Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          ATF1NT3a6weH2PlgvqpLq+FjAeh1pk4W+K7deiEoT9g=
Subject key identifier:   AD:79:96:86:03:6A:76:15:50:7E:AD:AC:74:03:FF:C1:EA:13:AD:58
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       019A4F2B137152BE9959476A889839BB4764
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0F8D
Signing time:             Tue 04 Nov 2025 14:00:14 +0000
Manifest this update:     Tue 04 Nov 2025 14:00:14 +0000
Manifest next update:     Wed 05 Nov 2025 14:00:14 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: ubm0qqO3tyDzhMB68BZ+Wx88cE2sk1VfKanh5wC0unI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:2b:13:71:52:be:99:59:47:6a:88:98:39:bb:47:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Nov  4 14:00:14 2025 GMT
            Not After : Nov  5 14:00:14 2025 GMT
        Subject: CN=ad799686036a7615507eadac7403ffc1ea13ad58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:dd:7e:2a:48:51:b7:10:a5:c5:22:60:9f:d3:
                    73:84:a8:48:d4:48:3b:bd:ee:bd:81:ef:c9:e1:80:
                    cf:6e:a2:7d:b2:71:5f:99:f7:71:23:6a:1e:3d:7b:
                    a2:12:8f:b5:b1:ce:32:38:84:25:ec:3b:89:ae:d0:
                    73:b7:9f:b1:bd:6c:63:77:9a:86:a8:71:cb:5b:84:
                    5e:38:11:ec:ee:4f:db:16:06:e6:01:57:bb:1e:f3:
                    9a:d0:4c:1d:80:e3:ce:db:47:5d:ed:0d:84:1e:1d:
                    12:1a:71:87:7f:20:42:64:84:ae:0e:6f:10:99:c1:
                    2c:70:dd:9e:e5:b9:06:6d:43:d8:e5:8c:f2:0d:0d:
                    28:4a:52:f1:47:63:c3:b7:00:bb:ef:90:ad:8b:ab:
                    b9:b9:fc:6c:e3:35:61:2c:c4:e7:ea:0e:e0:69:e6:
                    71:70:37:f1:b3:2b:b1:af:98:47:2d:ea:e0:a4:21:
                    d7:74:7b:d0:34:cc:40:bc:11:43:24:fc:03:17:2f:
                    66:41:38:4b:fa:5e:f9:ff:d1:0d:36:71:2f:fb:58:
                    d6:b1:87:7f:4d:42:04:00:54:2c:33:55:01:92:67:
                    e1:1c:d9:44:05:fe:24:6e:44:71:77:70:b1:88:63:
                    5e:ca:96:fe:0e:e7:03:12:2c:fd:c8:ad:53:06:14:
                    c9:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:79:96:86:03:6A:76:15:50:7E:AD:AC:74:03:FF:C1:EA:13:AD:58
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:af:07:bb:e5:3f:3d:0a:e9:a8:04:73:79:b2:fe:84:57:85:
         2b:65:3a:6b:1f:4e:e2:ab:7f:5d:9e:84:4a:22:89:ba:e7:b0:
         54:a3:df:10:9b:28:de:2e:f4:f7:34:00:a6:5c:6c:59:64:13:
         08:e3:86:19:1c:60:55:c6:e9:20:1a:f4:17:f9:30:5d:0e:b9:
         54:94:a6:d1:6e:4e:43:b4:6c:60:77:47:69:2c:cd:72:a3:23:
         0f:87:8a:c6:c8:d5:90:e1:1a:0c:9f:52:3e:22:c8:87:14:6e:
         2c:cf:a4:9a:8c:34:43:7b:e6:d9:ca:71:a2:dc:a0:88:82:30:
         ea:85:f4:ed:a0:93:25:c6:ab:c2:84:5e:94:97:fa:eb:ed:7b:
         4f:88:fb:6b:93:63:e6:ae:9a:48:09:b3:c3:85:70:f3:86:23:
         80:bc:e2:21:1d:de:5e:49:00:a1:8f:31:eb:32:54:a5:fe:e4:
         24:e5:09:91:c7:86:ef:61:42:75:dc:f0:d2:14:ad:a4:d4:39:
         20:d6:7b:12:8b:8e:e8:29:b4:8c:5b:2c:4d:50:a1:e3:cd:27:
         c1:21:ee:8c:31:9b:27:59:1c:57:5b:d3:fc:e8:89:82:80:36:
         89:57:08:c2:fe:3f:52:de:e4:01:a0:ee:65:1c:f3:aa:1d:bf:
         84:6b:7a:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPKxNxUr6ZWUdqiJg5u0dkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjUxMTA0MTQwMDE0WhcNMjUxMTA1MTQwMDE0WjAzMTEwLwYDVQQD
EyhhZDc5OTY4NjAzNmE3NjE1NTA3ZWFkYWM3NDAzZmZjMWVhMTNhZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd1+KkhRtxClxSJgn9NzhKhI1Eg7
ve69ge/J4YDPbqJ9snFfmfdxI2oePXuiEo+1sc4yOIQl7DuJrtBzt5+xvWxjd5qG
qHHLW4ReOBHs7k/bFgbmAVe7HvOa0EwdgOPO20dd7Q2EHh0SGnGHfyBCZISuDm8Q
mcEscN2e5bkGbUPY5YzyDQ0oSlLxR2PDtwC775Cti6u5ufxs4zVhLMTn6g7gaeZx
cDfxsyuxr5hHLergpCHXdHvQNMxAvBFDJPwDFy9mQThL+l75/9ENNnEv+1jWsYd/
TUIEAFQsM1UBkmfhHNlEBf4kbkRxd3CxiGNeypb+DucDEiz9yK1TBhTJ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK15loYDanYVUH6trHQD/8HqE61YMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiK8Hu+U/
PQrpqARzebL+hFeFK2U6ax9O4qt/XZ6ESiKJuuewVKPfEJso3i709zQAplxsWWQT
COOGGRxgVcbpIBr0F/kwXQ65VJSm0W5OQ7RsYHdHaSzNcqMjD4eKxsjVkOEaDJ9S
PiLIhxRuLM+kmow0Q3vm2cpxotygiIIw6oX07aCTJcarwoRelJf66+17T4j7a5Nj
5q6aSAmzw4Vw84YjgLziIR3eXkkAoY8x6zJUpf7kJOUJkceG72FCddzw0hStpNQ5
INZ7EouO6Cm0jFssTVCh480nwSHujDGbJ1kcV1vT/OiJgoA2iVcIwv4/Ut7kAaDu
ZRzzqh2/hGt6vg==
-----END CERTIFICATE-----