Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
File:                     ICsQHBBwOrYDIfxj3NZpClJNuxA.mft (raw, json)
Hash identifier:          4le6Dwtrf7hPZ8HGJPPyqq0OwEUtVLWjRnT8PSpsSDc=
Subject key identifier:   2A:28:45:78:EA:49:3D:4C:71:A2:48:17:0D:88:D2:67:43:51:5C:F1
Authority key identifier: 20:2B:10:1C:10:70:3A:B6:03:21:FC:63:DC:D6:69:0A:52:4D:BB:10
Certificate issuer:       /CN=202b101c10703ab60321fc63dcd6690a524dbb10
Certificate serial:       019A4EF5C1230591DFFFE5DBA2EC8B352DC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
Manifest number:          0A80
Signing time:             Tue 04 Nov 2025 13:01:59 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:59 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:59 +0000
Files and hashes:         1: ICsQHBBwOrYDIfxj3NZpClJNuxA.crl (hash: 3CClvUgRBQ8nk+dhINjZrcb4IRUQwHqjCrWYnGpqyP0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:c1:23:05:91:df:ff:e5:db:a2:ec:8b:35:2d:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202b101c10703ab60321fc63dcd6690a524dbb10
        Validity
            Not Before: Nov  4 13:01:59 2025 GMT
            Not After : Nov  5 13:01:59 2025 GMT
        Subject: CN=2a284578ea493d4c71a248170d88d26743515cf1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:87:ca:0f:1a:55:d5:13:c2:38:6d:a3:13:ff:
                    14:77:22:6b:10:0d:fe:e1:ab:08:70:ba:23:17:ec:
                    98:24:f9:fe:9c:d5:8e:f5:87:e7:87:29:6e:e2:e1:
                    7c:c5:80:b1:c1:6d:5d:2a:27:3f:02:27:02:59:06:
                    34:ac:2e:49:b7:37:f8:72:6a:03:2c:c1:c5:b2:c5:
                    93:2d:bc:7e:4f:d7:8f:ea:d7:9d:e9:cf:27:6f:62:
                    f8:9f:15:8f:27:08:8c:b5:3f:4d:15:74:82:04:e9:
                    86:54:38:c7:90:99:fc:e0:ba:c1:fe:76:42:c6:12:
                    1c:e2:f0:3e:50:5c:52:be:1f:96:a5:b5:75:51:c8:
                    b8:c2:e5:1d:69:9b:a4:0b:c9:8b:13:77:81:83:45:
                    ed:8d:1b:73:97:9e:0e:95:30:16:b8:a1:09:44:83:
                    c0:06:dc:06:96:df:b8:8b:7b:65:dd:c0:b8:a8:0d:
                    0c:85:bf:88:5c:f1:3d:06:6f:46:00:df:db:d7:b6:
                    35:22:0e:bd:f3:f5:cd:81:cf:06:4f:e3:39:9a:7d:
                    ea:66:37:aa:bf:28:1d:bd:61:41:a3:d2:b5:34:aa:
                    b3:86:34:5d:9f:80:21:96:45:ea:0d:1e:ab:d7:89:
                    a1:f0:5f:08:d2:14:8b:70:b1:58:6c:c1:a6:49:e2:
                    11:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:28:45:78:EA:49:3D:4C:71:A2:48:17:0D:88:D2:67:43:51:5C:F1
