Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          uOFocVdn2RRMxWq7JLr3o8mmAONJOUZhLF2sCsE7msg=
Subject key identifier:   F8:DB:A7:10:0E:4A:28:95:7D:D8:38:5F:F3:A1:D8:EF:C6:1F:D4:14
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       019A4F62AF82499134545DC36F89205CAC6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 15:00:58 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:58 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:58 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: OpNJQpvdCpoj8Mr+VTNgelUsP+41xJI2tFkNBo9QQ1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:af:82:49:91:34:54:5d:c3:6f:89:20:5c:ac:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: Nov  4 15:00:58 2025 GMT
            Not After : Nov  5 15:00:58 2025 GMT
        Subject: CN=f8dba7100e4a28957dd8385ff3a1d8efc61fd414
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:31:67:6e:f4:b1:a4:70:22:49:20:52:82:2d:
                    d8:62:b3:e7:19:f9:06:2a:6f:60:77:1c:0b:f9:59:
                    a1:c2:ef:64:9a:e5:05:c1:6c:8b:16:f0:c3:94:0b:
                    9c:a6:bc:35:2d:ee:50:4f:e5:b9:18:24:2a:bc:b3:
                    e6:e7:6d:8b:9f:f9:10:f6:9a:f8:e1:df:8b:3e:76:
                    d5:75:0d:e6:38:61:a2:af:64:fe:b8:0e:58:e3:3d:
                    04:e9:55:30:97:d9:be:0b:5a:cd:6d:d5:14:c7:dc:
                    c8:b0:5e:4f:ee:2b:ba:4b:2f:78:19:aa:a3:3c:32:
                    7e:d7:01:d5:ff:60:61:95:f2:5c:8d:d8:c5:54:5c:
                    19:fa:59:c8:de:4d:db:33:fc:db:33:91:fd:14:d7:
                    be:ad:f9:1c:b6:bc:f5:6a:64:50:78:32:8e:4b:8c:
                    d0:ad:c5:e3:94:cf:b3:f4:c7:4a:e8:f4:94:9e:8d:
                    0e:84:0e:be:82:1f:2a:cc:60:c8:3d:c7:be:63:f4:
                    61:fc:82:53:0a:e7:86:20:9e:ee:34:1b:f5:bb:b6:
                    ba:4a:18:d4:08:c1:8f:7e:67:e3:83:9b:8c:45:37:
                    a6:36:eb:76:e4:ad:f8:35:b8:80:b8:e0:64:8e:e6:
                    24:67:13:61:18:b8:51:eb:18:32:47:90:3f:2f:fe:
                    2d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:DB:A7:10:0E:4A:28:95:7D:D8:38:5F:F3:A1:D8:EF:C6:1F:D4:14
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:da:fb:a5:13:25:9a:2a:29:7c:e3:ff:b6:26:bf:e4:81:00:
         df:2f:e6:e4:b2:32:62:a5:5f:cb:98:af:e0:71:6a:ba:8b:a4:
         81:f0:a7:7e:15:08:f2:f0:f4:37:81:d6:fa:ec:34:bb:f4:12:
         5e:aa:d7:f2:5e:6c:03:48:7b:04:e3:13:4d:98:6c:07:23:ff:
         71:d5:e8:bc:a7:3a:b2:ba:3e:43:a2:12:1b:51:ac:b9:8c:cc:
         c1:9d:52:89:cc:90:d6:f9:5e:c2:41:70:1b:2a:b3:8d:3b:7a:
         fa:26:e1:a8:38:9d:46:e8:c6:df:05:36:fa:82:95:74:17:63:
         3f:d6:89:88:7f:90:39:77:ac:6a:ac:f2:65:08:69:a4:95:cc:
         7c:1a:a7:60:1e:7e:62:3c:bd:27:9f:84:1b:d2:06:0d:17:11:
         66:d9:d4:1b:ca:08:ad:15:ee:1b:c4:ca:13:c9:79:b0:14:56:
         a9:69:c4:43:c8:b8:3f:36:b4:f6:bb:a6:72:9a:5f:c5:37:a6:
         d9:af:8e:83:25:07:8c:95:2d:ee:75:f2:63:d0:1f:0d:88:5a:
         97:95:ed:d0:e6:46:eb:90:32:67:e5:b0:8f:84:5d:70:c5:ba:
         a1:3b:3d:e5:7a:46:5b:c3:77:91:2f:e5:d5:4a:33:48:cb:82:
         0e:6b:15:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYq+CSZE0VF3Db4kgXKxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjUxMTA0MTUwMDU4WhcNMjUxMTA1MTUwMDU4WjAzMTEwLwYDVQQD
EyhmOGRiYTcxMDBlNGEyODk1N2RkODM4NWZmM2ExZDhlZmM2MWZkNDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzFnbvSxpHAiSSBSgi3YYrPnGfkG
Km9gdxwL+Vmhwu9kmuUFwWyLFvDDlAucprw1Le5QT+W5GCQqvLPm522Ln/kQ9pr4
4d+LPnbVdQ3mOGGir2T+uA5Y4z0E6VUwl9m+C1rNbdUUx9zIsF5P7iu6Sy94Gaqj
PDJ+1wHV/2BhlfJcjdjFVFwZ+lnI3k3bM/zbM5H9FNe+rfkctrz1amRQeDKOS4zQ
rcXjlM+z9MdK6PSUno0OhA6+gh8qzGDIPce+Y/Rh/IJTCueGIJ7uNBv1u7a6ShjU
CMGPfmfjg5uMRTemNut25K34NbiAuOBkjuYkZxNhGLhR6xgyR5A/L/4taQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjbpxAOSiiVfdg4X/Oh2O/GH9QUMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAdr7pRMl
miopfOP/tia/5IEA3y/m5LIyYqVfy5iv4HFquoukgfCnfhUI8vD0N4HW+uw0u/QS
XqrX8l5sA0h7BOMTTZhsByP/cdXovKc6sro+Q6ISG1GsuYzMwZ1SicyQ1vlewkFw
GyqzjTt6+ibhqDidRujG3wU2+oKVdBdjP9aJiH+QOXesaqzyZQhppJXMfBqnYB5+
Yjy9J5+EG9IGDRcRZtnUG8oIrRXuG8TKE8l5sBRWqWnEQ8i4Pza09rumcppfxTem
2a+OgyUHjJUt7nXyY9AfDYhal5Xt0OZG65AyZ+Wwj4RdcMW6oTs95XpGW8N3kS/l
1UozSMuCDmsVgg==
-----END CERTIFICATE-----