Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          7Rxlx164Tt9Q6fhrOWezi3HunycUx1ymeBZkc7Z4bHE=
Subject key identifier:   6E:E9:45:2E:05:FF:97:F5:15:5E:3E:7B:06:DE:06:49:DC:FD:52:42
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       019A4EF51A10A5C46FBD845DDDBBE88B5921
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0DFF
Signing time:             Tue 04 Nov 2025 13:01:17 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:17 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:17 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: FPPu17ERTRmVe4HrcaOv7IftlKtnVjz6llLCCWaqgww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:1a:10:a5:c4:6f:bd:84:5d:dd:bb:e8:8b:59:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Nov  4 13:01:17 2025 GMT
            Not After : Nov  5 13:01:17 2025 GMT
        Subject: CN=6ee9452e05ff97f5155e3e7b06de0649dcfd5242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:56:bb:f4:c4:3b:fe:f8:fa:57:dc:d5:ab:c4:
                    9d:94:f0:2a:37:b1:aa:7f:1c:3e:60:e4:f5:f8:ee:
                    bd:92:24:85:55:9d:0b:58:e1:f2:b0:fa:4f:c3:8b:
                    3e:ee:bd:4c:30:d0:4d:83:7d:af:62:33:c9:43:d5:
                    56:a5:29:6d:ff:1c:44:b0:22:00:c8:21:40:da:84:
                    33:80:a7:27:3e:15:5d:9d:67:d4:ea:dd:fb:bd:2f:
                    32:af:f6:cc:f1:dc:4f:3e:69:27:42:51:15:aa:5e:
                    cb:66:f1:02:eb:be:91:02:54:ae:87:c7:6b:ca:73:
                    14:95:9b:ef:46:46:72:4c:ea:85:e3:71:fb:2b:be:
                    a1:9c:88:be:9c:58:fe:21:e4:5a:9c:c2:8d:30:a3:
                    a4:27:8d:84:cb:f9:44:b4:91:ae:f3:9e:ef:e7:95:
                    ea:92:4d:a2:a7:58:0d:a7:6b:e9:90:52:20:ee:20:
                    39:f4:08:43:9b:b7:ae:22:71:64:57:1b:c0:8f:17:
                    8c:a1:2f:99:cb:90:2c:7f:f1:13:99:52:da:12:21:
                    1b:92:33:d5:31:25:97:91:12:aa:40:04:98:95:3d:
                    f4:56:6e:ea:d5:ff:7d:89:89:fa:7f:db:55:47:9f:
                    31:ed:c4:8e:92:da:9d:ab:c7:78:85:48:13:f6:8a:
                    d0:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:E9:45:2E:05:FF:97:F5:15:5E:3E:7B:06:DE:06:49:DC:FD:52:42
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:66:a6:e3:54:6d:df:09:64:f7:02:22:01:53:ac:d0:99:e7:
         33:6f:b5:2a:0b:61:55:85:68:a5:b3:ef:d5:68:dd:f7:e3:af:
         25:78:94:eb:e6:f6:7f:ed:65:d0:38:e3:a4:fa:63:51:ae:13:
         be:6a:7e:75:8c:4c:79:6a:38:29:1a:52:90:8f:6d:29:a6:f5:
         8f:48:df:4c:33:ab:27:1d:19:59:02:ed:b8:51:a2:65:4c:f8:
         2a:33:f3:cf:bc:23:41:f0:56:c1:08:71:24:ec:10:cb:09:ad:
         55:f5:7f:e2:9e:8c:a2:89:8e:5d:90:94:c9:25:59:59:2a:7e:
         39:1e:4b:05:d1:69:d2:ce:ad:90:3a:a0:3f:d7:d8:a4:f2:80:
         22:0d:a3:12:f4:c1:8d:54:6a:46:dd:1d:16:fd:92:b0:8b:27:
         cb:33:e7:9b:7a:d8:da:63:4e:7c:e9:1d:24:4a:d8:36:ac:20:
         76:cf:7b:08:66:97:2e:96:62:46:e9:44:83:dd:4c:77:ea:1c:
         b1:9e:2a:ec:fd:1e:5d:4b:d5:61:e2:f7:5d:6e:11:da:34:ac:
         a1:45:d5:f2:20:3d:90:93:9a:0d:f0:79:9f:6e:27:83:ed:f7:
         c2:d6:7f:52:a2:fb:42:b7:f7:2f:46:92:08:94:47:1e:e2:3d:
         20:e7:6f:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9RoQpcRvvYRd3bvoi1khMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjUxMTA0MTMwMTE3WhcNMjUxMTA1MTMwMTE3WjAzMTEwLwYDVQQD
Eyg2ZWU5NDUyZTA1ZmY5N2Y1MTU1ZTNlN2IwNmRlMDY0OWRjZmQ1MjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Va79MQ7/vj6V9zVq8SdlPAqN7Gq
fxw+YOT1+O69kiSFVZ0LWOHysPpPw4s+7r1MMNBNg32vYjPJQ9VWpSlt/xxEsCIA
yCFA2oQzgKcnPhVdnWfU6t37vS8yr/bM8dxPPmknQlEVql7LZvEC676RAlSuh8dr
ynMUlZvvRkZyTOqF43H7K76hnIi+nFj+IeRanMKNMKOkJ42Ey/lEtJGu857v55Xq
kk2ip1gNp2vpkFIg7iA59AhDm7euInFkVxvAjxeMoS+Zy5Asf/ETmVLaEiEbkjPV
MSWXkRKqQASYlT30Vm7q1f99iYn6f9tVR58x7cSOktqdq8d4hUgT9orQKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7pRS4F/5f1FV4+ewbeBknc/VJCMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGam41Rt
3wlk9wIiAVOs0JnnM2+1KgthVYVopbPv1Wjd9+OvJXiU6+b2f+1l0DjjpPpjUa4T
vmp+dYxMeWo4KRpSkI9tKab1j0jfTDOrJx0ZWQLtuFGiZUz4KjPzz7wjQfBWwQhx
JOwQywmtVfV/4p6MoomOXZCUySVZWSp+OR5LBdFp0s6tkDqgP9fYpPKAIg2jEvTB
jVRqRt0dFv2SsIsnyzPnm3rY2mNOfOkdJErYNqwgds97CGaXLpZiRulEg91Md+oc
sZ4q7P0eXUvVYeL3XW4R2jSsoUXV8iA9kJOaDfB5n24ng+33wtZ/UqL7Qrf3L0aS
CJRHHuI9IOdvWQ==
-----END CERTIFICATE-----