Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
File:                     cs3rVmQuM1iXcef9pxu3HgF_nZY.mft (raw, json)
Hash identifier:          DxdSshe/F4qtvQ8XVawuWzcIWjpIlMnjMWTh/G8ZhI4=
Subject key identifier:   A0:B5:9C:7F:61:5F:3C:12:27:72:66:6B:B2:AC:62:B7:6D:49:64:9D
Authority key identifier: 72:CD:EB:56:64:2E:33:58:97:71:E7:FD:A7:1B:B7:1E:01:7F:9D:96
Certificate issuer:       /CN=72cdeb56642e33589771e7fda71bb71e017f9d96
Certificate serial:       019A4E1876D1F458F36890CB08DF85F458EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
Manifest number:          0C2A
Signing time:             Tue 04 Nov 2025 09:00:17 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:17 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:17 +0000
Files and hashes:         1: cs3rVmQuM1iXcef9pxu3HgF_nZY.crl (hash: VoX4w6I5a9Z8wHAeSWvv43cI8cv8OF/RMad1MYv3TyE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:18:76:d1:f4:58:f3:68:90:cb:08:df:85:f4:58:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72cdeb56642e33589771e7fda71bb71e017f9d96
        Validity
            Not Before: Nov  4 09:00:17 2025 GMT
            Not After : Nov  5 09:00:17 2025 GMT
        Subject: CN=a0b59c7f615f3c122772666bb2ac62b76d49649d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1f:94:54:df:c1:fc:fe:cd:04:f9:97:d3:70:
                    6f:02:35:2b:14:f0:b9:81:53:e2:d5:0c:59:25:21:
                    29:89:7a:0e:ae:3b:89:eb:04:25:35:f2:c7:4f:ca:
                    b8:cc:de:e0:fc:ed:d2:b5:b9:32:30:33:e0:50:e9:
                    8a:7c:b0:b4:73:ca:5c:49:ba:ea:16:57:f0:46:2e:
                    8b:8e:10:4f:dc:5e:5c:2f:7a:f1:5b:68:7e:2f:f6:
                    2d:33:43:1e:37:bc:4b:61:02:1e:69:ce:a6:3d:38:
                    c0:1b:58:7c:66:82:b6:0e:1a:89:4f:86:75:2f:a7:
                    8f:16:5e:a4:03:79:a1:80:d5:43:3c:c6:c5:d8:4b:
                    eb:cb:c3:2a:09:a8:32:ed:a2:06:b7:2b:95:61:55:
                    5c:48:a5:45:4e:5f:2d:96:0b:b9:f5:02:0c:49:2d:
                    15:8c:44:6b:1c:c4:b8:de:9f:79:2a:46:f2:90:f3:
                    12:47:c6:00:7d:25:fb:d2:a9:fc:26:ba:c7:b2:98:
                    4b:0a:d5:66:5d:55:fb:10:87:83:e8:69:77:e5:cf:
                    a0:3d:57:a1:e5:e5:2b:8d:a5:ee:7c:f3:85:8b:53:
                    41:1d:82:cd:4b:63:2e:86:0c:b4:f6:79:5e:af:93:
                    1e:f8:e8:4a:1a:32:d7:11:98:b3:ff:18:32:1c:bf:
                    d5:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:B5:9C:7F:61:5F:3C:12:27:72:66:6B:B2:AC:62:B7:6D:49:64:9D
            X509v3 Authority Key Identifier:
