Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft
File:                     h3YEKrfwcZWY6znlPvkuCsz6T6M.mft (raw, json)
Hash identifier:          CW/spVvq8WRqvY+8dGdc10b1sJN7mI21MNb8QQuQzi8=
Subject key identifier:   3E:7B:87:72:6A:87:D2:37:73:AE:D4:47:47:02:35:44:A4:66:7A:55
Authority key identifier: 87:76:04:2A:B7:F0:71:95:98:EB:39:E5:3E:F9:2E:0A:CC:FA:4F:A3
Certificate issuer:       /CN=8776042ab7f0719598eb39e53ef92e0accfa4fa3
Certificate serial:       019A4EF4A882827C3607B96F197947DE9C1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft
Manifest number:          0B0E
Signing time:             Tue 04 Nov 2025 13:00:48 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:48 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:48 +0000
Files and hashes:         1: h3YEKrfwcZWY6znlPvkuCsz6T6M.crl (hash: TdadLuJKNX/I6cZI7bbvBbE6m73whDOnmPmNG925ucE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:a8:82:82:7c:36:07:b9:6f:19:79:47:de:9c:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8776042ab7f0719598eb39e53ef92e0accfa4fa3
        Validity
            Not Before: Nov  4 13:00:48 2025 GMT
            Not After : Nov  5 13:00:48 2025 GMT
        Subject: CN=3e7b87726a87d23773aed44747023544a4667a55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:16:35:7b:3d:c3:5b:f4:30:48:2b:35:41:a3:
                    1a:a1:dc:e7:d4:eb:4f:9a:50:1c:bb:30:a1:bf:9c:
                    25:52:f6:f4:fb:03:f2:eb:70:dd:97:b8:7e:a4:61:
                    70:3d:76:4e:f5:f8:4a:f0:6d:76:52:43:ca:76:30:
                    11:06:35:97:ff:6c:43:cf:c9:8d:24:59:15:74:60:
                    49:9a:67:b0:a2:04:31:ba:0b:68:f2:92:0c:38:d3:
                    91:74:e8:65:9e:29:1d:df:6e:49:97:dd:10:08:d3:
                    bc:37:e2:5a:57:96:d0:19:bb:7a:08:97:f7:2f:3d:
                    b4:4f:83:7d:ba:af:8a:17:bf:d5:d7:47:3f:88:68:
                    ec:f9:0d:5b:bd:d8:6d:7a:32:02:39:6f:a6:67:06:
                    32:1d:04:f2:ae:ef:7e:39:e1:71:1c:a5:eb:6d:dc:
                    c8:9b:24:fe:83:c2:de:01:a0:70:c1:b9:af:55:04:
                    2f:f3:65:17:e3:24:56:2d:72:95:ba:c0:72:61:9f:
                    7a:89:b5:90:e4:0e:4f:27:ce:64:5a:07:d2:dc:5f:
                    f9:70:3d:f4:d8:69:12:a3:bd:f2:33:0f:de:fe:14:
                    3b:2f:86:76:69:d7:a9:62:e9:b9:5f:40:99:45:a4:
                    24:00:18:1a:6c:df:7b:e1:07:38:96:1d:77:9b:6d:
                    29:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:7B:87:72:6A:87:D2:37:73:AE:D4:47:47:02:35:44:A4:66:7A:55
