Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          2uvJv3YiWIPMtzDbn629hABYtQ2x1R2xOCVQyl5sTIs=
Subject key identifier:   5F:4D:9D:EE:C5:29:32:BF:24:16:DC:05:E2:A0:30:AF:90:9B:4E:58
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       019A4DE19967A249B6FD2D4F779C22ED9BAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          0449
Signing time:             Tue 04 Nov 2025 08:00:21 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:21 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:21 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: bCIWoQqGjZMZ14Nny63kYFIh/M2AUcRNXtAW77zYrsM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:99:67:a2:49:b6:fd:2d:4f:77:9c:22:ed:9b:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: Nov  4 08:00:21 2025 GMT
            Not After : Nov  5 08:00:21 2025 GMT
        Subject: CN=5f4d9deec52932bf2416dc05e2a030af909b4e58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:92:3a:e8:ab:49:8c:53:07:1d:6d:c1:2f:ec:
                    d6:df:6e:e9:bd:cb:e9:88:be:7b:79:e2:65:9a:16:
                    a8:9a:eb:fc:24:1b:64:7a:1b:5f:1d:cf:60:0c:95:
                    c8:6a:11:af:df:fa:b5:be:7e:3c:ec:1c:e5:cf:c0:
                    c3:39:c1:21:81:74:70:a2:f5:b3:f4:42:68:20:66:
                    5a:80:fd:47:4b:a9:8b:6d:04:64:c0:9d:38:62:eb:
                    eb:0f:d8:a1:63:9e:98:66:cc:86:ad:aa:3c:0f:10:
                    d0:c0:36:b3:eb:ac:b7:50:3d:47:9e:30:11:52:46:
                    bd:ee:8a:66:24:41:7c:cc:ba:7a:a3:8f:d8:fb:c7:
                    43:5b:ed:64:a2:ec:ce:f2:ed:7d:4f:1d:87:39:50:
                    3d:06:49:4b:67:5d:33:db:a6:a1:9d:da:f2:5e:f3:
                    0c:d7:da:0a:71:52:83:a6:16:bb:0e:a4:ad:6d:49:
                    7d:89:61:73:db:8a:0f:b1:59:4f:3c:56:cc:cf:04:
                    37:81:45:b3:85:a4:e3:7d:cb:e0:1e:74:b2:7a:ea:
                    76:e9:36:ff:5d:3b:f7:40:ad:a6:d5:d1:4c:51:b5:
                    4b:5f:b8:67:3c:31:31:d4:a4:3c:1d:c9:8c:0a:4f:
                    63:02:86:de:42:91:a9:11:90:22:9a:0b:e9:99:9f:
                    f1:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:4D:9D:EE:C5:29:32:BF:24:16:DC:05:E2:A0:30:AF:90:9B:4E:58
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:a1:1c:cf:3b:bd:f2:30:aa:96:29:32:e4:d1:44:24:05:7c:
         94:df:6e:e8:ee:5c:f8:df:6a:de:72:c1:f2:d5:10:6f:28:0c:
         9c:7a:da:79:4c:e2:d3:bb:1d:a7:21:c9:11:00:60:8a:d5:43:
         81:86:d1:5c:d6:de:df:b8:8f:da:cd:c1:a1:0e:cd:0e:64:85:
         dd:9d:ee:80:68:b4:d0:ac:a3:76:ca:ee:5c:66:61:ff:6f:fc:
         06:f3:1a:00:07:cd:f0:a8:ae:d3:bd:b9:53:ef:e2:ac:a4:3e:
         76:d8:64:10:e4:50:40:26:48:d3:ff:e3:3e:50:34:dd:91:16:
         e0:1a:34:95:9c:56:b9:06:1c:4d:57:c3:94:38:4f:35:d1:33:
         e8:84:8d:5e:c5:68:c2:90:0f:e0:83:3b:1d:bf:05:52:f5:46:
         c3:db:45:66:69:98:34:d8:fb:11:8b:ee:8c:6d:a3:10:1c:7d:
         ad:51:98:ab:82:1e:3f:ac:e1:a3:0e:15:fc:0e:23:e8:10:bb:
         84:31:e9:81:fc:d7:78:a1:e8:74:a7:34:a3:d5:33:11:93:27:
         d3:2f:a3:35:ea:af:fc:73:08:9f:3b:c3:cd:e1:32:d0:fa:c3:
         5e:d9:ab:25:33:95:b8:5e:92:14:f7:8e:12:b9:31:d0:db:28:
         46:76:55:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4Zlnokm2/S1Pd5wi7ZuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjUxMTA0MDgwMDIxWhcNMjUxMTA1MDgwMDIxWjAzMTEwLwYDVQQD
Eyg1ZjRkOWRlZWM1MjkzMmJmMjQxNmRjMDVlMmEwMzBhZjkwOWI0ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZI66KtJjFMHHW3BL+zW327pvcvp
iL57eeJlmhaomuv8JBtkehtfHc9gDJXIahGv3/q1vn487Bzlz8DDOcEhgXRwovWz
9EJoIGZagP1HS6mLbQRkwJ04YuvrD9ihY56YZsyGrao8DxDQwDaz66y3UD1HnjAR
Uka97opmJEF8zLp6o4/Y+8dDW+1kouzO8u19Tx2HOVA9BklLZ10z26ahndryXvMM
19oKcVKDpha7DqStbUl9iWFz24oPsVlPPFbMzwQ3gUWzhaTjfcvgHnSyeup26Tb/
XTv3QK2m1dFMUbVLX7hnPDEx1KQ8HcmMCk9jAobeQpGpEZAimgvpmZ/xdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9Nne7FKTK/JBbcBeKgMK+Qm05YMB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ6Eczzu9
8jCqliky5NFEJAV8lN9u6O5c+N9q3nLB8tUQbygMnHraeUzi07sdpyHJEQBgitVD
gYbRXNbe37iP2s3BoQ7NDmSF3Z3ugGi00KyjdsruXGZh/2/8BvMaAAfN8Kiu0725
U+/irKQ+dthkEORQQCZI0//jPlA03ZEW4Bo0lZxWuQYcTVfDlDhPNdEz6ISNXsVo
wpAP4IM7Hb8FUvVGw9tFZmmYNNj7EYvujG2jEBx9rVGYq4IeP6zhow4V/A4j6BC7
hDHpgfzXeKHodKc0o9UzEZMn0y+jNeqv/HMInzvDzeEy0PrDXtmrJTOVuF6SFPeO
Erkx0NsoRnZVkQ==
-----END CERTIFICATE-----