                keyid:72:CD:EB:56:64:2E:33:58:97:71:E7:FD:A7:1B:B7:1E:01:7F:9D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cs3rVmQuM1iXcef9pxu3HgF_nZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/3c8448-af4a-4b48-a72a-e82774a16a57/1/cs3rVmQuM1iXcef9pxu3HgF_nZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:0f:d3:c2:30:1b:3e:1c:4f:ed:f3:90:01:1b:37:b7:36:85:
         5e:c6:a0:1d:13:af:81:5c:62:52:73:4a:72:0e:b5:d0:83:a1:
         81:52:20:3c:b3:ea:bc:b1:9c:38:ac:4d:89:34:3a:68:1d:cb:
         6d:74:8b:42:96:e0:cb:30:f0:ad:61:60:1f:4d:01:bc:d6:ae:
         e2:bc:ef:4a:1d:f9:0e:5a:e1:b7:a9:c9:51:d8:22:c7:50:13:
         cc:49:0f:72:56:05:6f:3f:50:8a:26:ab:c6:2c:08:1f:02:45:
         e0:4a:34:bc:05:b2:5b:9b:43:9a:5f:5d:3a:ab:c5:d4:8f:3a:
         19:58:b1:4e:28:e1:f7:39:be:b9:71:43:1e:9c:bb:a7:1e:c7:
         a8:c9:cb:9e:c4:cc:e4:ec:f7:d5:71:e4:8a:6c:6a:0c:f4:68:
         5a:40:9d:5c:29:d1:b9:b9:37:5e:44:ab:36:ba:d8:79:2f:ba:
         a4:68:31:5b:86:cd:ab:7a:34:7b:bb:31:de:e1:a4:1b:b6:ab:
         d7:bc:c6:d7:1b:61:89:5a:b8:f1:49:96:62:06:3e:bd:92:01:
         99:b6:71:9d:c4:12:54:bc:92:23:3e:7b:46:f9:65:48:aa:72:
         0e:d4:b3:66:a8:4a:1a:98:fc:c0:e8:49:28:00:2a:eb:c1:4a:
         e8:cd:f5:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGHbR9FjzaJDLCN+F9FjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyY2RlYjU2NjQyZTMzNTg5NzcxZTdmZGE3MWJiNzFlMDE3
ZjlkOTYwHhcNMjUxMTA0MDkwMDE3WhcNMjUxMTA1MDkwMDE3WjAzMTEwLwYDVQQD
EyhhMGI1OWM3ZjYxNWYzYzEyMjc3MjY2NmJiMmFjNjJiNzZkNDk2NDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh+UVN/B/P7NBPmX03BvAjUrFPC5
gVPi1QxZJSEpiXoOrjuJ6wQlNfLHT8q4zN7g/O3StbkyMDPgUOmKfLC0c8pcSbrq
FlfwRi6LjhBP3F5cL3rxW2h+L/YtM0MeN7xLYQIeac6mPTjAG1h8ZoK2DhqJT4Z1
L6ePFl6kA3mhgNVDPMbF2Evry8MqCagy7aIGtyuVYVVcSKVFTl8tlgu59QIMSS0V
jERrHMS43p95KkbykPMSR8YAfSX70qn8JrrHsphLCtVmXVX7EIeD6Gl35c+gPVeh
5eUrjaXufPOFi1NBHYLNS2Muhgy09nler5Me+OhKGjLXEZiz/xgyHL/VtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKC1nH9hXzwSJ3Jma7KsYrdtSWSdMB8GA1UdIwQY
MBaAFHLN61ZkLjNYl3Hn/acbtx4Bf52WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8zYzg0NDgtYWY0YS00YjQ4LWE3MmEt
ZTgyNzc0YTE2YTU3LzEvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8zYzg0NDgtYWY0YS00YjQ4LWE3MmEtZTgyNzc0YTE2YTU3
LzEvY3MzclZtUXVNMWlYY2VmOXB4dTNIZ0ZfblpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANQ/TwjAb
PhxP7fOQARs3tzaFXsagHROvgVxiUnNKcg610IOhgVIgPLPqvLGcOKxNiTQ6aB3L
bXSLQpbgyzDwrWFgH00BvNau4rzvSh35Dlrht6nJUdgix1ATzEkPclYFbz9Qiiar
xiwIHwJF4Eo0vAWyW5tDml9dOqvF1I86GVixTijh9zm+uXFDHpy7px7HqMnLnsTM
5Oz31XHkimxqDPRoWkCdXCnRubk3XkSrNrrYeS+6pGgxW4bNq3o0e7sx3uGkG7ar
17zG1xthiVq48UmWYgY+vZIBmbZxncQSVLySIz57RvllSKpyDtSzZqhKGpj8wOhJ
KAAq68FK6M31xw==
-----END CERTIFICATE-----