Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          EdAGyjYaAHMVnn7+tNiQi/hwGu7smBFF5N/Zom0AX84=
Subject key identifier:   8B:75:33:45:EE:6B:76:70:1F:96:09:18:54:37:AA:17:F1:6C:1B:C1
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       019A4EF56BA1120B0A8143104B1983933D4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          079E
Signing time:             Tue 04 Nov 2025 13:01:37 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:37 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:37 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: OEPOwsQwOuasSJI7PPjvuasCuO+qwPfhSr1wAwS+Rmg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:6b:a1:12:0b:0a:81:43:10:4b:19:83:93:3d:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Nov  4 13:01:37 2025 GMT
            Not After : Nov  5 13:01:37 2025 GMT
        Subject: CN=8b753345ee6b76701f9609185437aa17f16c1bc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a3:b4:50:7b:c5:11:2f:2b:0f:23:0f:7a:0e:
                    6e:71:4f:bd:5a:05:31:89:3a:60:8f:12:b2:8e:44:
                    6c:b9:c6:6f:b7:33:a3:8c:fa:b5:b2:18:3a:3a:37:
                    64:1b:a2:64:15:e5:df:85:8a:99:8b:96:72:26:c8:
                    f3:ba:3b:69:ce:d8:45:42:2c:14:d4:a9:a9:87:8a:
                    64:64:30:cb:1b:b8:fe:eb:55:11:8a:6c:98:b6:56:
                    9f:60:db:8a:23:78:d7:61:69:0c:81:cf:cc:e3:4d:
                    46:76:ae:6c:42:8b:70:e2:e5:74:9d:4c:a9:a0:61:
                    89:44:78:0c:76:5b:8c:e7:8c:06:45:01:29:09:30:
                    75:6e:1b:c6:1c:3a:b0:e5:ce:ea:3b:9d:0a:4c:c3:
                    4a:f6:45:03:02:69:88:b6:25:24:b6:f3:05:15:09:
                    d5:3f:1f:01:02:47:a5:f4:5d:b0:e8:79:fe:ad:65:
                    4f:d6:1d:a7:cf:cb:ae:4a:84:3e:9e:f1:ba:0e:bf:
                    9c:93:d3:98:9a:3b:b1:93:3e:c7:7c:e8:30:db:4f:
                    a3:65:60:f8:d9:8d:31:26:0f:c2:df:f6:a3:9b:5b:
                    35:3a:45:b9:22:ed:77:0e:cc:50:8b:c7:0f:48:be:
                    e9:75:ae:c1:41:75:e5:b9:a6:f1:45:ca:4b:53:83:
                    38:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:75:33:45:EE:6B:76:70:1F:96:09:18:54:37:AA:17:F1:6C:1B:C1
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:30:1c:72:03:eb:34:e4:74:e0:95:81:cc:6b:ba:98:9c:b8:
         fc:16:4b:f7:c2:e2:91:4b:cb:5c:fd:53:94:db:4e:06:ba:8a:
         67:fc:98:e7:41:d6:c1:6c:db:2b:86:7f:b6:96:a0:ec:db:bc:
         4b:4d:c2:fc:19:25:1d:68:c6:6e:bf:b0:6b:67:81:50:c8:9a:
         37:07:46:bf:1d:d0:d8:64:6a:7a:58:d0:90:3b:bc:08:d9:0a:
         f7:f1:75:d4:38:22:c6:87:b3:fa:89:6b:39:88:a7:88:2c:44:
         69:2e:83:fd:39:d7:ae:07:21:af:bf:04:a7:a1:74:f0:17:79:
         c4:da:8c:1b:12:4f:f3:d0:6e:45:37:56:72:35:7a:a2:8f:df:
         34:d7:70:5e:f2:3c:5e:6c:e5:d6:21:10:83:5b:ab:d4:78:b3:
         9b:66:2d:92:e2:a7:a8:50:d5:9b:7a:c9:ac:15:d4:1f:0d:ea:
         2b:64:99:89:58:b3:22:67:98:14:49:86:0c:c4:aa:11:5b:fb:
         e6:52:f3:99:84:78:91:6d:9f:97:da:ae:68:43:ff:47:ae:db:
         d1:94:f6:ec:6e:13:35:4d:58:b1:3c:a3:bc:89:b0:89:6e:bb:
         db:75:54:15:7d:8b:33:f1:5b:d9:92:00:57:b1:15:92:85:b8:
         86:09:79:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9WuhEgsKgUMQSxmDkz1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUxMTA0MTMwMTM3WhcNMjUxMTA1MTMwMTM3WjAzMTEwLwYDVQQD
Eyg4Yjc1MzM0NWVlNmI3NjcwMWY5NjA5MTg1NDM3YWExN2YxNmMxYmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaO0UHvFES8rDyMPeg5ucU+9WgUx
iTpgjxKyjkRsucZvtzOjjPq1shg6OjdkG6JkFeXfhYqZi5ZyJsjzujtpzthFQiwU
1Kmph4pkZDDLG7j+61URimyYtlafYNuKI3jXYWkMgc/M401Gdq5sQotw4uV0nUyp
oGGJRHgMdluM54wGRQEpCTB1bhvGHDqw5c7qO50KTMNK9kUDAmmItiUktvMFFQnV
Px8BAkel9F2w6Hn+rWVP1h2nz8uuSoQ+nvG6Dr+ck9OYmjuxkz7HfOgw20+jZWD4
2Y0xJg/C3/ajm1s1OkW5Iu13DsxQi8cPSL7pda7BQXXluabxRcpLU4M4iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIt1M0Xua3ZwH5YJGFQ3qhfxbBvBMB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKTAccgPr
NOR04JWBzGu6mJy4/BZL98LikUvLXP1TlNtOBrqKZ/yY50HWwWzbK4Z/tpag7Nu8
S03C/BklHWjGbr+wa2eBUMiaNwdGvx3Q2GRqeljQkDu8CNkK9/F11Dgixoez+olr
OYiniCxEaS6D/TnXrgchr78Ep6F08Bd5xNqMGxJP89BuRTdWcjV6oo/fNNdwXvI8
Xmzl1iEQg1ur1Hizm2YtkuKnqFDVm3rJrBXUHw3qK2SZiVizImeYFEmGDMSqEVv7
5lLzmYR4kW2fl9quaEP/R67b0ZT27G4TNU1YsTyjvImwiW6723VUFX2LM/Fb2ZIA
V7EVkoW4hgl5WQ==
-----END CERTIFICATE-----