            X509v3 Authority Key Identifier:
                keyid:20:2B:10:1C:10:70:3A:B6:03:21:FC:63:DC:D6:69:0A:52:4D:BB:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:98:1b:fe:19:54:c3:29:e4:84:1e:d8:e3:dd:75:f1:aa:1e:
         f1:36:5c:60:48:fa:78:2b:84:95:ea:a2:68:55:16:1b:c7:be:
         ab:c1:f5:41:11:92:9b:8e:8b:8b:67:2b:52:62:82:d0:bd:6e:
         d1:bc:db:06:2f:71:12:74:fb:c9:52:d3:64:ba:84:3e:74:ab:
         e7:ed:06:b4:cb:9b:9f:72:ce:1c:f1:68:8a:4c:42:b8:d8:4f:
         51:94:6f:16:1f:ec:cc:36:f4:56:b5:d7:4e:8a:21:a1:e8:11:
         0c:6b:76:e5:b8:42:76:2c:84:2c:20:4d:50:1c:ef:2d:ca:91:
         da:cf:97:12:21:c2:50:13:8e:34:ae:8d:ee:ae:c5:7f:42:7d:
         54:b6:10:c3:79:29:8e:4e:54:8c:70:a9:83:87:07:b6:f1:17:
         ad:24:d6:22:7d:8c:df:c0:ce:48:05:5a:25:01:66:ea:9d:af:
         1c:30:f4:e1:8f:a6:92:36:b3:2f:bd:de:93:c1:10:77:ff:f6:
         a9:0f:ad:83:b7:e7:f1:f2:a7:32:66:7f:f0:e2:80:67:45:3a:
         e1:73:2c:6c:ea:1b:93:74:91:5d:ac:43:5a:52:5c:cd:ff:2b:
         f5:ea:0c:f3:17:f6:92:36:4b:09:16:49:31:ff:55:ce:11:db:
         8d:38:99:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9cEjBZHf/+XbouyLNS3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMmIxMDFjMTA3MDNhYjYwMzIxZmM2M2RjZDY2OTBhNTI0
ZGJiMTAwHhcNMjUxMTA0MTMwMTU5WhcNMjUxMTA1MTMwMTU5WjAzMTEwLwYDVQQD
EygyYTI4NDU3OGVhNDkzZDRjNzFhMjQ4MTcwZDg4ZDI2NzQzNTE1Y2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YfKDxpV1RPCOG2jE/8UdyJrEA3+
4asIcLojF+yYJPn+nNWO9Yfnhylu4uF8xYCxwW1dKic/AicCWQY0rC5Jtzf4cmoD
LMHFssWTLbx+T9eP6ted6c8nb2L4nxWPJwiMtT9NFXSCBOmGVDjHkJn84LrB/nZC
xhIc4vA+UFxSvh+WpbV1Uci4wuUdaZukC8mLE3eBg0XtjRtzl54OlTAWuKEJRIPA
BtwGlt+4i3tl3cC4qA0Mhb+IXPE9Bm9GAN/b17Y1Ig698/XNgc8GT+M5mn3qZjeq
vygdvWFBo9K1NKqzhjRdn4AhlkXqDR6r14mh8F8I0hSLcLFYbMGmSeIR7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCooRXjqST1McaJIFw2I0mdDUVzxMB8GA1UdIwQY
MBaAFCArEBwQcDq2AyH8Y9zWaQpSTbsQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iOThhZGMtZWRlMC00YzJhLThjNTYt
YTQ0YzhlNjU0ZGY2LzEvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iOThhZGMtZWRlMC00YzJhLThjNTYtYTQ0YzhlNjU0ZGY2
LzEvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJJgb/hlU
wynkhB7Y49118aoe8TZcYEj6eCuEleqiaFUWG8e+q8H1QRGSm46Li2crUmKC0L1u
0bzbBi9xEnT7yVLTZLqEPnSr5+0GtMubn3LOHPFoikxCuNhPUZRvFh/szDb0VrXX
ToohoegRDGt25bhCdiyELCBNUBzvLcqR2s+XEiHCUBOONK6N7q7Ff0J9VLYQw3kp
jk5UjHCpg4cHtvEXrSTWIn2M38DOSAVaJQFm6p2vHDD04Y+mkjazL73ek8EQd//2
qQ+tg7fn8fKnMmZ/8OKAZ0U64XMsbOobk3SRXaxDWlJczf8r9eoM8xf2kjZLCRZJ
Mf9VzhHbjTiZ2A==
-----END CERTIFICATE-----