Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
File:                     3frtS0AyNuLKi-twkcug4GpUPQo.mft (raw, json)
Hash identifier:          ZxLEEIS6P567dUwsl+RhXm4xmX/rGTNuCBKWnj5CjGM=
Subject key identifier:   47:3B:9E:06:22:D8:58:92:DA:74:CA:15:CD:20:CB:35:96:EC:57:AC
Authority key identifier: DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A
Certificate issuer:       /CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
Certificate serial:       019A71B7FFE6CE6E1FA47E15CBFD951D1C06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
Manifest number:          0262
Signing time:             Tue 11 Nov 2025 07:01:15 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:15 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:15 +0000
Files and hashes:         1: 3frtS0AyNuLKi-twkcug4GpUPQo.crl (hash: 0P0hkIVxY68P/hIxzfAVJ7cwyVphc8ilH7EuCse/4sE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:ff:e6:ce:6e:1f:a4:7e:15:cb:fd:95:1d:1c:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a
        Validity
            Not Before: Nov 11 07:01:15 2025 GMT
            Not After : Nov 12 07:01:15 2025 GMT
        Subject: CN=473b9e0622d85892da74ca15cd20cb3596ec57ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e5:34:b5:9f:3d:5a:1b:e3:c4:f9:d7:e6:bb:
                    3a:c9:be:b8:fc:f9:6d:a7:83:96:c9:71:92:9b:9a:
                    b5:e4:73:1b:36:05:aa:4b:74:d1:3b:83:2e:ee:ad:
                    56:52:53:f6:c5:20:a4:dc:31:8b:a9:d1:00:56:02:
                    1d:6b:bf:d1:df:25:1f:7e:25:76:20:aa:dd:ce:78:
                    65:b8:69:e1:11:68:a1:e7:ab:0e:10:27:9a:20:90:
                    f9:19:af:05:9a:c6:2e:f2:8a:b1:5c:0a:88:ab:05:
                    0a:c0:9f:36:c1:ce:2a:f3:4d:ac:a8:2e:e6:e7:d6:
                    1a:ec:49:00:f2:82:5d:b3:ad:bc:36:c9:ea:38:5e:
                    1a:4f:4d:36:22:2f:f3:b0:6c:3d:78:0f:b1:df:04:
                    ef:53:34:2f:b0:e4:3e:d6:ed:91:a4:3b:41:d2:25:
                    9b:d7:0f:17:9b:1c:d3:cd:32:d3:9a:39:53:0e:0d:
                    1c:41:ee:0a:52:e6:1b:40:0e:10:ae:20:da:94:d6:
                    fb:37:88:41:c4:30:d2:59:5c:2d:31:e8:5a:45:bd:
                    96:10:8a:15:cf:e1:59:42:79:ce:c2:87:ca:97:3c:
                    09:c8:26:5c:4d:75:ad:25:1c:c7:a1:57:c2:8a:2a:
                    12:f7:d8:01:bc:e2:4a:16:37:1b:b3:28:54:15:48:
                    fa:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:3B:9E:06:22:D8:58:92:DA:74:CA:15:CD:20:CB:35:96:EC:57:AC
            X509v3 Authority Key Identifier:
                keyid:DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:ab:83:0a:09:14:b4:e6:24:31:09:90:3b:b8:f3:f5:94:fa:
         d5:7d:67:b8:5a:45:48:10:b8:a4:30:f6:8e:49:d0:eb:19:16:
         b8:09:66:a7:7c:02:50:14:0a:31:ed:9b:33:f7:3a:45:97:8f:
         9c:83:a6:1f:63:df:af:46:43:5f:e9:ec:b6:10:d4:64:fa:a7:
         3d:0e:e3:8b:f9:f8:c4:d2:87:be:98:78:49:47:48:ed:28:d4:
         25:c5:ea:1d:fb:dd:80:14:82:79:0e:4d:75:44:66:e2:ea:c5:
         de:46:57:d5:a4:f9:86:93:2c:5e:22:f9:6b:a8:33:21:cb:cb:
         be:53:d4:cf:a5:a4:a9:e2:58:11:6e:55:ed:62:27:0d:ba:be:
         b7:1e:38:84:cc:6e:00:16:72:f1:c9:78:9e:b6:97:d3:23:48:
         59:18:b0:bf:88:e6:7f:de:b6:ce:c9:e1:8c:92:d8:85:38:d8:
         39:ae:c5:7b:8f:4c:44:b5:a4:33:20:3a:39:4d:30:c7:49:7b:
         53:8f:50:72:81:90:39:5b:58:c6:d8:cb:5a:63:e4:78:cc:6d:
         f9:9f:b7:4b:57:32:ca:ff:34:7a:50:6f:7c:2c:0d:56:6c:39:
         f1:60:6d:62:7d:4c:7a:ec:1d:81:21:be:20:cc:f4:f0:e0:cb:
         07:52:dc:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt//mzm4fpH4Vy/2VHRwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZmFlZDRiNDAzMjM2ZTJjYThiZWI3MDkxY2JhMGUwNmE1
NDNkMGEwHhcNMjUxMTExMDcwMTE1WhcNMjUxMTEyMDcwMTE1WjAzMTEwLwYDVQQD
Eyg0NzNiOWUwNjIyZDg1ODkyZGE3NGNhMTVjZDIwY2IzNTk2ZWM1N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOU0tZ89WhvjxPnX5rs6yb64/Plt
p4OWyXGSm5q15HMbNgWqS3TRO4Mu7q1WUlP2xSCk3DGLqdEAVgIda7/R3yUffiV2
IKrdznhluGnhEWih56sOECeaIJD5Ga8FmsYu8oqxXAqIqwUKwJ82wc4q802sqC7m
59Ya7EkA8oJds628NsnqOF4aT002Ii/zsGw9eA+x3wTvUzQvsOQ+1u2RpDtB0iWb
1w8XmxzTzTLTmjlTDg0cQe4KUuYbQA4QriDalNb7N4hBxDDSWVwtMehaRb2WEIoV
z+FZQnnOwofKlzwJyCZcTXWtJRzHoVfCiioS99gBvOJKFjcbsyhUFUj60QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEc7ngYi2FiS2nTKFc0gyzWW7FesMB8GA1UdIwQY
MBaAFN367UtAMjbiyovrcJHLoOBqVD0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEt
YjkzN2QxMjA1YWIxLzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEtYjkzN2QxMjA1YWIx
LzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv6uDCgkU
tOYkMQmQO7jz9ZT61X1nuFpFSBC4pDD2jknQ6xkWuAlmp3wCUBQKMe2bM/c6RZeP
nIOmH2Pfr0ZDX+nsthDUZPqnPQ7ji/n4xNKHvph4SUdI7SjUJcXqHfvdgBSCeQ5N
dURm4urF3kZX1aT5hpMsXiL5a6gzIcvLvlPUz6WkqeJYEW5V7WInDbq+tx44hMxu
ABZy8cl4nraX0yNIWRiwv4jmf962zsnhjJLYhTjYOa7Fe49MRLWkMyA6OU0wx0l7
U49QcoGQOVtYxtjLWmPkeMxt+Z+3S1cyyv80elBvfCwNVmw58WBtYn1MeuwdgSG+
IMz08ODLB1LcDw==
-----END CERTIFICATE-----