Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
File:                     dLJ8XVaEhkhT31uBVyIS7eMizgo.mft (raw, json)
Hash identifier:          wOnPw7+TArHDCyHCHLObUshIMdVEzhtjqhg6h0cGai8=
Subject key identifier:   8F:AF:91:90:07:22:7C:1A:F5:C2:57:DF:AC:67:28:69:08:1F:AE:89
Authority key identifier: 74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A
Certificate issuer:       /CN=74b27c5d5684864853df5b81572212ede322ce0a
Certificate serial:       019A503DCA32C4209DB9FFB42B1AD300AB1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
Manifest number:          03E2
Signing time:             Tue 04 Nov 2025 19:00:18 +0000
Manifest this update:     Tue 04 Nov 2025 19:00:18 +0000
Manifest next update:     Wed 05 Nov 2025 19:00:18 +0000
Files and hashes:         1: dLJ8XVaEhkhT31uBVyIS7eMizgo.crl (hash: lDSt23n7AS95Ual3WOj+tOFJnmpo42jSYpV7wdnhAHU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:3d:ca:32:c4:20:9d:b9:ff:b4:2b:1a:d3:00:ab:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b27c5d5684864853df5b81572212ede322ce0a
        Validity
            Not Before: Nov  4 19:00:18 2025 GMT
            Not After : Nov  5 19:00:18 2025 GMT
        Subject: CN=8faf919007227c1af5c257dfac672869081fae89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:62:14:ee:4f:cf:59:d4:93:81:03:f1:c1:f3:
                    e4:9a:d3:8c:ef:a0:a3:7e:c9:99:73:ff:ce:3a:b8:
                    b9:c3:35:3e:9b:0c:0c:85:92:ec:7e:ff:11:ea:a1:
                    71:a6:7d:f2:d5:8e:06:b4:74:3f:7c:ee:b2:7c:eb:
                    8c:e4:57:1a:e8:e6:53:32:c8:4e:63:34:fb:d1:c8:
                    29:53:9c:c5:0b:b6:3f:69:96:11:1c:30:70:4d:12:
                    78:90:a3:e4:55:5a:82:de:6c:c8:8d:1d:86:a1:c6:
                    79:e6:c2:9a:4e:35:d2:a7:b0:64:e3:a4:91:f7:d7:
                    52:97:2a:72:3f:93:00:b4:37:03:d1:9b:1e:9b:5d:
                    b6:95:35:0e:4d:7f:ef:1a:e1:0a:16:82:d1:93:de:
                    00:4c:32:52:33:d5:4c:fd:72:da:3d:03:6a:4f:9a:
                    6f:12:72:7b:71:a7:1b:ce:f0:83:b7:c6:c5:fb:25:
                    eb:bd:85:08:62:cf:8e:e0:4c:b9:ee:3d:d9:ae:85:
                    72:0a:4a:83:1b:0a:7a:40:ad:2a:96:9b:d9:be:8c:
                    34:87:d4:c9:18:36:a2:32:04:a5:a7:5c:ee:4f:92:
                    cc:4f:49:2c:0f:37:4f:29:db:86:e4:88:33:1f:42:
                    dd:80:6c:30:1d:9f:e9:f9:47:4e:d5:a5:7d:33:44:
                    dc:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:AF:91:90:07:22:7C:1A:F5:C2:57:DF:AC:67:28:69:08:1F:AE:89
            X509v3 Authority Key Identifier:
                keyid:74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:84:a4:6b:42:ca:fa:c1:30:93:d5:8d:08:a2:5b:42:92:6e:
         9e:a9:45:97:d7:ec:d7:d7:79:4e:99:85:df:48:9c:c2:23:b4:
         ad:a8:f5:a5:c9:f6:7f:2e:7d:63:32:7d:ac:3d:59:6c:a0:4e:
         ba:d7:34:df:1c:29:d6:78:7c:f1:3a:8f:9e:1e:3b:8b:f1:18:
         bf:3b:ab:4f:f6:41:98:cf:c8:38:21:68:e6:69:e9:d8:6c:7e:
         c7:15:6f:4e:d5:e1:07:b8:9c:d8:be:db:0a:19:f0:d1:af:95:
         9b:26:e2:3c:4e:56:53:59:db:99:ff:68:cb:a5:9d:45:8d:7e:
         c2:d6:3f:89:7f:ce:4a:d0:83:2a:b8:7d:56:20:a1:95:e0:88:
         12:f7:8d:88:2e:62:47:bf:c4:54:35:e9:fc:17:48:16:52:44:
         80:5f:6d:44:e9:cc:aa:92:47:6c:81:38:94:c7:e0:d5:67:71:
         5e:25:62:51:19:44:5c:dc:3f:f3:0c:77:09:f0:23:99:c4:1c:
         52:cd:15:dd:c6:7c:52:9d:7d:20:fe:2e:8a:6a:99:f2:88:ed:
         15:b2:f1:27:f7:67:94:bc:b0:a9:2f:67:77:1b:a9:40:2d:f2:
         fb:60:06:9a:00:f3:c6:46:60:34:05:80:a1:e5:a7:f8:81:7a:
         cd:e4:d0:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPcoyxCCduf+0KxrTAKsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjI3YzVkNTY4NDg2NDg1M2RmNWI4MTU3MjIxMmVkZTMy
MmNlMGEwHhcNMjUxMTA0MTkwMDE4WhcNMjUxMTA1MTkwMDE4WjAzMTEwLwYDVQQD
Eyg4ZmFmOTE5MDA3MjI3YzFhZjVjMjU3ZGZhYzY3Mjg2OTA4MWZhZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmIU7k/PWdSTgQPxwfPkmtOM76Cj
fsmZc//OOri5wzU+mwwMhZLsfv8R6qFxpn3y1Y4GtHQ/fO6yfOuM5Fca6OZTMshO
YzT70cgpU5zFC7Y/aZYRHDBwTRJ4kKPkVVqC3mzIjR2GocZ55sKaTjXSp7Bk46SR
99dSlypyP5MAtDcD0Zsem122lTUOTX/vGuEKFoLRk94ATDJSM9VM/XLaPQNqT5pv
EnJ7cacbzvCDt8bF+yXrvYUIYs+O4Ey57j3ZroVyCkqDGwp6QK0qlpvZvow0h9TJ
GDaiMgSlp1zuT5LMT0ksDzdPKduG5IgzH0LdgGwwHZ/p+UdO1aV9M0TcTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+vkZAHInwa9cJX36xnKGkIH66JMB8GA1UdIwQY
MBaAFHSyfF1WhIZIU99bgVciEu3jIs4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQt
MDEwYTk4NTZmNzg1LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQtMDEwYTk4NTZmNzg1
LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHISka0LK
+sEwk9WNCKJbQpJunqlFl9fs19d5TpmF30icwiO0raj1pcn2fy59YzJ9rD1ZbKBO
utc03xwp1nh88TqPnh47i/EYvzurT/ZBmM/IOCFo5mnp2Gx+xxVvTtXhB7ic2L7b
Chnw0a+VmybiPE5WU1nbmf9oy6WdRY1+wtY/iX/OStCDKrh9ViChleCIEveNiC5i
R7/EVDXp/BdIFlJEgF9tROnMqpJHbIE4lMfg1WdxXiViURlEXNw/8wx3CfAjmcQc
Us0V3cZ8Up19IP4uimqZ8ojtFbLxJ/dnlLywqS9ndxupQC3y+2AGmgDzxkZgNAWA
oeWn+IF6zeTQOg==
-----END CERTIFICATE-----