Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          xhUZcSRVdMe6XR/u8zgXH2vx3lHyLSWt3kcbDWZiPzg=
Subject key identifier:   54:60:7F:F2:6B:4F:F2:DB:C8:2E:55:DD:50:FE:A7:E1:17:23:2B:CA
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       019A4F62296271FFBC9229475E889B104934
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          0AB7
Signing time:             Tue 04 Nov 2025 15:00:24 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:24 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:24 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: LNVsQ+uspWS+awDZTuIEcUr0pIjjsSZYgfTHFzsA3Gc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:29:62:71:ff:bc:92:29:47:5e:88:9b:10:49:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Nov  4 15:00:24 2025 GMT
            Not After : Nov  5 15:00:24 2025 GMT
        Subject: CN=54607ff26b4ff2dbc82e55dd50fea7e117232bca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:75:ab:49:8f:61:8a:78:c5:bf:d8:2c:f3:2d:
                    93:34:48:a2:b4:e7:dc:6b:4b:fc:b1:aa:64:55:bb:
                    4e:ae:8e:22:67:ec:6a:bd:c0:96:ce:be:63:f2:9b:
                    96:89:73:33:38:bb:d6:8d:1a:0c:c0:1c:68:6e:bd:
                    36:74:69:1a:b1:ac:d7:e3:27:c2:11:68:dc:aa:94:
                    83:1e:c3:54:7b:fa:65:19:8a:f2:57:53:cf:ce:51:
                    8e:1d:44:dd:89:ff:b2:81:7f:60:8c:ad:62:a9:77:
                    47:cf:b5:4f:09:5b:ea:68:d5:16:d5:e1:76:69:a4:
                    0b:4a:46:9b:d7:24:94:d4:9c:16:be:5a:ef:de:9e:
                    5d:b5:37:5f:54:a5:ab:76:ef:c6:b9:11:15:05:fd:
                    b4:da:ad:5a:e8:4e:6f:d0:f9:ba:bb:a6:d2:1b:19:
                    7f:8a:12:a9:67:bf:87:62:d0:8e:1b:24:6b:59:ad:
                    4d:6c:9a:db:82:0b:12:39:e6:79:2e:7b:f6:4f:d6:
                    60:a6:41:0b:bf:0c:0a:cb:34:83:bb:4b:49:ea:03:
                    39:2a:ea:2f:96:1a:ac:1d:91:ba:81:69:98:e0:c6:
                    90:5c:e7:2a:3c:be:1f:98:18:a2:cb:d8:63:18:5f:
                    47:df:e2:fa:b6:46:a9:6b:1d:e1:1d:46:e8:30:7e:
                    bf:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:60:7F:F2:6B:4F:F2:DB:C8:2E:55:DD:50:FE:A7:E1:17:23:2B:CA
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:00:f9:3c:4f:20:15:a7:c5:79:17:c5:2b:02:73:eb:03:7b:
         af:c6:f0:2d:f9:4e:c6:53:a1:22:df:9c:13:29:f8:b0:2a:ec:
         91:53:80:93:61:e1:98:de:58:84:37:74:ee:d7:5b:66:65:9e:
         77:4a:0d:42:6d:1e:a2:94:04:c7:09:46:a8:7a:c8:2f:85:5a:
         b9:01:5b:4d:67:0d:41:68:88:af:25:61:ad:15:88:4d:58:79:
         82:44:f2:f3:bf:d6:6c:4f:d4:f2:e1:13:c5:c1:be:2d:12:f4:
         3f:56:b8:7f:73:78:ba:25:50:9f:de:b8:b7:8f:51:bf:c7:a4:
         d0:28:1c:99:f8:96:56:a4:be:62:62:90:33:7b:0d:dd:d5:f1:
         60:7a:7c:1b:6f:f3:d0:fd:53:77:53:0c:28:5e:65:54:b1:b1:
         fc:d2:06:f4:2e:04:cd:9d:e7:49:25:03:0d:31:41:36:99:b9:
         6c:bb:a2:b8:44:e7:16:08:df:23:33:17:86:ed:28:67:19:d8:
         f8:34:cf:6e:c7:af:26:6d:1e:58:25:7d:b0:fa:ec:30:18:1f:
         0d:f7:29:63:6a:2b:32:a7:12:b9:9e:9c:48:2f:46:91:f6:42:
         e7:84:34:7b:dc:45:66:ef:89:a0:59:90:e9:9e:31:89:54:bf:
         b4:d1:a0:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYilicf+8kilHXoibEEk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjUxMTA0MTUwMDI0WhcNMjUxMTA1MTUwMDI0WjAzMTEwLwYDVQQD
Eyg1NDYwN2ZmMjZiNGZmMmRiYzgyZTU1ZGQ1MGZlYTdlMTE3MjMyYmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXWrSY9hinjFv9gs8y2TNEiitOfc
a0v8sapkVbtOro4iZ+xqvcCWzr5j8puWiXMzOLvWjRoMwBxobr02dGkasazX4yfC
EWjcqpSDHsNUe/plGYryV1PPzlGOHUTdif+ygX9gjK1iqXdHz7VPCVvqaNUW1eF2
aaQLSkab1ySU1JwWvlrv3p5dtTdfVKWrdu/GuREVBf202q1a6E5v0Pm6u6bSGxl/
ihKpZ7+HYtCOGyRrWa1NbJrbggsSOeZ5Lnv2T9ZgpkELvwwKyzSDu0tJ6gM5Kuov
lhqsHZG6gWmY4MaQXOcqPL4fmBiiy9hjGF9H3+L6tkapax3hHUboMH6/eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFRgf/JrT/LbyC5V3VD+p+EXIyvKMB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANgD5PE8g
FafFeRfFKwJz6wN7r8bwLflOxlOhIt+cEyn4sCrskVOAk2HhmN5YhDd07tdbZmWe
d0oNQm0eopQExwlGqHrIL4VauQFbTWcNQWiIryVhrRWITVh5gkTy87/WbE/U8uET
xcG+LRL0P1a4f3N4uiVQn964t49Rv8ek0CgcmfiWVqS+YmKQM3sN3dXxYHp8G2/z
0P1Td1MMKF5lVLGx/NIG9C4EzZ3nSSUDDTFBNpm5bLuiuETnFgjfIzMXhu0oZxnY
+DTPbsevJm0eWCV9sPrsMBgfDfcpY2orMqcSuZ6cSC9GkfZC54Q0e9xFZu+JoFmQ
6Z4xiVS/tNGgow==
-----END CERTIFICATE-----