Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          jfGAbrG9Nc4SEhFPK9IOWOjTyHRQInBhItHd64OgtAA=
Subject key identifier:   23:69:E1:E8:26:5A:0B:7C:0B:2F:F8:7E:AB:03:EB:DF:29:DC:9B:ED
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       019A4EF5E81E22EDFE791DC9C88C189C2251
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          09D9
Signing time:             Tue 04 Nov 2025 13:02:09 +0000
Manifest this update:     Tue 04 Nov 2025 13:02:09 +0000
Manifest next update:     Wed 05 Nov 2025 13:02:09 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: EzXqEeFWLc/jquSj1SKZ8a9j3IJxi4soQPy2M/u/u/g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:e8:1e:22:ed:fe:79:1d:c9:c8:8c:18:9c:22:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: Nov  4 13:02:09 2025 GMT
            Not After : Nov  5 13:02:09 2025 GMT
        Subject: CN=2369e1e8265a0b7c0b2ff87eab03ebdf29dc9bed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:c3:28:cd:98:17:5f:d1:24:d3:5e:ea:9b:e2:
                    71:f1:03:62:e1:82:b7:ab:0f:31:41:83:42:4b:c5:
                    2f:f0:a9:7c:5e:f7:4f:d9:b8:90:09:b6:6a:98:88:
                    0c:80:09:f4:ec:c4:b4:4f:12:e7:5f:6a:53:f5:61:
                    db:f1:d4:6b:4d:a1:06:07:80:df:98:07:b5:81:e7:
                    05:d6:ed:73:81:7d:b0:78:96:26:3c:85:aa:4e:83:
                    0d:1d:ec:b6:80:b0:5f:2e:a8:7b:73:6c:7b:51:03:
                    65:0b:d4:66:29:05:e0:e0:f4:6b:98:37:78:55:6e:
                    04:03:ce:f5:56:04:9b:93:c3:6c:b2:4c:86:72:00:
                    9e:4c:0c:a8:9c:8e:08:9d:17:70:1d:23:cd:83:c5:
                    53:9b:98:d3:62:d7:a7:bb:7e:2c:ed:cf:ae:be:18:
                    1a:85:1f:df:2f:31:f3:69:5f:b4:9d:18:12:69:bc:
                    b0:7d:35:34:fd:83:3d:6c:70:1f:57:c9:3c:c4:46:
                    fe:fa:38:bf:20:f8:53:17:65:57:b4:2d:48:ac:48:
                    e7:e8:6a:59:5b:e9:d1:2f:80:b5:42:dc:bc:85:3c:
                    e0:92:6e:90:18:e0:cc:e3:66:c0:0e:89:05:fd:e6:
                    b8:a6:d0:89:ec:4b:23:d0:95:e0:a0:d4:13:34:bf:
                    46:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:69:E1:E8:26:5A:0B:7C:0B:2F:F8:7E:AB:03:EB:DF:29:DC:9B:ED
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:40:b8:fc:43:fa:c0:08:88:64:e2:29:f8:4e:bf:0a:38:7e:
         76:07:dc:64:88:97:ad:48:2e:ab:5c:5a:9d:f4:ed:b1:8c:fb:
         fa:7f:f9:01:04:d8:05:71:7d:0b:63:a9:90:e4:88:d6:81:03:
         72:43:2c:c0:78:a0:ea:1d:00:d6:dd:6b:5e:bf:c7:00:cb:cc:
         ca:9c:b7:5c:c5:f9:12:af:97:cc:f4:f7:2e:9a:aa:07:83:31:
         89:1b:3c:c4:80:15:b1:ed:e3:38:c8:a8:a5:78:3b:ba:7b:f3:
         de:07:5c:4a:e5:50:9e:9e:4a:d4:77:46:aa:e0:d0:3b:e4:9f:
         16:28:db:08:e8:59:ee:4f:e8:66:15:07:42:bf:09:41:19:65:
         04:f6:ab:3e:be:24:ef:db:6a:55:81:92:3f:5e:6b:e9:0d:0d:
         38:53:17:74:cc:46:e1:97:3f:45:2f:17:90:14:ff:b5:b1:5b:
         7b:a5:bf:c7:88:fb:bc:43:6d:d2:62:40:50:f3:78:57:dc:e2:
         58:06:6d:75:3e:a0:33:38:bc:9a:84:c0:97:df:bf:2f:e4:d9:
         fc:7a:ad:d9:18:ac:a0:75:32:ca:fe:8f:b4:c7:d4:7c:97:d4:
         9c:54:32:af:7a:90:67:1d:a9:d4:23:d2:ce:dd:ae:31:b3:64:
         84:45:3e:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9egeIu3+eR3JyIwYnCJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjUxMTA0MTMwMjA5WhcNMjUxMTA1MTMwMjA5WjAzMTEwLwYDVQQD
EygyMzY5ZTFlODI2NWEwYjdjMGIyZmY4N2VhYjAzZWJkZjI5ZGM5YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA88MozZgXX9Ek017qm+Jx8QNi4YK3
qw8xQYNCS8Uv8Kl8XvdP2biQCbZqmIgMgAn07MS0TxLnX2pT9WHb8dRrTaEGB4Df
mAe1gecF1u1zgX2weJYmPIWqToMNHey2gLBfLqh7c2x7UQNlC9RmKQXg4PRrmDd4
VW4EA871VgSbk8NsskyGcgCeTAyonI4InRdwHSPNg8VTm5jTYtenu34s7c+uvhga
hR/fLzHzaV+0nRgSabywfTU0/YM9bHAfV8k8xEb++ji/IPhTF2VXtC1IrEjn6GpZ
W+nRL4C1Qty8hTzgkm6QGODM42bADokF/ea4ptCJ7Esj0JXgoNQTNL9GuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNp4egmWgt8Cy/4fqsD698p3JvtMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkUC4/EP6
wAiIZOIp+E6/Cjh+dgfcZIiXrUguq1xanfTtsYz7+n/5AQTYBXF9C2OpkOSI1oED
ckMswHig6h0A1t1rXr/HAMvMypy3XMX5Eq+XzPT3LpqqB4MxiRs8xIAVse3jOMio
pXg7unvz3gdcSuVQnp5K1HdGquDQO+SfFijbCOhZ7k/oZhUHQr8JQRllBParPr4k
79tqVYGSP15r6Q0NOFMXdMxG4Zc/RS8XkBT/tbFbe6W/x4j7vENt0mJAUPN4V9zi
WAZtdT6gMzi8moTAl9+/L+TZ/Hqt2RisoHUyyv6PtMfUfJfUnFQyr3qQZx2p1CPS
zt2uMbNkhEU+iQ==
-----END CERTIFICATE-----