Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
File:                     tj8U3_NUhamVlBKGMDe4XfqfE9g.mft (raw, json)
Hash identifier:          tVSL7erri5P+4XveUATfpyRobm3OUKPT31uKrnj5aas=
Subject key identifier:   E9:CC:55:EC:A7:E7:B3:0C:8C:B3:84:CC:E2:A3:53:7E:8E:E5:1C:15
Authority key identifier: B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8
Certificate issuer:       /CN=b63f14dff35485a9959412863037b85dfa9f13d8
Certificate serial:       019A541AC10A34FFAD7B4867275A5249BFDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
Manifest number:          0645
Signing time:             Wed 05 Nov 2025 13:00:30 +0000
Manifest this update:     Wed 05 Nov 2025 13:00:30 +0000
Manifest next update:     Thu 06 Nov 2025 13:00:30 +0000
Files and hashes:         1: tj8U3_NUhamVlBKGMDe4XfqfE9g.crl (hash: CGI3NcmbWukORp3aBjcFJa6PBVUEAbdvOrWo2KuB6vc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:1a:c1:0a:34:ff:ad:7b:48:67:27:5a:52:49:bf:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b63f14dff35485a9959412863037b85dfa9f13d8
        Validity
            Not Before: Nov  5 13:00:30 2025 GMT
            Not After : Nov  6 13:00:30 2025 GMT
        Subject: CN=e9cc55eca7e7b30c8cb384cce2a3537e8ee51c15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:fd:d5:33:35:44:63:df:93:91:51:23:bc:d0:
                    d6:92:dc:b0:92:62:56:6b:78:f5:9f:dd:25:91:c2:
                    ab:72:29:58:5d:8c:c9:9b:76:bf:b6:59:e1:bf:7f:
                    6d:74:33:c2:33:f4:70:98:dc:0a:d1:07:e3:bb:8c:
                    91:45:76:b7:f3:31:ff:c3:ba:50:c5:68:fe:d8:67:
                    e1:1a:40:28:f7:71:49:2b:60:52:27:c6:0c:99:a7:
                    af:c2:53:0c:85:7e:18:22:d9:f9:6e:18:1b:2a:21:
                    5b:e8:7d:56:3f:63:b8:81:59:bb:da:9f:8f:56:c1:
                    b3:c4:e3:6e:41:14:d2:b6:c8:7d:ff:c0:c2:c8:ea:
                    03:e6:96:0d:c4:67:27:40:31:77:58:b1:16:33:3a:
                    57:45:b7:41:37:ed:6a:e0:c8:2c:c9:10:18:8a:b0:
                    fd:fe:4a:43:11:81:ea:39:66:b1:33:05:5c:db:ae:
                    f6:07:6d:bd:c1:62:f1:90:fd:79:ae:5e:da:07:63:
                    03:8a:1a:d2:75:c7:f9:a5:2e:97:94:9e:c1:01:c0:
                    3d:26:ff:de:fe:32:a7:40:58:8d:04:e4:29:df:54:
                    78:f1:f7:40:2e:14:1f:45:53:d4:8b:59:74:80:e2:
                    bf:36:2a:d9:5b:b6:25:a9:c8:e6:4e:7e:e6:87:69:
                    36:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:CC:55:EC:A7:E7:B3:0C:8C:B3:84:CC:E2:A3:53:7E:8E:E5:1C:15
            X509v3 Authority Key Identifier:
                keyid:B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:6c:68:b3:c9:48:fa:9a:19:02:00:78:6f:70:68:1c:06:a9:
         de:ec:86:38:0f:08:54:ee:be:31:13:25:ac:55:9c:72:2e:65:
         3e:0b:51:13:7f:1d:13:22:96:60:6a:07:f8:a9:5e:45:6d:d4:
         b3:fa:d5:b9:3c:a5:f6:48:1a:59:78:28:b1:d6:72:38:8a:27:
         4b:81:8a:3d:3e:8e:82:e0:30:bb:24:75:a9:8c:ff:89:2b:c7:
         01:50:6f:3c:51:42:c2:5f:28:75:80:8d:20:6f:a2:e0:b9:f4:
         76:6f:1d:48:9a:8f:5e:f0:25:6e:fe:bd:df:89:bd:87:10:93:
         ae:c7:de:31:d2:cf:7c:42:c4:77:3d:89:c8:d4:7a:90:9b:ca:
         ac:ee:d1:59:03:af:e8:1e:40:22:3e:ab:a6:e0:21:14:c1:31:
         3a:d4:83:c5:f5:4c:30:bc:3e:f7:98:e8:e8:38:9b:2e:43:65:
         d9:33:f8:2a:d1:b3:90:65:9e:70:43:07:ab:9c:f0:04:56:30:
         9a:88:4d:f1:fc:ae:4e:b9:2c:6c:22:bf:cd:90:46:96:ee:2d:
         05:b7:0e:50:ea:a2:0c:07:8d:1c:50:e9:78:be:c9:cb:9d:2c:
         75:7a:91:ca:6b:a2:5a:3e:54:ff:49:5e:9d:88:ee:25:4b:13:
         3b:70:99:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUGsEKNP+te0hnJ1pSSb/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2M2YxNGRmZjM1NDg1YTk5NTk0MTI4NjMwMzdiODVkZmE5
ZjEzZDgwHhcNMjUxMTA1MTMwMDMwWhcNMjUxMTA2MTMwMDMwWjAzMTEwLwYDVQQD
EyhlOWNjNTVlY2E3ZTdiMzBjOGNiMzg0Y2NlMmEzNTM3ZThlZTUxYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1f3VMzVEY9+TkVEjvNDWktywkmJW
a3j1n90lkcKrcilYXYzJm3a/tlnhv39tdDPCM/RwmNwK0Qfju4yRRXa38zH/w7pQ
xWj+2GfhGkAo93FJK2BSJ8YMmaevwlMMhX4YItn5bhgbKiFb6H1WP2O4gVm72p+P
VsGzxONuQRTStsh9/8DCyOoD5pYNxGcnQDF3WLEWMzpXRbdBN+1q4MgsyRAYirD9
/kpDEYHqOWaxMwVc2672B229wWLxkP15rl7aB2MDihrSdcf5pS6XlJ7BAcA9Jv/e
/jKnQFiNBOQp31R48fdALhQfRVPUi1l0gOK/NirZW7YlqcjmTn7mh2k2ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnMVeyn57MMjLOEzOKjU36O5RwVMB8GA1UdIwQY
MBaAFLY/FN/zVIWplZQShjA3uF36nxPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAt
NjZjOThjMDFkZmQ3LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAtNjZjOThjMDFkZmQ3
LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGWxos8lI
+poZAgB4b3BoHAap3uyGOA8IVO6+MRMlrFWcci5lPgtRE38dEyKWYGoH+KleRW3U
s/rVuTyl9kgaWXgosdZyOIonS4GKPT6OguAwuyR1qYz/iSvHAVBvPFFCwl8odYCN
IG+i4Ln0dm8dSJqPXvAlbv6934m9hxCTrsfeMdLPfELEdz2JyNR6kJvKrO7RWQOv
6B5AIj6rpuAhFMExOtSDxfVMMLw+95jo6DibLkNl2TP4KtGzkGWecEMHq5zwBFYw
mohN8fyuTrksbCK/zZBGlu4tBbcOUOqiDAeNHFDpeL7Jy50sdXqRymuiWj5U/0le
nYjuJUsTO3CZWQ==
-----END CERTIFICATE-----