Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          LmoL9HiaQ4QjgfPxbOyP8a3dnxZHRAXRd1/c5AH7iZ4=
Subject key identifier:   0D:26:D7:10:71:96:42:30:24:E0:F1:71:3B:10:EA:99:23:0E:D4:95
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       019A4F6287A706EF77FDE26E809BF958A0A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 15:00:48 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:48 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:48 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: 53V+/3srH8gYkL06MY9T0fV/67taSmJCl0eVHlcLc0w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:87:a7:06:ef:77:fd:e2:6e:80:9b:f9:58:a0:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Nov  4 15:00:48 2025 GMT
            Not After : Nov  5 15:00:48 2025 GMT
        Subject: CN=0d26d7107196423024e0f1713b10ea99230ed495
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:5d:d8:3b:09:ce:c9:c2:b1:ff:7f:64:51:40:
                    c4:6b:cc:6a:3c:e0:65:e4:91:a3:e5:47:05:73:36:
                    d8:82:4f:f9:43:f5:6b:06:69:ef:40:06:45:f0:ae:
                    29:d7:44:4c:04:10:51:e2:8d:c7:ab:d7:38:c2:06:
                    2d:4e:a0:eb:08:c2:b5:57:bd:79:cb:8d:62:a0:32:
                    07:ae:53:d4:23:86:c1:2b:ec:07:a6:cd:97:b7:55:
                    77:7c:20:56:7a:8b:88:93:be:d4:ac:dc:66:54:40:
                    d6:14:6e:1d:92:76:97:0c:da:a0:58:91:21:38:ac:
                    e1:d1:14:c7:6f:36:af:e5:31:8f:09:45:58:3a:69:
                    fb:1e:0b:aa:a2:ef:69:a8:b4:bf:94:16:ce:5c:a9:
                    e2:50:be:cc:86:21:66:8a:59:ac:9c:56:32:6c:b4:
                    87:00:c4:b5:3c:9b:88:c6:c8:d3:90:3c:9b:98:b6:
                    c2:c7:0d:a5:50:e6:54:9d:54:44:b0:3a:a6:3f:66:
                    4e:17:da:62:0f:89:24:fa:e1:89:ef:17:3b:69:fb:
                    31:99:65:72:55:7d:16:00:76:0c:0b:5c:82:23:a7:
                    92:51:37:f4:af:59:89:fc:63:7f:b1:d5:20:52:42:
                    60:8a:57:d1:db:78:ad:b1:7e:fe:fc:95:49:11:1c:
                    90:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:26:D7:10:71:96:42:30:24:E0:F1:71:3B:10:EA:99:23:0E:D4:95
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:cf:f8:f1:f6:75:d6:a2:a8:d4:c4:39:38:a7:d8:6d:e8:ab:
         3d:bd:da:61:e8:fc:ef:dc:92:dd:3c:fe:f3:9e:84:a1:f6:f7:
         ae:14:65:34:fe:ce:e3:61:c0:27:51:07:9d:0d:a9:24:65:8d:
         2b:a9:f1:fe:df:d0:2b:11:b5:98:c2:81:39:cd:de:86:9b:6a:
         58:ca:1b:a6:04:32:ed:df:ad:74:0a:01:4f:46:aa:1e:41:47:
         87:ba:46:7a:1b:d4:b6:53:7c:a2:af:67:f9:a7:dc:40:6f:80:
         15:33:8a:b1:5e:01:56:e9:c7:e6:21:17:68:e5:fd:cc:cd:d3:
         1f:61:b9:06:2a:b3:3a:f1:48:ce:3d:b8:99:a1:25:65:fd:44:
         ba:4c:25:60:fd:fa:b5:22:e4:b1:66:a1:61:42:db:69:a9:6b:
         d4:3e:33:cf:47:8c:b4:75:41:43:de:8c:5e:19:c8:b6:d8:67:
         2e:bd:c4:05:97:e2:f6:f2:4d:16:7a:eb:5c:6d:6e:74:16:83:
         eb:0a:a0:b6:e4:42:fd:2f:7c:61:be:92:fe:7d:1e:f7:36:de:
         0f:fa:f2:c2:75:76:c6:9f:5d:20:69:64:65:17:c5:ea:0e:cd:
         2b:72:fb:58:6a:0c:a2:b1:3a:6c:85:2c:f5:06:c7:e0:6e:eb:
         c3:5d:6e:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYoenBu93/eJugJv5WKCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjUxMTA0MTUwMDQ4WhcNMjUxMTA1MTUwMDQ4WjAzMTEwLwYDVQQD
EygwZDI2ZDcxMDcxOTY0MjMwMjRlMGYxNzEzYjEwZWE5OTIzMGVkNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA813YOwnOycKx/39kUUDEa8xqPOBl
5JGj5UcFczbYgk/5Q/VrBmnvQAZF8K4p10RMBBBR4o3Hq9c4wgYtTqDrCMK1V715
y41ioDIHrlPUI4bBK+wHps2Xt1V3fCBWeouIk77UrNxmVEDWFG4dknaXDNqgWJEh
OKzh0RTHbzav5TGPCUVYOmn7Hguqou9pqLS/lBbOXKniUL7MhiFmilmsnFYybLSH
AMS1PJuIxsjTkDybmLbCxw2lUOZUnVREsDqmP2ZOF9piD4kk+uGJ7xc7afsxmWVy
VX0WAHYMC1yCI6eSUTf0r1mJ/GN/sdUgUkJgilfR23itsX7+/JVJERyQjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0m1xBxlkIwJODxcTsQ6pkjDtSVMB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAos/48fZ1
1qKo1MQ5OKfYbeirPb3aYej879yS3Tz+856Eofb3rhRlNP7O42HAJ1EHnQ2pJGWN
K6nx/t/QKxG1mMKBOc3ehptqWMobpgQy7d+tdAoBT0aqHkFHh7pGehvUtlN8oq9n
+afcQG+AFTOKsV4BVunH5iEXaOX9zM3TH2G5BiqzOvFIzj24maElZf1EukwlYP36
tSLksWahYULbaalr1D4zz0eMtHVBQ96MXhnItthnLr3EBZfi9vJNFnrrXG1udBaD
6wqgtuRC/S98Yb6S/n0e9zbeD/rywnV2xp9dIGlkZRfF6g7NK3L7WGoMorE6bIUs
9QbH4G7rw11u3Q==
-----END CERTIFICATE-----