0SQ0Uh87r7i+rqAvqfJbbbeYPgfDSs7D1WniG9VQqewGMJtkv
+AqPiQQUMsuLGlSedgqlNL+YWiNhjFpp+1pFBStnYL6RqGMZDHl196K3U8dac+fB
4JJSQT4Vu1XNEXb5EiEj00Dk3djM2Bl8BzBwbp2mjdYaktUKWMstaggdILg9LPRN
OFkNaF3oVSaIvxapR2sj7HpCmiyKeDNbAHEHqGd6iEb9H2ninSTaSnQzqfd0q538
EsnK3CRp6aVG8nzq4wvHY/RXkuQHnlRPGCR2vYeJFYJhiLHOO/1trd+0EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC/XpFduxfEx9sPBZQF97PAMbifjMB8GA1UdIwQY
MBaAFHt4c/icKphTJ+p5liZ0I6d1HGFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi82MzM0YWUtODY2MS00YjFjLTg0MzAt
OWI5ZGY0NDNjODYzLzEvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi82MzM0YWUtODY2MS00YjFjLTg0MzAtOWI5ZGY0NDNjODYz
LzEvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB+1zURru
vJtQyRgV7DdfncBp3/bCxUErQVPXRehiFUJ6e93TB0JwsOCqMnMFqwaNMFVJBL9k
wsuyU+uei1K6Qz3qemxZmdwNDf2g9pTg3+Tv8BeWFyh2m5wq/GjKmiLLVIBNxYOD
lRMn/AdSEL1mg8d23p8Fey1lCNRYBkRFFOmpjyB6TpTho26fxiebYdl9sJg2tzqN
UrI12evd1W3+xcZyLMJfT0pn2051MbT4Be7GIJ+f2S+1L/z9A46938hL+xGY3Zcx
rJlIpaNOcJpHSKUOfGhykeL5n9r2G7vw13cv0Na4YZ2nSvu0hcCdcf9YuNafhaoO
K8jXNJpMhkwtpQ==
-----END CERTIFICATE-----