Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          ocviCUuwJBldSfzgwjRDTDu1FsRwk44fk9q4hThzipw=
Subject key identifier:   19:68:73:44:53:CB:07:20:02:66:7F:1D:4C:5E:C9:CB:22:4C:5A:FB
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       019A4EF5019C924D80BA03DA7DD8DD5922C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0EAE
Signing time:             Tue 04 Nov 2025 13:01:10 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:10 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:10 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: 1CXff4dJ15qhGMPX432MNaI4dj1JMHP6uhnpl3gfE8k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:01:9c:92:4d:80:ba:03:da:7d:d8:dd:59:22:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Nov  4 13:01:10 2025 GMT
            Not After : Nov  5 13:01:10 2025 GMT
        Subject: CN=1968734453cb072002667f1d4c5ec9cb224c5afb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d4:e5:57:38:af:08:1e:af:80:d9:cd:4c:40:
                    fa:db:78:b1:a2:08:95:67:cf:5c:f8:05:0f:04:32:
                    38:4a:bb:d9:cb:95:dc:59:cb:6b:63:ed:13:58:4d:
                    9b:67:32:f8:3a:fa:dd:bb:59:4c:a6:86:61:71:4f:
                    53:c0:8e:44:e0:ed:83:7c:b6:a2:45:09:dd:9b:1d:
                    7e:ef:f7:bc:c7:fb:43:e1:d2:c1:29:5b:ca:73:81:
                    47:c5:e6:e3:75:93:22:65:c5:b5:28:92:97:d6:ef:
                    62:eb:52:73:1c:68:49:c0:46:45:71:46:8b:bb:a7:
                    69:b6:f1:51:35:49:8d:80:56:8c:da:32:c6:e4:82:
                    8a:4a:f7:9b:a2:a0:43:ae:6a:69:62:70:a7:6c:12:
                    46:19:3d:9a:35:27:d9:1a:75:6e:08:0a:e5:80:94:
                    60:3a:57:c5:c1:ad:2d:42:a5:64:62:8f:74:28:e0:
                    36:e1:33:9b:f3:c8:e8:3c:12:4b:33:65:3c:8c:ff:
                    0e:1f:b3:3b:97:9b:4f:2d:4f:4d:2e:75:91:86:f1:
                    8d:1a:9b:a4:fc:db:dd:2a:ed:6b:b5:38:6b:42:7c:
                    87:bc:8d:0a:f5:2e:7f:41:a0:65:d8:41:3e:57:90:
                    e5:ea:db:25:b0:23:98:10:77:9f:2f:ed:02:a7:01:
                    3c:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:68:73:44:53:CB:07:20:02:66:7F:1D:4C:5E:C9:CB:22:4C:5A:FB
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:02:6b:9d:00:91:dc:c6:d5:2b:43:bb:46:16:37:17:4d:c8:
         b2:80:f4:8a:34:25:0f:94:36:2c:9a:a5:34:ad:1a:75:1b:62:
         0f:a7:93:42:fc:1b:c9:3e:39:c8:15:1a:af:49:4a:97:89:a2:
         14:b5:c0:35:6d:b7:67:ac:bf:02:6b:9d:98:ce:81:1f:c9:0f:
         e4:4a:7d:32:9d:0f:bd:6c:df:c7:29:c8:33:9c:c5:70:4d:35:
         9d:02:9f:37:3d:61:c7:22:41:84:ed:3a:53:c4:69:60:01:f4:
         4d:4d:33:10:fc:d7:08:a9:7d:8b:23:9c:16:39:18:ab:39:5f:
         b4:a9:91:1b:69:5d:88:d4:26:b2:12:19:c4:f0:fc:ed:95:d8:
         60:66:52:f6:b9:3e:56:3f:d5:b9:0f:66:bf:51:e6:6c:fa:cf:
         31:9c:6b:d3:9e:07:fa:ea:08:ef:f7:c8:96:99:9a:cf:c4:63:
         0d:37:5b:1c:84:eb:8c:8f:c0:2f:92:c9:c9:62:da:48:c0:57:
         da:e1:47:79:9c:16:7a:e1:c7:37:de:8a:f1:e4:44:29:25:1c:
         40:ab:3c:ff:9a:af:24:21:87:d0:27:70:59:8c:98:de:82:da:
         2a:5d:29:46:10:9c:1b:27:bd:17:3c:86:a0:92:5d:a5:1f:6f:
         c2:e4:50:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9QGckk2AugPafdjdWSLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjUxMTA0MTMwMTEwWhcNMjUxMTA1MTMwMTEwWjAzMTEwLwYDVQQD
EygxOTY4NzM0NDUzY2IwNzIwMDI2NjdmMWQ0YzVlYzljYjIyNGM1YWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdTlVzivCB6vgNnNTED623ixogiV
Z89c+AUPBDI4SrvZy5XcWctrY+0TWE2bZzL4Ovrdu1lMpoZhcU9TwI5E4O2DfLai
RQndmx1+7/e8x/tD4dLBKVvKc4FHxebjdZMiZcW1KJKX1u9i61JzHGhJwEZFcUaL
u6dptvFRNUmNgFaM2jLG5IKKSveboqBDrmppYnCnbBJGGT2aNSfZGnVuCArlgJRg
OlfFwa0tQqVkYo90KOA24TOb88joPBJLM2U8jP8OH7M7l5tPLU9NLnWRhvGNGpuk
/NvdKu1rtThrQnyHvI0K9S5/QaBl2EE+V5Dl6tslsCOYEHefL+0CpwE8lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBloc0RTywcgAmZ/HUxeycsiTFr7MB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwAJrnQCR
3MbVK0O7RhY3F03IsoD0ijQlD5Q2LJqlNK0adRtiD6eTQvwbyT45yBUar0lKl4mi
FLXANW23Z6y/AmudmM6BH8kP5Ep9Mp0PvWzfxynIM5zFcE01nQKfNz1hxyJBhO06
U8RpYAH0TU0zEPzXCKl9iyOcFjkYqzlftKmRG2ldiNQmshIZxPD87ZXYYGZS9rk+
Vj/VuQ9mv1HmbPrPMZxr054H+uoI7/fIlpmaz8RjDTdbHITrjI/AL5LJyWLaSMBX
2uFHeZwWeuHHN96K8eREKSUcQKs8/5qvJCGH0CdwWYyY3oLaKl0pRhCcGye9FzyG
oJJdpR9vwuRQgA==
-----END CERTIFICATE-----