Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          Zx8Kk2EPO8yMORgj+tjGCGk3vDdn+ogUkmn0AcsqEFY=
Subject key identifier:   58:A2:90:7B:51:40:0D:A8:FA:24:DD:FE:EF:F2:9D:A8:EA:01:14:41
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       019A56AE1B76EB1F9AC9358E9DE7DE7EF147
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          0837
Signing time:             Thu 06 Nov 2025 01:00:42 +0000
Manifest this update:     Thu 06 Nov 2025 01:00:42 +0000
Manifest next update:     Fri 07 Nov 2025 01:00:42 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: d2YFOekGCvViXu99chGkIFNVgf6ozc7nH/6xnoQCg1c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 21:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:56:ae:1b:76:eb:1f:9a:c9:35:8e:9d:e7:de:7e:f1:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Nov  6 01:00:42 2025 GMT
            Not After : Nov  7 01:00:42 2025 GMT
        Subject: CN=58a2907b51400da8fa24ddfeeff29da8ea011441
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:df:44:a4:c1:68:98:74:59:22:ac:cc:ff:39:
                    a6:ce:76:ce:df:43:3e:8a:70:d8:a8:95:65:73:52:
                    3c:50:9c:1a:98:9c:13:4c:3c:5d:32:91:7a:54:7d:
                    aa:fe:8c:91:cf:d3:9a:a5:73:db:b9:31:88:29:0c:
                    f2:0c:e7:0c:83:47:ee:3c:bc:04:c2:04:23:f2:60:
                    2d:09:94:0a:f7:18:16:e9:f7:e3:11:5d:70:e6:80:
                    ae:be:88:ce:e5:e7:0c:85:d0:1d:b3:a7:66:ba:49:
                    45:ed:73:4e:32:1e:22:e6:63:38:02:fd:7e:05:e6:
                    e6:81:72:5b:79:07:94:1f:a9:f7:06:72:aa:a2:b5:
                    af:1b:07:51:c7:f5:b0:d5:87:47:e8:0a:9b:58:00:
                    37:22:ff:5e:f1:df:c2:d9:9d:ad:a9:df:34:16:7f:
                    89:79:33:78:bf:89:65:e8:d8:4f:6a:58:97:fa:86:
                    34:60:bd:57:32:67:68:d4:11:b5:5e:09:a8:c7:27:
                    5f:f4:53:b7:ec:f9:da:96:fc:92:53:7b:f9:85:2d:
                    90:86:f2:00:fb:95:e6:f9:69:d5:c3:06:c5:3c:d7:
                    60:ca:d7:3e:1b:20:b1:cd:42:56:0e:ad:66:2e:9b:
                    11:6c:8f:d0:81:f3:3e:5a:33:24:f2:6a:44:4d:23:
                    72:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:A2:90:7B:51:40:0D:A8:FA:24:DD:FE:EF:F2:9D:A8:EA:01:14:41
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:a1:51:e9:00:24:c0:9e:f9:8d:03:b5:a8:13:92:5b:78:2a:
         fc:87:f7:fc:b6:83:4c:66:a5:83:2d:91:dc:15:8e:8b:e0:54:
         7c:fe:bc:7b:ad:cf:de:03:6c:de:a1:74:c5:87:c3:dc:ac:21:
         74:a1:ea:54:10:da:1b:ff:32:08:88:d0:4a:db:25:f7:04:12:
         8c:ff:53:ac:9a:20:37:45:c9:f4:e6:9a:ba:19:25:b0:64:c8:
         c0:b8:cc:61:80:60:e2:e2:b4:34:53:24:00:fb:0a:0c:7c:0e:
         26:fb:8d:41:1f:de:b8:2d:7c:1f:2c:19:d8:fc:53:f2:d9:be:
         98:ee:86:26:62:20:30:42:fd:cf:a5:9b:e3:69:1b:f9:96:25:
         d1:4d:c1:94:2e:73:9d:14:c1:9c:bc:17:f3:db:54:90:fa:05:
         e3:fb:bd:68:d2:62:b3:16:58:24:fb:6b:fa:e8:97:f0:82:31:
         af:6e:9b:49:7c:cf:a3:28:9a:79:00:ac:47:93:b7:3a:80:87:
         a9:bc:ea:09:ee:79:7c:5c:f8:b6:d6:63:b9:75:38:23:f9:2a:
         99:81:df:dc:98:15:9c:26:99:10:f5:cd:85:81:db:d3:19:37:
         0a:00:89:f8:b4:2e:84:e3:8a:fa:32:bb:36:cd:46:6f:c1:da:
         d8:7b:5f:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpWrht26x+ayTWOnefefvFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjUxMTA2MDEwMDQyWhcNMjUxMTA3MDEwMDQyWjAzMTEwLwYDVQQD
Eyg1OGEyOTA3YjUxNDAwZGE4ZmEyNGRkZmVlZmYyOWRhOGVhMDExNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5d9EpMFomHRZIqzM/zmmznbO30M+
inDYqJVlc1I8UJwamJwTTDxdMpF6VH2q/oyRz9OapXPbuTGIKQzyDOcMg0fuPLwE
wgQj8mAtCZQK9xgW6ffjEV1w5oCuvojO5ecMhdAds6dmuklF7XNOMh4i5mM4Av1+
BebmgXJbeQeUH6n3BnKqorWvGwdRx/Ww1YdH6AqbWAA3Iv9e8d/C2Z2tqd80Fn+J
eTN4v4ll6NhPaliX+oY0YL1XMmdo1BG1Xgmoxydf9FO37PnalvySU3v5hS2QhvIA
+5Xm+WnVwwbFPNdgytc+GyCxzUJWDq1mLpsRbI/QgfM+WjMk8mpETSNyBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiikHtRQA2o+iTd/u/ynajqARRBMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI6FR6QAk
wJ75jQO1qBOSW3gq/If3/LaDTGalgy2R3BWOi+BUfP68e63P3gNs3qF0xYfD3Kwh
dKHqVBDaG/8yCIjQStsl9wQSjP9TrJogN0XJ9OaauhklsGTIwLjMYYBg4uK0NFMk
APsKDHwOJvuNQR/euC18HywZ2PxT8tm+mO6GJmIgMEL9z6Wb42kb+ZYl0U3BlC5z
nRTBnLwX89tUkPoF4/u9aNJisxZYJPtr+uiX8IIxr26bSXzPoyiaeQCsR5O3OoCH
qbzqCe55fFz4ttZjuXU4I/kqmYHf3JgVnCaZEPXNhYHb0xk3CgCJ+LQuhOOK+jK7
Ns1Gb8Ha2Htf/w==
-----END CERTIFICATE-----