Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          LLyutQloq6Ps/BnS3Br4nLRWQ6uRRMq0kk52XVV/GkY=
Subject key identifier:   BE:91:39:01:4C:67:FC:3B:11:06:32:F0:54:78:51:48:E4:7A:3D:A9
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       019A5150E83F0586FF8149AC1669EEC6EC1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0EB9
Signing time:             Wed 05 Nov 2025 00:00:48 +0000
Manifest this update:     Wed 05 Nov 2025 00:00:48 +0000
Manifest next update:     Thu 06 Nov 2025 00:00:48 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: h8e/SyERgAIRTw0Jgc6AYUz81oraYYdhVf/4jkPB+gI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:50:e8:3f:05:86:ff:81:49:ac:16:69:ee:c6:ec:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Nov  5 00:00:48 2025 GMT
            Not After : Nov  6 00:00:48 2025 GMT
        Subject: CN=be9139014c67fc3b110632f054785148e47a3da9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:b7:42:bf:15:5e:44:b6:8b:c8:2c:74:74:93:
                    aa:a5:e6:e4:7c:21:6f:89:ae:ab:f4:70:8c:b2:b0:
                    53:4b:af:66:6f:83:8f:43:88:db:34:d9:66:fc:ae:
                    54:95:e9:0a:c0:f8:8e:62:e1:af:f3:7d:4e:ac:78:
                    97:e2:11:b1:36:45:63:e6:2c:1a:66:05:50:d6:0d:
                    5f:41:5f:fb:78:d0:b6:b7:bf:6f:c4:46:9d:0f:8f:
                    59:5e:c9:0a:bb:4f:52:ca:d5:54:43:0c:7c:95:db:
                    17:9c:99:85:2c:9a:02:62:e8:57:62:3e:8b:41:1a:
                    ed:56:91:2e:66:ca:bb:e4:28:64:ac:3c:4b:7f:98:
                    7c:62:3a:18:44:3b:fa:b3:e7:f3:ea:bb:64:ab:1b:
                    1f:af:50:fb:37:7e:1e:59:c2:36:29:95:90:04:b4:
                    87:54:62:76:80:ca:23:87:12:24:6e:e2:91:91:96:
                    30:0f:85:f9:ac:83:b6:ed:b7:9e:5a:9d:fd:c4:62:
                    c3:e8:0d:79:c5:c6:3f:a3:8f:c1:4c:a0:22:5f:bc:
                    14:5a:52:9f:25:4c:42:5b:86:aa:66:68:0a:1a:3e:
                    5e:67:47:ce:ea:97:8f:f5:aa:f5:fc:93:ea:be:8e:
                    6a:87:44:42:2a:12:02:fa:68:58:92:d2:01:5a:93:
                    bd:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:91:39:01:4C:67:FC:3B:11:06:32:F0:54:78:51:48:E4:7A:3D:A9
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:5d:ed:7f:25:5e:2b:3b:d0:35:8c:9f:17:a3:5e:69:61:48:
         c4:54:10:33:03:9a:db:e5:44:08:68:c2:1a:35:c4:56:ac:23:
         5a:4b:b6:56:d2:9f:fc:1c:22:50:1b:19:87:6f:f6:99:66:83:
         9d:47:dd:4a:db:ad:45:ed:75:1a:6a:e4:89:84:2c:19:2f:fb:
         96:d0:83:01:cd:45:99:92:d8:06:1c:ce:7f:f7:e4:c0:95:0a:
         9d:f7:48:ed:ed:b1:54:26:d1:ee:b3:f5:e9:76:00:ac:0e:fd:
         30:a3:ed:8b:76:8f:5b:7d:9b:f1:90:89:9b:06:33:69:05:94:
         44:a7:37:8c:eb:f7:be:e6:f3:a7:2e:0a:67:7f:b7:3b:62:a2:
         2d:a4:66:bb:bc:ae:04:e0:61:3d:50:81:f6:54:e6:5e:17:0e:
         88:b8:a7:dc:36:3d:60:ff:a9:f1:64:8a:35:17:e1:1e:a8:ed:
         14:c9:32:02:47:0a:27:a7:c9:d4:e5:87:85:bb:9f:b4:8a:ea:
         1c:54:03:63:7a:f2:96:85:79:16:fb:6c:18:cf:01:91:cf:af:
         92:51:c5:03:5b:3d:bb:6a:a0:bd:ea:c7:7c:73:05:c7:09:94:
         80:da:d6:10:66:67:39:1b:18:69:2a:70:fc:b6:20:2a:86:f1:
         6a:be:fb:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUOg/BYb/gUmsFmnuxuwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUxMTA1MDAwMDQ4WhcNMjUxMTA2MDAwMDQ4WjAzMTEwLwYDVQQD
EyhiZTkxMzkwMTRjNjdmYzNiMTEwNjMyZjA1NDc4NTE0OGU0N2EzZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7dCvxVeRLaLyCx0dJOqpebkfCFv
ia6r9HCMsrBTS69mb4OPQ4jbNNlm/K5UlekKwPiOYuGv831OrHiX4hGxNkVj5iwa
ZgVQ1g1fQV/7eNC2t79vxEadD49ZXskKu09SytVUQwx8ldsXnJmFLJoCYuhXYj6L
QRrtVpEuZsq75ChkrDxLf5h8YjoYRDv6s+fz6rtkqxsfr1D7N34eWcI2KZWQBLSH
VGJ2gMojhxIkbuKRkZYwD4X5rIO27beeWp39xGLD6A15xcY/o4/BTKAiX7wUWlKf
JUxCW4aqZmgKGj5eZ0fO6peP9ar1/JPqvo5qh0RCKhIC+mhYktIBWpO9xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL6ROQFMZ/w7EQYy8FR4UUjkej2pMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcF3tfyVe
KzvQNYyfF6NeaWFIxFQQMwOa2+VECGjCGjXEVqwjWku2VtKf/BwiUBsZh2/2mWaD
nUfdStutRe11GmrkiYQsGS/7ltCDAc1FmZLYBhzOf/fkwJUKnfdI7e2xVCbR7rP1
6XYArA79MKPti3aPW32b8ZCJmwYzaQWURKc3jOv3vubzpy4KZ3+3O2KiLaRmu7yu
BOBhPVCB9lTmXhcOiLin3DY9YP+p8WSKNRfhHqjtFMkyAkcKJ6fJ1OWHhbuftIrq
HFQDY3ryloV5FvtsGM8Bkc+vklHFA1s9u2qgverHfHMFxwmUgNrWEGZnORsYaSpw
/LYgKobxar77qg==
-----END CERTIFICATE-----