Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          dSA7Fma6kN+2bTdYdImdhiRwQv+msXZjHdIsxfnV1pg=
Subject key identifier:   0C:8A:AB:44:96:49:86:16:4C:33:F6:0E:2B:93:E6:27:E6:C9:75:00
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019A52D17382873CF8B560CF82E7590F89B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          0835
Signing time:             Wed 05 Nov 2025 07:00:49 +0000
Manifest this update:     Wed 05 Nov 2025 07:00:49 +0000
Manifest next update:     Thu 06 Nov 2025 07:00:49 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: 7815K08LH0Lm62hnXAYtaMCVK/tgTA7p+aUI7ynpjso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:73:82:87:3c:f8:b5:60:cf:82:e7:59:0f:89:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Nov  5 07:00:49 2025 GMT
            Not After : Nov  6 07:00:49 2025 GMT
        Subject: CN=0c8aab44964986164c33f60e2b93e627e6c97500
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:fd:2e:8a:2b:8a:fa:29:39:be:cf:f5:be:b2:
                    a8:c9:c0:8a:f4:0c:14:b5:b6:b3:91:7e:15:fa:63:
                    c6:d0:f5:3f:dd:34:39:90:01:ae:d0:b1:f9:a4:79:
                    74:25:23:e4:f4:f9:29:5b:77:f1:41:f7:e9:45:60:
                    6f:fc:1e:b8:67:d9:cc:d3:44:5b:de:e5:27:56:de:
                    03:26:c4:6f:37:c1:b0:e0:6b:6e:d4:1c:0e:2b:25:
                    25:1e:63:74:82:e3:03:ff:7a:c3:80:e2:ee:34:ae:
                    17:68:68:13:63:c4:5b:0a:8d:e5:df:e0:84:36:54:
                    e3:95:32:a3:3c:b0:7e:82:c0:e1:60:1e:95:d1:92:
                    cc:0c:e3:ab:0a:ac:4b:bd:0e:3e:9d:ac:77:05:e2:
                    a3:78:f3:c4:71:2d:e9:ba:8f:37:63:3e:83:f4:49:
                    11:cb:10:65:41:1d:87:a6:92:53:14:d5:5e:df:b9:
                    ab:89:6c:8f:3d:45:c1:5f:24:26:d2:2f:0d:1d:43:
                    38:16:05:96:87:c2:cb:27:de:e2:48:05:fc:11:a7:
                    79:48:af:e5:f2:07:be:f2:a6:e8:b8:b7:6b:37:17:
                    aa:ad:91:22:81:48:53:e9:c9:54:ab:c7:99:a1:06:
                    88:1a:3a:64:70:b2:71:df:b2:6d:af:99:8a:7e:1d:
                    90:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:8A:AB:44:96:49:86:16:4C:33:F6:0E:2B:93:E6:27:E6:C9:75:00
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:ae:88:09:8a:0f:06:65:34:d3:16:60:b6:0c:a0:eb:c9:d6:
         f4:3e:88:cc:d1:97:70:3f:00:65:ca:2a:f8:97:2b:4a:de:24:
         12:5b:01:f0:59:10:8a:22:9e:ae:d7:e0:9a:f8:d1:96:1d:78:
         67:ba:4e:7f:d1:9e:b4:cc:f8:f5:4e:a0:a8:2f:48:65:63:0a:
         d3:35:2b:b6:5c:4d:4c:dd:96:00:2e:a7:5d:09:0e:6d:aa:70:
         ca:d0:34:2f:f6:83:3c:c5:36:6a:44:21:ca:43:2c:62:db:c0:
         2e:f5:67:03:5d:d0:bd:9c:fa:89:3e:20:f5:e7:e6:ed:6d:5b:
         61:c6:53:ea:3a:4a:7c:16:26:e1:94:c8:49:26:2e:1a:ae:52:
         76:68:1f:6f:36:24:a7:1b:db:ab:ca:43:a2:0b:2f:9e:ef:5e:
         cf:7b:ca:1b:4c:75:6d:96:1d:98:2f:f1:71:9c:8f:bf:df:87:
         bc:96:63:bb:c2:95:b3:f3:f8:0e:3d:b1:1f:af:0e:a1:ef:f9:
         d9:43:89:ac:5b:54:45:74:dd:a0:82:2a:00:dc:59:6c:10:75:
         b1:fd:0f:df:fb:19:c1:5a:20:32:64:a1:6d:4a:54:c1:b8:bb:
         99:cb:80:f0:9f:32:d9:ea:a4:2c:6f:57:ad:76:bb:d5:88:a4:
         77:e5:40:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0XOChzz4tWDPgudZD4m2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjUxMTA1MDcwMDQ5WhcNMjUxMTA2MDcwMDQ5WjAzMTEwLwYDVQQD
EygwYzhhYWI0NDk2NDk4NjE2NGMzM2Y2MGUyYjkzZTYyN2U2Yzk3NTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv0uiiuK+ik5vs/1vrKoycCK9AwU
tbazkX4V+mPG0PU/3TQ5kAGu0LH5pHl0JSPk9PkpW3fxQffpRWBv/B64Z9nM00Rb
3uUnVt4DJsRvN8Gw4Gtu1BwOKyUlHmN0guMD/3rDgOLuNK4XaGgTY8RbCo3l3+CE
NlTjlTKjPLB+gsDhYB6V0ZLMDOOrCqxLvQ4+nax3BeKjePPEcS3puo83Yz6D9EkR
yxBlQR2HppJTFNVe37mriWyPPUXBXyQm0i8NHUM4FgWWh8LLJ97iSAX8Ead5SK/l
8ge+8qbouLdrNxeqrZEigUhT6clUq8eZoQaIGjpkcLJx37Jtr5mKfh2QXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyKq0SWSYYWTDP2DiuT5ifmyXUAMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUa6ICYoP
BmU00xZgtgyg68nW9D6IzNGXcD8AZcoq+JcrSt4kElsB8FkQiiKertfgmvjRlh14
Z7pOf9GetMz49U6gqC9IZWMK0zUrtlxNTN2WAC6nXQkObapwytA0L/aDPMU2akQh
ykMsYtvALvVnA13QvZz6iT4g9efm7W1bYcZT6jpKfBYm4ZTISSYuGq5SdmgfbzYk
pxvbq8pDogsvnu9ez3vKG0x1bZYdmC/xcZyPv9+HvJZju8KVs/P4Dj2xH68Ooe/5
2UOJrFtURXTdoIIqANxZbBB1sf0P3/sZwVogMmShbUpUwbi7mcuA8J8y2eqkLG9X
rXa71Yikd+VADQ==
-----END CERTIFICATE-----