Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File:                     3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier:          6DBY8kTHl5hEOwhFLnWuBF4j28go9Ae7/8hzxtHmAPA=
Subject key identifier:   9D:D4:75:5B:58:92:03:6F:C6:5B:F7:72:77:1C:56:DE:7E:04:03:1E
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       019A4F628B57A8CF406F4CCD7B35A8E05CA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number:          07BC
Signing time:             Tue 04 Nov 2025 15:00:49 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:49 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:49 +0000
Files and hashes:         1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: 4eV51NtMNS4XV2oncaIaeNY2SJHNq9VQBeV0uNy0fKE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:8b:57:a8:cf:40:6f:4c:cd:7b:35:a8:e0:5c:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: Nov  4 15:00:49 2025 GMT
            Not After : Nov  5 15:00:49 2025 GMT
        Subject: CN=9dd4755b5892036fc65bf772771c56de7e04031e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:22:4b:3f:66:19:ee:24:81:9e:29:22:40:0b:
                    e7:72:9e:92:eb:54:39:23:75:5b:63:98:a5:67:e6:
                    a2:a5:10:19:49:17:dd:92:b3:af:6e:79:fb:07:1b:
                    6b:c8:42:b4:61:34:14:cf:4f:f9:67:93:09:d8:24:
                    b1:ed:f6:4d:23:f9:53:21:cb:ab:19:6c:21:7f:7e:
                    0b:49:18:b2:d5:a1:b4:43:bf:a4:a9:09:c8:79:85:
                    7a:94:6c:c2:5e:ea:82:89:f7:a0:c2:1b:15:fa:dd:
                    ec:d6:b1:7e:7b:a5:52:08:17:5e:20:bf:21:73:c6:
                    53:40:5b:47:3d:b8:78:d7:4d:73:66:9a:49:b8:15:
                    74:cf:ef:1e:81:31:90:74:16:ad:08:d4:a6:f2:73:
                    96:00:11:9a:50:5a:20:02:aa:c6:10:6a:9a:5c:ed:
                    63:0c:9d:4d:46:6f:01:fc:68:2a:cb:f8:44:de:ff:
                    93:65:b8:18:08:04:12:7c:50:53:ce:0a:c0:a5:c1:
                    cd:a7:a1:5f:c7:07:af:2a:56:06:6f:76:08:b3:de:
                    16:62:43:07:6a:0a:21:50:a2:3b:07:10:e9:21:36:
                    61:c7:31:30:44:5d:12:70:34:7d:e0:13:76:72:d4:
                    f2:26:a1:2f:8c:04:75:62:53:b1:c9:24:c9:d5:fd:
                    27:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:D4:75:5B:58:92:03:6F:C6:5B:F7:72:77:1C:56:DE:7E:04:03:1E
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:20:c3:58:cd:41:26:5c:8c:d9:35:1c:18:5d:50:48:d6:e7:
         a1:24:20:d9:da:34:5f:cb:53:86:d4:2a:f8:4c:b6:6d:d3:08:
         a9:36:e8:37:94:91:0b:9f:41:08:d7:83:9f:b2:e6:38:05:6e:
         1d:a7:01:08:1d:82:54:6b:30:d0:2b:f5:b4:ff:a7:1a:88:6a:
         05:13:a8:30:7e:41:21:29:0a:8d:c8:e6:ad:4c:e5:a6:58:7b:
         aa:3d:9e:49:be:64:cf:2c:e2:58:05:b4:3d:bc:7b:e6:f6:26:
         0b:33:b1:65:3e:8f:09:9b:6f:77:a4:1a:dd:ad:21:ad:2b:d0:
         ce:8e:5e:e4:52:dc:b3:3c:21:37:1f:fd:c5:1c:67:60:51:9c:
         4b:7c:3b:4e:9c:a9:b6:8d:b5:49:cc:a5:22:b9:9b:3a:cc:36:
         ca:32:03:4b:8f:35:ec:d0:cb:87:43:05:5d:5e:36:d9:56:78:
         e1:5b:13:5a:b2:d9:da:88:cb:83:29:92:fb:bc:df:f3:20:a3:
         15:a5:19:9c:7e:72:b4:44:68:1c:7a:ba:3c:11:a5:a8:24:d6:
         68:33:98:9e:a4:d4:61:0e:3d:f8:64:c2:0b:99:54:9e:c7:c1:
         9c:6b:14:28:1d:24:7e:03:84:dc:cf:2a:d6:e5:8a:a4:47:77:
         e5:33:3b:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYotXqM9Ab0zNezWo4FykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjUxMTA0MTUwMDQ5WhcNMjUxMTA1MTUwMDQ5WjAzMTEwLwYDVQQD
Eyg5ZGQ0NzU1YjU4OTIwMzZmYzY1YmY3NzI3NzFjNTZkZTdlMDQwMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCJLP2YZ7iSBnikiQAvncp6S61Q5
I3VbY5ilZ+aipRAZSRfdkrOvbnn7BxtryEK0YTQUz0/5Z5MJ2CSx7fZNI/lTIcur
GWwhf34LSRiy1aG0Q7+kqQnIeYV6lGzCXuqCifegwhsV+t3s1rF+e6VSCBdeIL8h
c8ZTQFtHPbh4101zZppJuBV0z+8egTGQdBatCNSm8nOWABGaUFogAqrGEGqaXO1j
DJ1NRm8B/Ggqy/hE3v+TZbgYCAQSfFBTzgrApcHNp6FfxwevKlYGb3YIs94WYkMH
agohUKI7BxDpITZhxzEwRF0ScDR94BN2ctTyJqEvjAR1YlOxySTJ1f0ncwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3UdVtYkgNvxlv3cnccVt5+BAMeMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiiDDWM1B
JlyM2TUcGF1QSNbnoSQg2do0X8tThtQq+Ey2bdMIqTboN5SRC59BCNeDn7LmOAVu
HacBCB2CVGsw0Cv1tP+nGohqBROoMH5BISkKjcjmrUzlplh7qj2eSb5kzyziWAW0
Pbx75vYmCzOxZT6PCZtvd6Qa3a0hrSvQzo5e5FLcszwhNx/9xRxnYFGcS3w7Tpyp
to21ScylIrmbOsw2yjIDS4817NDLh0MFXV422VZ44VsTWrLZ2ojLgymS+7zf8yCj
FaUZnH5ytERoHHq6PBGlqCTWaDOYnqTUYQ49+GTCC5lUnsfBnGsUKB0kfgOE3M8q
1uWKpEd35TM7YA==
-----END CERTIFICATE-----