Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          QY0wllcZ2seOUNGkYehgh+llVGO0mNTkhUS30b68Z5w=
Subject key identifier:   15:34:92:B1:CD:D6:8F:61:14:74:0D:05:59:F8:EA:45:72:A5:95:57
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       019A4F98CC5E0292EDA129F7620B6EE1AD1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0EFC
Signing time:             Tue 04 Nov 2025 16:00:04 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:04 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:04 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: qkBISobmde48/RIIpyjGd/Y4GEw6Dk3bseZtzpk7KVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:98:cc:5e:02:92:ed:a1:29:f7:62:0b:6e:e1:ad:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Nov  4 16:00:04 2025 GMT
            Not After : Nov  5 16:00:04 2025 GMT
        Subject: CN=153492b1cdd68f6114740d0559f8ea4572a59557
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:44:9a:65:a6:d5:6a:37:a9:b8:3a:31:73:c7:
                    0d:25:e6:41:44:f6:18:28:b4:58:d4:b8:d9:5d:e5:
                    c9:39:ac:49:84:a7:14:85:37:9f:7b:82:7a:6b:dd:
                    ec:7a:aa:81:17:84:48:a8:90:c0:87:97:2f:e5:96:
                    88:a6:60:03:76:4b:09:f1:06:15:e8:4e:40:9b:a9:
                    a1:67:13:ce:4f:08:b6:3b:df:6f:27:f1:7e:6b:d4:
                    24:6e:a8:93:ef:80:87:94:30:c9:77:25:38:46:85:
                    0f:af:f6:19:de:a7:b5:42:1d:2f:9b:48:6b:2e:39:
                    be:25:e0:7f:2d:10:18:9a:42:ff:75:67:b8:03:03:
                    d5:d8:77:f1:8d:59:17:2e:8d:f0:03:2a:fe:e6:54:
                    ec:98:94:17:50:15:22:5c:79:da:41:a7:6c:d2:75:
                    cc:2b:ee:b9:2f:2f:fe:7d:35:5c:c6:ad:eb:e0:e5:
                    08:57:c1:44:66:a6:a7:cc:04:4d:bc:73:b9:af:be:
                    24:11:ed:17:3c:5c:69:66:b5:32:d2:79:45:83:f1:
                    2d:cf:b2:b0:6e:bc:85:e5:1a:ee:2c:f4:16:79:e2:
                    e3:78:cd:0b:b0:c7:d1:ae:5e:a1:0a:e8:2e:6e:97:
                    05:7a:1f:5a:70:7b:f0:f7:34:08:19:ae:76:c0:e9:
                    ba:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:34:92:B1:CD:D6:8F:61:14:74:0D:05:59:F8:EA:45:72:A5:95:57
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:c0:a4:c4:a5:64:10:1f:47:6e:95:bd:ae:bc:c3:56:71:a5:
         a9:2f:fc:d7:7f:e3:61:fb:a6:13:24:6c:6c:30:c1:02:70:46:
         dd:a6:a8:05:a2:f0:a7:a4:a0:22:27:3f:59:ff:c9:14:13:e0:
         be:90:d9:88:67:dc:ec:d9:bf:70:70:d8:a4:b1:09:42:bc:2e:
         e8:1b:90:1c:3f:70:26:f8:d6:23:d7:1e:05:ef:1f:80:80:df:
         13:20:62:e9:c5:b8:6f:07:13:e4:5e:ed:96:de:a9:12:38:16:
         19:60:18:60:fe:6d:23:ca:67:86:ab:a7:f8:9f:45:9f:59:20:
         27:8e:c8:e7:57:1c:f2:30:8e:c4:d8:b5:31:5e:9f:26:1b:e4:
         e8:51:51:b7:8d:4d:2c:4a:92:27:92:57:e1:4d:a9:78:8f:65:
         e8:b7:e0:f7:98:02:b9:06:19:ac:f7:4f:fc:a7:ea:ae:ac:98:
         bc:59:b6:d3:ca:37:43:9d:79:73:c4:5c:dd:cc:e2:7c:1f:db:
         a8:be:ee:5c:8c:cd:64:2e:4b:55:8f:28:a2:d8:27:c3:3d:96:
         d7:db:db:de:10:f0:00:30:ff:23:15:90:cb:b4:4a:b6:2c:25:
         c8:97:cd:cb:dc:dc:8a:9e:73:6d:f8:b4:76:45:41:a3:26:39:
         78:a1:54:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmMxeApLtoSn3Ygtu4a0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjUxMTA0MTYwMDA0WhcNMjUxMTA1MTYwMDA0WjAzMTEwLwYDVQQD
EygxNTM0OTJiMWNkZDY4ZjYxMTQ3NDBkMDU1OWY4ZWE0NTcyYTU5NTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUSaZabVajepuDoxc8cNJeZBRPYY
KLRY1LjZXeXJOaxJhKcUhTefe4J6a93seqqBF4RIqJDAh5cv5ZaIpmADdksJ8QYV
6E5Am6mhZxPOTwi2O99vJ/F+a9QkbqiT74CHlDDJdyU4RoUPr/YZ3qe1Qh0vm0hr
Ljm+JeB/LRAYmkL/dWe4AwPV2HfxjVkXLo3wAyr+5lTsmJQXUBUiXHnaQads0nXM
K+65Ly/+fTVcxq3r4OUIV8FEZqanzARNvHO5r74kEe0XPFxpZrUy0nlFg/Etz7Kw
bryF5RruLPQWeeLjeM0LsMfRrl6hCugubpcFeh9acHvw9zQIGa52wOm6+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBU0krHN1o9hFHQNBVn46kVypZVXMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtsCkxKVk
EB9HbpW9rrzDVnGlqS/813/jYfumEyRsbDDBAnBG3aaoBaLwp6SgIic/Wf/JFBPg
vpDZiGfc7Nm/cHDYpLEJQrwu6BuQHD9wJvjWI9ceBe8fgIDfEyBi6cW4bwcT5F7t
lt6pEjgWGWAYYP5tI8pnhqun+J9Fn1kgJ47I51cc8jCOxNi1MV6fJhvk6FFRt41N
LEqSJ5JX4U2peI9l6Lfg95gCuQYZrPdP/KfqrqyYvFm208o3Q515c8Rc3czifB/b
qL7uXIzNZC5LVY8ootgnwz2W19vb3hDwADD/IxWQy7RKtiwlyJfNy9zcip5zbfi0
dkVBoyY5eKFUvQ==
-----END CERTIFICATE-----