Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
File:                     0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json)
Hash identifier:          6FDlLle8awvqWczhU6FyW8WwXqudwUG4R8FRuV1x6UU=
Subject key identifier:   37:8D:9F:F2:37:7F:3E:2C:8C:EE:FC:79:15:76:D3:24:FE:67:E4:09
Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D
Certificate issuer:       /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
Certificate serial:       019A4F9937E02F9FB4EC64EEA80914F5370D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
Manifest number:          1649
Signing time:             Tue 04 Nov 2025 16:00:32 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:32 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:32 +0000
Files and hashes:         1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: XAya06p92dbxt+KgTELHiNbTSkg2TGzO5u+JRve+wgE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:37:e0:2f:9f:b4:ec:64:ee:a8:09:14:f5:37:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
        Validity
            Not Before: Nov  4 16:00:32 2025 GMT
            Not After : Nov  5 16:00:32 2025 GMT
        Subject: CN=378d9ff2377f3e2c8ceefc791576d324fe67e409
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:3d:25:57:77:f3:b2:1e:6a:7d:bb:f6:49:7f:
                    15:c6:f2:94:0c:8f:fe:78:67:a9:64:91:67:4d:f4:
                    c3:26:ed:de:86:b7:96:44:d8:91:a1:50:6d:16:84:
                    d6:f4:ce:b4:fe:78:8a:ae:37:0d:58:8b:27:ec:74:
                    13:23:a1:cb:d1:6b:ca:8b:d5:9c:28:34:99:ec:68:
                    04:af:02:ed:3e:72:b8:b2:2f:a5:eb:27:8e:bc:8d:
                    2f:17:67:a1:9e:4a:85:06:25:24:b2:5f:e3:b7:b7:
                    99:4b:e1:24:c6:43:12:78:fa:2b:eb:95:71:7e:fc:
                    98:43:ab:32:55:18:80:74:77:3f:c5:44:c1:25:3e:
                    c7:70:00:35:3d:f3:70:99:d6:76:cb:51:74:31:e5:
                    02:4b:bf:d7:82:57:14:6d:01:26:64:9f:b3:87:07:
                    33:8f:8c:de:d4:b3:62:f0:7c:f4:14:a7:37:4e:6b:
                    1e:88:73:f0:c3:09:79:45:10:a8:dd:5b:5e:ba:79:
                    08:82:c2:ac:39:5a:a4:b4:16:e3:d5:5f:3d:a4:75:
                    d8:c6:07:84:d0:8a:fe:da:7d:74:a7:29:73:2b:f7:
                    e5:83:13:a5:68:2b:e9:06:4f:6f:48:d2:a6:b5:28:
                    5a:49:79:44:34:8c:89:58:d6:ad:e2:2c:75:33:10:
                    bb:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:8D:9F:F2:37:7F:3E:2C:8C:EE:FC:79:15:76:D3:24:FE:67:E4:09
            X509v3 Authority Key Identifier:
                keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:c8:4f:25:d7:bc:cb:16:bd:c8:ab:e2:88:46:df:be:95:92:
         6a:69:90:5a:80:59:9a:c2:57:16:33:13:49:3a:ea:7f:05:d4:
         a8:8b:89:41:cb:c1:a4:05:87:aa:a0:93:4e:d1:c8:0d:79:9a:
         41:cb:20:4a:a5:ec:75:29:03:21:95:66:4e:34:a5:63:fc:ea:
         4c:aa:4a:e6:08:00:a2:82:bf:c9:a1:86:1b:cc:1f:cd:c4:17:
         56:a8:39:52:13:bb:88:dc:94:b8:62:24:40:98:a0:55:47:9a:
         95:c2:66:74:65:38:95:ff:f2:1c:fe:f7:9d:ab:af:ea:37:7f:
         f6:70:13:02:89:7d:59:5b:bb:cf:66:3d:52:17:05:57:4d:ea:
         ee:ff:33:6d:78:c3:3f:17:ac:98:07:bf:fb:81:5e:c7:db:9b:
         16:e7:8b:d0:71:e5:04:62:9e:67:27:fb:d5:0b:95:4c:6e:6d:
         30:98:e8:db:1b:9c:91:21:21:21:49:8c:bd:df:c5:7d:65:76:
         ff:d0:e2:b5:96:47:7a:25:ad:54:0d:ec:ce:da:8e:45:cd:bc:
         e7:d1:7b:78:8e:30:ad:63:e9:67:bb:76:4c:34:66:5b:13:c3:
         84:7c:12:32:a2:2f:fd:68:75:23:99:d2:47:c6:b4:99:74:aa:
         84:f0:12:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmTfgL5+07GTuqAkU9TcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw
NzQ5N2QwHhcNMjUxMTA0MTYwMDMyWhcNMjUxMTA1MTYwMDMyWjAzMTEwLwYDVQQD
EygzNzhkOWZmMjM3N2YzZTJjOGNlZWZjNzkxNTc2ZDMyNGZlNjdlNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT0lV3fzsh5qfbv2SX8VxvKUDI/+
eGepZJFnTfTDJu3ehreWRNiRoVBtFoTW9M60/niKrjcNWIsn7HQTI6HL0WvKi9Wc
KDSZ7GgErwLtPnK4si+l6yeOvI0vF2ehnkqFBiUksl/jt7eZS+EkxkMSePor65Vx
fvyYQ6syVRiAdHc/xUTBJT7HcAA1PfNwmdZ2y1F0MeUCS7/XglcUbQEmZJ+zhwcz
j4ze1LNi8Hz0FKc3TmseiHPwwwl5RRCo3VteunkIgsKsOVqktBbj1V89pHXYxgeE
0Ir+2n10pylzK/flgxOlaCvpBk9vSNKmtShaSXlENIyJWNat4ix1MxC7lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDeNn/I3fz4sjO78eRV20yT+Z+QJMB8GA1UdIwQY
MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt
ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0
LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOshPJde8
yxa9yKviiEbfvpWSammQWoBZmsJXFjMTSTrqfwXUqIuJQcvBpAWHqqCTTtHIDXma
QcsgSqXsdSkDIZVmTjSlY/zqTKpK5ggAooK/yaGGG8wfzcQXVqg5UhO7iNyUuGIk
QJigVUealcJmdGU4lf/yHP73nauv6jd/9nATAol9WVu7z2Y9UhcFV03q7v8zbXjD
PxesmAe/+4Fex9ubFueL0HHlBGKeZyf71QuVTG5tMJjo2xuckSEhIUmMvd/FfWV2
/9DitZZHeiWtVA3sztqORc2859F7eI4wrWPpZ7t2TDRmWxPDhHwSMqIv/Wh1I5nS
R8a0mXSqhPASEA==
-----END CERTIFICATE-----