            X509v3 Authority Key Identifier:
                keyid:87:76:04:2A:B7:F0:71:95:98:EB:39:E5:3E:F9:2E:0A:CC:FA:4F:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:f9:10:1d:38:21:5f:1f:62:1e:1f:e1:99:4d:20:9b:52:df:
         1e:41:1d:58:28:d6:fe:7a:f6:64:78:87:62:bc:80:3e:a1:5c:
         ff:14:da:0d:48:27:5f:bc:80:4a:c5:c3:a6:f2:56:f1:a7:79:
         aa:fa:45:a9:15:46:12:d2:17:05:aa:e3:34:ad:ab:25:cf:32:
         21:b4:0c:0f:e2:6c:66:cb:44:b6:3a:9a:3b:a5:e9:2d:2b:5d:
         23:da:e8:ff:65:ed:30:4b:17:9c:b6:03:16:47:27:74:28:c8:
         dc:f3:3f:68:5c:90:e0:79:c7:a0:40:25:9f:75:31:a5:df:b6:
         8a:ee:bb:22:8e:54:32:66:8f:0e:85:62:28:e4:f0:9d:54:90:
         fa:90:13:53:24:32:b1:fb:33:62:18:18:45:6a:1e:c9:2e:58:
         8d:80:28:83:0c:6a:80:eb:9e:6d:de:2c:f0:f9:b5:1c:da:1a:
         7b:04:2e:43:fb:a6:99:c2:38:9b:2a:01:5a:fb:89:55:ee:b0:
         4f:f4:6c:58:e2:bc:e8:5b:70:ed:19:1e:9d:4e:a7:39:d5:e9:
         47:8c:04:c1:4f:ec:48:2e:af:0f:e7:1e:e1:83:1a:c4:ca:ca:
         39:11:25:54:eb:37:9b:4e:d1:17:b1:71:0b:10:e5:23:21:43:
         50:b2:6c:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9KiCgnw2B7lvGXlH3pwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzYwNDJhYjdmMDcxOTU5OGViMzllNTNlZjkyZTBhY2Nm
YTRmYTMwHhcNMjUxMTA0MTMwMDQ4WhcNMjUxMTA1MTMwMDQ4WjAzMTEwLwYDVQQD
EygzZTdiODc3MjZhODdkMjM3NzNhZWQ0NDc0NzAyMzU0NGE0NjY3YTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BY1ez3DW/QwSCs1QaMaodzn1OtP
mlAcuzChv5wlUvb0+wPy63Ddl7h+pGFwPXZO9fhK8G12UkPKdjARBjWX/2xDz8mN
JFkVdGBJmmewogQxugto8pIMONORdOhlnikd325Jl90QCNO8N+JaV5bQGbt6CJf3
Lz20T4N9uq+KF7/V10c/iGjs+Q1bvdhtejICOW+mZwYyHQTyru9+OeFxHKXrbdzI
myT+g8LeAaBwwbmvVQQv82UX4yRWLXKVusByYZ96ibWQ5A5PJ85kWgfS3F/5cD30
2GkSo73yMw/e/hQ7L4Z2adepYum5X0CZRaQkABgabN974Qc4lh13m20pCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD57h3Jqh9I3c67UR0cCNUSkZnpVMB8GA1UdIwQY
MBaAFId2BCq38HGVmOs55T75LgrM+k+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC85YmRiOGMtZDMwNy00MWY2LWFjODEt
ZTNjY2YzZWEzYzRhLzEvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC85YmRiOGMtZDMwNy00MWY2LWFjODEtZTNjY2YzZWEzYzRh
LzEvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPkQHTgh
Xx9iHh/hmU0gm1LfHkEdWCjW/nr2ZHiHYryAPqFc/xTaDUgnX7yASsXDpvJW8ad5
qvpFqRVGEtIXBarjNK2rJc8yIbQMD+JsZstEtjqaO6XpLStdI9ro/2XtMEsXnLYD
FkcndCjI3PM/aFyQ4HnHoEAln3Uxpd+2iu67Io5UMmaPDoViKOTwnVSQ+pATUyQy
sfszYhgYRWoeyS5YjYAogwxqgOuebd4s8Pm1HNoaewQuQ/ummcI4myoBWvuJVe6w
T/RsWOK86Ftw7RkenU6nOdXpR4wEwU/sSC6vD+ce4YMaxMrKORElVOs3m07RF7Fx
CxDlIyFDULJsrg==
-----END CERTIFICATE-----