Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
File:                     3dStS_QUF7o4OE1lvC0HwPaFCeE.mft (raw, json)
Hash identifier:          MeELYu6RshDskogzBRI3u/BntrwdsRlGWBhTwqQhq7w=
Subject key identifier:   EC:E0:A0:40:36:27:F0:C3:15:BE:36:82:9E:75:D7:D1:A0:74:27:BA
Authority key identifier: DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1
Certificate issuer:       /CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
Certificate serial:       019A4F6257AF628B1C3303C08C9A1F5998A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
Manifest number:          169E
Signing time:             Tue 04 Nov 2025 15:00:36 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:36 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:36 +0000
Files and hashes:         1: 3dStS_QUF7o4OE1lvC0HwPaFCeE.crl (hash: yzMQLhlbu6pXDiE+/oMTBsIRK/QMpovIObEs8Ztk1lQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:57:af:62:8b:1c:33:03:c0:8c:9a:1f:59:98:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1
        Validity
            Not Before: Nov  4 15:00:36 2025 GMT
            Not After : Nov  5 15:00:36 2025 GMT
        Subject: CN=ece0a0403627f0c315be36829e75d7d1a07427ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:cf:53:f3:1d:71:fe:1c:11:d0:bb:52:5f:ea:
                    44:0f:70:02:91:a6:03:c8:37:c7:f7:b9:19:51:bc:
                    96:a1:91:ea:d5:03:a7:bc:5d:77:a7:e1:a2:0c:b1:
                    28:aa:f3:bd:90:61:c7:5f:9c:1d:2b:3b:21:c4:51:
                    0e:f6:5d:8b:7a:fa:c5:13:cc:cc:a9:e5:b3:fb:9a:
                    ca:f2:3b:cc:45:b2:50:62:7d:12:60:20:f3:7e:ec:
                    64:7c:d9:22:f4:b1:02:da:db:be:25:e2:7c:69:e5:
                    bd:f0:7f:6f:5e:3d:2a:40:15:87:84:51:38:5a:51:
                    9a:53:81:a7:2f:46:7c:51:10:c9:6d:6f:8e:15:95:
                    a3:c9:1f:29:db:be:38:38:a6:d9:9f:70:25:07:de:
                    da:d9:72:9a:37:29:92:76:cf:50:3d:98:59:a3:c8:
                    c5:90:b3:14:c4:18:b6:4b:e7:59:75:f5:fe:d0:6f:
                    99:e9:b3:ed:df:f2:19:46:00:8f:e0:13:2e:d3:2d:
                    70:92:e1:31:1e:d0:4b:25:e4:01:41:4c:ad:96:4e:
                    6c:1b:cb:31:d9:b5:71:d6:24:a6:f8:4a:7f:eb:69:
                    fe:2e:7f:80:31:52:e8:bd:ba:da:5c:da:d2:21:25:
                    68:6c:0f:8d:e5:80:55:0f:16:a1:44:f3:f4:27:90:
                    09:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:E0:A0:40:36:27:F0:C3:15:BE:36:82:9E:75:D7:D1:A0:74:27:BA
            X509v3 Authority Key Identifier:
                keyid:DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:05:c5:7b:f1:b5:59:4c:33:b0:ac:52:46:e9:d8:bf:2b:e3:
         8b:61:10:48:7e:6e:68:79:ad:2e:92:5d:91:b1:d1:eb:c2:fe:
         f0:75:94:b2:17:67:1e:5e:36:1e:8c:35:5b:bb:e9:b3:f6:f8:
         f8:26:13:32:5d:82:24:21:5b:1f:bf:63:8c:ca:1f:68:95:2a:
         4b:9d:bc:4b:1e:8f:09:88:85:01:64:fe:6e:35:8b:c0:25:67:
         65:89:72:4d:94:35:cb:5a:32:61:0b:a9:51:c9:1f:27:35:0a:
         f4:39:a1:35:ce:ce:b4:35:a0:65:1b:6d:a4:d0:8b:75:1b:68:
         96:d9:b5:b5:ba:d2:af:84:51:d6:a9:e0:cf:26:d0:c7:b3:73:
         50:11:aa:de:ff:26:6f:69:cc:99:23:04:75:2f:de:ed:b5:fb:
         d7:60:3f:2b:75:db:03:0c:be:2a:dd:b2:2b:9e:f4:6f:71:e5:
         f1:50:8f:40:ce:36:33:0a:48:fd:8b:f5:4e:58:73:35:63:21:
         11:47:63:be:59:27:7e:51:df:26:b6:2b:c6:56:23:e8:c8:10:
         48:6d:e6:67:d1:fc:1a:c8:92:b4:67:fa:0d:03:31:10:b0:10:
         c9:18:21:65:09:e1:26:43:8c:76:c5:62:b7:58:0b:da:39:bf:
         b0:5d:d9:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYlevYoscMwPAjJofWZijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDRhZDRiZjQxNDE3YmEzODM4NGQ2NWJjMmQwN2MwZjY4
NTA5ZTEwHhcNMjUxMTA0MTUwMDM2WhcNMjUxMTA1MTUwMDM2WjAzMTEwLwYDVQQD
EyhlY2UwYTA0MDM2MjdmMGMzMTViZTM2ODI5ZTc1ZDdkMWEwNzQyN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAks9T8x1x/hwR0LtSX+pED3ACkaYD
yDfH97kZUbyWoZHq1QOnvF13p+GiDLEoqvO9kGHHX5wdKzshxFEO9l2LevrFE8zM
qeWz+5rK8jvMRbJQYn0SYCDzfuxkfNki9LEC2tu+JeJ8aeW98H9vXj0qQBWHhFE4
WlGaU4GnL0Z8URDJbW+OFZWjyR8p2744OKbZn3AlB97a2XKaNymSds9QPZhZo8jF
kLMUxBi2S+dZdfX+0G+Z6bPt3/IZRgCP4BMu0y1wkuExHtBLJeQBQUytlk5sG8sx
2bVx1iSm+Ep/62n+Ln+AMVLovbraXNrSISVobA+N5YBVDxahRPP0J5AJLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzgoEA2J/DDFb42gp5119GgdCe6MB8GA1UdIwQY
MBaAFN3UrUv0FBe6ODhNZbwtB8D2hQnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUt
N2JjOGMyMGEyMzVhLzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUtN2JjOGMyMGEyMzVh
LzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJQXFe/G1
WUwzsKxSRunYvyvji2EQSH5uaHmtLpJdkbHR68L+8HWUshdnHl42How1W7vps/b4
+CYTMl2CJCFbH79jjMofaJUqS528Sx6PCYiFAWT+bjWLwCVnZYlyTZQ1y1oyYQup
UckfJzUK9DmhNc7OtDWgZRttpNCLdRtoltm1tbrSr4RR1qngzybQx7NzUBGq3v8m
b2nMmSMEdS/e7bX712A/K3XbAwy+Kt2yK570b3Hl8VCPQM42MwpI/Yv1TlhzNWMh
EUdjvlknflHfJrYrxlYj6MgQSG3mZ9H8GsiStGf6DQMxELAQyRghZQnhJkOMdsVi
t1gL2jm/sF3ZkQ==
-----END CERTIFICATE-----