Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
File:                     3EviU3WUInayZECX3D1ah1r7ivE.mft (raw, json)
Hash identifier:          x9SCBXqPxXDPbAGs/4B3WDQXeyW4UyXD04tWYLTYoEw=
Subject key identifier:   43:F5:26:C7:86:09:FD:9B:B8:22:62:CD:B5:2E:36:C2:A2:64:7B:6F
Authority key identifier: DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1
Certificate issuer:       /CN=dc4be25375942276b2644097dc3d5a875afb8af1
Certificate serial:       019A71B80BFA01EE8D7F4A4B93BCEBE2A634
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
Manifest number:          09D3
Signing time:             Tue 11 Nov 2025 07:01:18 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:18 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:18 +0000
Files and hashes:         1: 3EviU3WUInayZECX3D1ah1r7ivE.crl (hash: S/mLgOfjdR6nZRI5ChXXXd1eTdfTUSPZF2hi7FxSrFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:0b:fa:01:ee:8d:7f:4a:4b:93:bc:eb:e2:a6:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc4be25375942276b2644097dc3d5a875afb8af1
        Validity
            Not Before: Nov 11 07:01:18 2025 GMT
            Not After : Nov 12 07:01:18 2025 GMT
        Subject: CN=43f526c78609fd9bb82262cdb52e36c2a2647b6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:e3:d4:9e:74:44:62:0c:3b:73:e6:52:a1:9b:
                    32:e6:1b:3c:f1:54:8c:c6:15:f9:83:b4:42:8d:16:
                    c9:05:9b:32:05:4d:c0:70:33:b9:b4:d5:06:94:72:
                    51:a5:24:a9:b6:2d:ee:ce:35:6d:87:48:15:bd:de:
                    ae:7e:3d:07:9a:2b:7c:89:ea:68:5a:9b:7e:be:da:
                    d2:7a:03:f0:a8:f2:1d:37:cc:3c:26:bc:35:46:e3:
                    4b:57:c5:7f:d4:d4:89:78:99:fe:78:39:92:47:5e:
                    20:57:33:cc:bd:c7:9a:e8:54:60:e0:8e:3d:c2:62:
                    b6:f4:02:99:68:b9:0f:12:9b:ca:e9:e3:83:29:63:
                    73:f2:04:88:39:1d:bc:18:25:1d:84:f2:ec:a7:0f:
                    01:60:5f:b1:0a:8a:05:df:bd:1c:ce:a5:79:00:3b:
                    7e:76:32:fc:f6:48:3b:5b:11:62:db:58:f9:92:3d:
                    11:5a:a5:dc:5f:4d:44:7d:cb:24:48:bc:b7:39:41:
                    10:fa:0b:4f:81:80:58:06:c4:9d:34:aa:b0:ae:d2:
                    ad:f3:39:70:7b:91:7d:53:ea:8d:9d:39:c6:c1:a8:
                    4f:57:ed:69:d5:f5:15:97:8f:81:2e:b1:31:ad:08:
                    06:b1:12:5b:80:8f:1e:91:98:1e:3a:5b:62:19:7c:
                    62:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:F5:26:C7:86:09:FD:9B:B8:22:62:CD:B5:2E:36:C2:A2:64:7B:6F
            X509v3 Authority Key Identifier:
                keyid:DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:8a:9a:55:5d:09:90:b8:26:d2:2d:e8:23:ce:d8:bb:11:60:
         8c:a2:31:e6:ee:ce:0c:42:eb:85:1d:40:b2:c9:6e:a7:38:d7:
         b6:c7:9b:9e:33:17:1c:3b:2f:e6:c4:25:2a:e2:d9:b1:c1:c8:
         93:22:56:c1:42:a7:60:b9:dd:74:af:58:58:36:99:c9:ab:94:
         3b:b2:ba:a4:c0:b3:d9:eb:f7:cd:7b:80:32:af:33:c7:16:43:
         4b:82:0b:d9:c1:c3:a5:d9:c0:5b:ec:db:c9:96:30:74:2a:e5:
         ef:ef:d2:b7:a6:ee:c8:a4:61:77:5f:c8:ba:32:51:05:f0:cb:
         a9:e8:dc:c5:66:90:b3:75:0b:d9:6a:e1:a1:9a:b2:46:d4:51:
         52:70:d1:ce:fb:22:6e:54:58:55:45:7c:b3:d4:0e:ca:79:25:
         86:dd:a1:3b:8a:65:ce:37:f7:ee:1a:94:33:ed:b7:be:ab:66:
         6e:63:36:4e:93:f4:e6:5a:1e:4f:50:4e:f4:37:79:c8:1c:7a:
         c7:27:06:8c:97:2e:71:2f:62:9e:08:3e:da:1e:c8:dd:ea:c7:
         f1:47:0b:50:94:3f:4f:3b:a6:ff:a1:e3:de:06:49:24:3a:77:
         3d:af:16:8a:35:a6:20:0a:b6:98:41:89:0b:90:1e:f9:88:ef:
         b0:12:85:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAv6Ae6Nf0pLk7zr4qY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGJlMjUzNzU5NDIyNzZiMjY0NDA5N2RjM2Q1YTg3NWFm
YjhhZjEwHhcNMjUxMTExMDcwMTE4WhcNMjUxMTEyMDcwMTE4WjAzMTEwLwYDVQQD
Eyg0M2Y1MjZjNzg2MDlmZDliYjgyMjYyY2RiNTJlMzZjMmEyNjQ3YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+PUnnREYgw7c+ZSoZsy5hs88VSM
xhX5g7RCjRbJBZsyBU3AcDO5tNUGlHJRpSSpti3uzjVth0gVvd6ufj0Hmit8iepo
Wpt+vtrSegPwqPIdN8w8Jrw1RuNLV8V/1NSJeJn+eDmSR14gVzPMvcea6FRg4I49
wmK29AKZaLkPEpvK6eODKWNz8gSIOR28GCUdhPLspw8BYF+xCooF370czqV5ADt+
djL89kg7WxFi21j5kj0RWqXcX01EfcskSLy3OUEQ+gtPgYBYBsSdNKqwrtKt8zlw
e5F9U+qNnTnGwahPV+1p1fUVl4+BLrExrQgGsRJbgI8ekZgeOltiGXxinQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEP1JseGCf2buCJizbUuNsKiZHtvMB8GA1UdIwQY
MBaAFNxL4lN1lCJ2smRAl9w9Woda+4rxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEt
MGI4NTEwMzhhNWRlLzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEtMGI4NTEwMzhhNWRl
LzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAooqaVV0J
kLgm0i3oI87YuxFgjKIx5u7ODELrhR1AsslupzjXtsebnjMXHDsv5sQlKuLZscHI
kyJWwUKnYLnddK9YWDaZyauUO7K6pMCz2ev3zXuAMq8zxxZDS4IL2cHDpdnAW+zb
yZYwdCrl7+/St6buyKRhd1/IujJRBfDLqejcxWaQs3UL2WrhoZqyRtRRUnDRzvsi
blRYVUV8s9QOynklht2hO4plzjf37hqUM+23vqtmbmM2TpP05loeT1BO9Dd5yBx6
xycGjJcucS9ingg+2h7I3erH8UcLUJQ/Tzum/6Hj3gZJJDp3Pa8WijWmIAq2mEGJ
C5Ae+YjvsBKFMg==
-----END CERTIFICATE-----