Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          9g8DhdbgBQwHpmIJuKBGXDGWZOjoAX1oWsECAoMcpUU=
Subject key identifier:   68:F9:57:A3:42:BA:EE:D2:56:F5:D5:78:A4:BF:48:8D:F4:B2:3E:76
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019A4EF5284D900F5DCF2DDC2850C7F0D81D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          117C
Signing time:             Tue 04 Nov 2025 13:01:20 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:20 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:20 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: aG58IAerIIWRNF5pUMMj76P/sZm5K7oPOd+CbqhNLFM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:28:4d:90:0f:5d:cf:2d:dc:28:50:c7:f0:d8:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Nov  4 13:01:20 2025 GMT
            Not After : Nov  5 13:01:20 2025 GMT
        Subject: CN=68f957a342baeed256f5d578a4bf488df4b23e76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ff:bf:3b:c0:e0:df:2b:9c:51:a9:88:e4:0c:
                    c8:98:a9:1e:36:4a:01:67:dd:80:05:62:f0:19:43:
                    ac:7f:13:ed:1e:9e:25:8a:8e:2c:74:f4:49:2b:97:
                    8b:ca:0e:46:f2:64:fc:20:bd:dd:f5:63:32:47:fd:
                    76:a5:f3:ca:44:06:7c:fa:26:29:24:4f:22:54:bc:
                    80:c7:2f:c7:67:dc:88:5b:6f:b6:29:29:6f:3d:c7:
                    fa:39:cd:b4:aa:1d:01:89:f0:8c:c7:36:00:23:e6:
                    21:d4:01:a0:fe:13:d1:71:0a:fb:49:63:56:18:6c:
                    0a:4e:9d:2c:48:00:d5:0e:8c:37:91:0b:8f:4d:b7:
                    a3:b3:86:31:39:37:48:ec:9d:65:5e:69:cb:ab:40:
                    f0:95:39:0c:57:a3:15:99:8c:9d:2d:87:d8:94:06:
                    21:4b:42:f8:57:57:cd:1c:2d:22:09:c9:d2:2a:8d:
                    54:b9:6b:3e:50:0a:5c:2a:a2:b5:90:06:33:ad:4b:
                    ab:2a:6e:75:20:f6:bf:6f:c2:cf:ac:01:9b:c9:df:
                    29:ba:10:2d:0b:99:28:89:7c:8a:01:50:ae:22:26:
                    38:e8:b1:4c:e0:ac:79:1a:34:4e:b2:6d:89:df:02:
                    2b:c6:51:62:5a:2d:a5:d0:8a:a9:16:03:09:47:8a:
                    82:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:F9:57:A3:42:BA:EE:D2:56:F5:D5:78:A4:BF:48:8D:F4:B2:3E:76
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:4b:6f:d6:f5:41:49:6b:38:85:75:dc:6a:68:5b:7a:a9:b3:
         5b:73:f8:3f:01:72:6c:02:4d:0d:ed:11:38:3b:88:36:e8:33:
         3f:e9:95:e3:2e:d8:94:a6:f0:97:08:18:76:14:a8:25:cd:09:
         b3:89:39:e7:8f:82:3d:68:a0:5b:a8:75:0d:b7:7a:6d:52:e2:
         5d:33:a2:86:59:31:57:d0:18:88:d5:d1:62:54:77:43:9b:98:
         68:8e:d9:d0:f3:5e:79:37:e1:4f:a6:fd:e8:3a:f3:0c:b4:11:
         09:d8:c5:85:2c:20:0a:61:81:91:f0:e5:b6:1f:42:5e:b5:29:
         e3:c7:1d:28:ae:7d:d6:cf:61:b4:9b:cc:f3:fa:0a:94:d9:6f:
         57:d5:2e:27:a0:3c:a7:86:c8:f5:f0:99:f5:02:95:6a:aa:ae:
         31:52:73:d0:d7:e3:cd:e7:cf:2d:6d:cd:00:21:21:e3:ea:8e:
         ab:f9:90:d6:e0:fd:66:1e:b5:b5:e5:74:93:14:64:26:1a:0f:
         15:4b:8c:63:bf:27:01:de:be:e5:61:89:70:16:18:47:14:6c:
         2c:c7:80:29:89:26:2c:87:94:32:5d:6f:a6:cf:1f:60:83:fd:
         e0:80:1c:b0:c8:ad:5f:6e:f7:7f:09:56:23:36:91:bd:f0:e1:
         86:f3:3e:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9ShNkA9dzy3cKFDH8NgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjUxMTA0MTMwMTIwWhcNMjUxMTA1MTMwMTIwWjAzMTEwLwYDVQQD
Eyg2OGY5NTdhMzQyYmFlZWQyNTZmNWQ1NzhhNGJmNDg4ZGY0YjIzZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/+/O8Dg3yucUamI5AzImKkeNkoB
Z92ABWLwGUOsfxPtHp4lio4sdPRJK5eLyg5G8mT8IL3d9WMyR/12pfPKRAZ8+iYp
JE8iVLyAxy/HZ9yIW2+2KSlvPcf6Oc20qh0BifCMxzYAI+Yh1AGg/hPRcQr7SWNW
GGwKTp0sSADVDow3kQuPTbejs4YxOTdI7J1lXmnLq0DwlTkMV6MVmYydLYfYlAYh
S0L4V1fNHC0iCcnSKo1UuWs+UApcKqK1kAYzrUurKm51IPa/b8LPrAGbyd8puhAt
C5koiXyKAVCuIiY46LFM4Kx5GjROsm2J3wIrxlFiWi2l0IqpFgMJR4qChQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGj5V6NCuu7SVvXVeKS/SI30sj52MB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEktv1vVB
SWs4hXXcamhbeqmzW3P4PwFybAJNDe0RODuINugzP+mV4y7YlKbwlwgYdhSoJc0J
s4k554+CPWigW6h1Dbd6bVLiXTOihlkxV9AYiNXRYlR3Q5uYaI7Z0PNeeTfhT6b9
6DrzDLQRCdjFhSwgCmGBkfDlth9CXrUp48cdKK591s9htJvM8/oKlNlvV9UuJ6A8
p4bI9fCZ9QKVaqquMVJz0NfjzefPLW3NACEh4+qOq/mQ1uD9Zh61teV0kxRkJhoP
FUuMY78nAd6+5WGJcBYYRxRsLMeAKYkmLIeUMl1vps8fYIP94IAcsMitX273fwlW
IzaRvfDhhvM+4g==
-----END CERTIFICATE-----