Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
File:                     Pq9YPXwbe09XMQE8iymLpQVGTlI.mft (raw, json)
Hash identifier:          hGt2HXYAX76kjODn2k0KuzYROo3LXJ6SdFLbKYX48SY=
Subject key identifier:   3E:0D:18:0A:22:0B:7F:BB:F1:CC:0D:40:25:8B:48:5E:81:AA:34:C2
Authority key identifier: 3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52
Certificate issuer:       /CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
Certificate serial:       019A4C61A5D0D8D4780940EBB7B4A366C106
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
Manifest number:          1325
Signing time:             Tue 04 Nov 2025 01:00:59 +0000
Manifest this update:     Tue 04 Nov 2025 01:00:59 +0000
Manifest next update:     Wed 05 Nov 2025 01:00:59 +0000
Files and hashes:         1: Pq9YPXwbe09XMQE8iymLpQVGTlI.crl (hash: a39SA05j6Atcm63n/J+vctwq4wprb4sTrLDC0xURITY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 01:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4c:61:a5:d0:d8:d4:78:09:40:eb:b7:b4:a3:66:c1:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
        Validity
            Not Before: Nov  4 01:00:59 2025 GMT
            Not After : Nov  5 01:00:59 2025 GMT
        Subject: CN=3e0d180a220b7fbbf1cc0d40258b485e81aa34c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:d6:9e:b0:7d:56:2f:be:22:5c:bc:67:ab:5c:
                    6f:c5:b2:08:7d:4b:f2:4c:0c:92:38:6b:b2:cb:7e:
                    8e:86:86:b8:88:50:46:c4:9e:e3:76:3d:c8:2d:80:
                    5c:b6:61:da:fd:9d:e7:96:e4:de:9f:65:f8:87:6d:
                    56:e5:89:4e:bf:e5:40:ac:9a:dd:41:98:5f:68:e2:
                    c6:a0:65:80:69:39:86:64:db:af:6f:e2:48:74:2e:
                    34:af:fd:21:37:0d:62:4f:bf:e0:20:45:72:1b:09:
                    a8:0d:1f:dd:9a:24:15:d2:68:bc:54:9f:28:2e:b3:
                    3b:3b:1d:31:ee:e2:99:31:05:0e:9a:b9:d9:d7:0e:
                    6a:c9:f6:55:c2:33:d8:3d:db:c5:a4:21:49:f1:02:
                    a0:66:79:f4:4e:81:cc:e0:e8:50:af:ef:a4:51:72:
                    1a:29:e7:9a:17:2f:5d:03:8c:bc:8e:0a:5b:eb:06:
                    20:e1:bd:57:b7:b7:98:ff:19:1d:7b:35:d3:20:08:
                    8a:f1:9c:d3:41:a4:2d:78:5c:98:da:3b:67:53:d5:
                    c3:fb:1d:41:c1:37:14:ae:d4:10:7f:fc:07:d2:f1:
                    4b:80:da:0d:6d:39:5b:3f:16:5c:2b:1b:4e:d2:34:
                    41:e4:c0:3d:b0:dd:0e:99:60:ac:16:80:d5:f1:c3:
                    8d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:0D:18:0A:22:0B:7F:BB:F1:CC:0D:40:25:8B:48:5E:81:AA:34:C2
            X509v3 Authority Key Identifier:
                keyid:3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:cd:80:c2:4c:f4:3e:36:26:8f:07:62:87:c0:28:9d:3f:f0:
         d0:2c:0b:58:c5:4f:28:52:32:ff:ee:22:d1:48:42:f0:7b:bd:
         4b:2f:b7:ca:75:83:56:cb:b3:21:22:c9:fc:5e:01:07:6e:98:
         d6:c6:be:f8:36:5c:bb:c7:ac:a6:34:0f:df:a5:70:a2:3f:0a:
         7f:e6:9b:82:e6:18:c9:d3:8e:aa:ed:08:45:10:6d:2a:f3:be:
         4b:1c:16:41:31:ab:55:ff:2f:ab:8e:d5:95:5d:c9:17:5b:52:
         79:ab:07:8e:47:f3:70:12:94:0b:bd:5e:3e:57:01:e8:95:f6:
         9d:50:4a:72:a9:f8:8e:e3:d7:e5:59:67:5a:ee:55:28:d3:12:
         73:1b:74:68:75:21:df:36:46:a8:9f:a1:a7:44:c5:3c:52:9d:
         fc:53:50:80:3b:e3:38:0c:37:33:fe:63:39:b1:bd:28:f4:5e:
         b9:5f:ae:45:aa:bb:0b:a4:dd:9b:22:d6:8b:95:de:fc:1f:a2:
         aa:17:6a:5b:39:1b:dc:32:00:3a:7c:e3:13:47:9e:fc:71:3e:
         f3:0c:1e:68:2f:86:39:e9:33:f0:93:44:62:6a:f9:42:6b:1c:
         7d:2e:52:d9:16:b0:19:94:42:c4:55:98:44:04:d7:8a:88:0e:
         23:39:d3:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYaXQ2NR4CUDrt7SjZsEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWY1ODNkN2MxYjdiNGY1NzMxMDEzYzhiMjk4YmE1MDU0
NjRlNTIwHhcNMjUxMTA0MDEwMDU5WhcNMjUxMTA1MDEwMDU5WjAzMTEwLwYDVQQD
EygzZTBkMTgwYTIyMGI3ZmJiZjFjYzBkNDAyNThiNDg1ZTgxYWEzNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdaesH1WL74iXLxnq1xvxbIIfUvy
TAySOGuyy36Ohoa4iFBGxJ7jdj3ILYBctmHa/Z3nluTen2X4h21W5YlOv+VArJrd
QZhfaOLGoGWAaTmGZNuvb+JIdC40r/0hNw1iT7/gIEVyGwmoDR/dmiQV0mi8VJ8o
LrM7Ox0x7uKZMQUOmrnZ1w5qyfZVwjPYPdvFpCFJ8QKgZnn0ToHM4OhQr++kUXIa
KeeaFy9dA4y8jgpb6wYg4b1Xt7eY/xkdezXTIAiK8ZzTQaQteFyY2jtnU9XD+x1B
wTcUrtQQf/wH0vFLgNoNbTlbPxZcKxtO0jRB5MA9sN0OmWCsFoDV8cONNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD4NGAoiC3+78cwNQCWLSF6BqjTCMB8GA1UdIwQY
MBaAFD6vWD18G3tPVzEBPIspi6UFRk5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTct
OGUxOWM0ZGE4Nzk4LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTctOGUxOWM0ZGE4Nzk4
LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZM2Awkz0
PjYmjwdih8AonT/w0CwLWMVPKFIy/+4i0UhC8Hu9Sy+3ynWDVsuzISLJ/F4BB26Y
1sa++DZcu8espjQP36Vwoj8Kf+abguYYydOOqu0IRRBtKvO+SxwWQTGrVf8vq47V
lV3JF1tSeasHjkfzcBKUC71ePlcB6JX2nVBKcqn4juPX5VlnWu5VKNMScxt0aHUh
3zZGqJ+hp0TFPFKd/FNQgDvjOAw3M/5jObG9KPReuV+uRaq7C6TdmyLWi5Xe/B+i
qhdqWzkb3DIAOnzjE0ee/HE+8wweaC+GOekz8JNEYmr5QmscfS5S2RawGZRCxFWY
RATXiogOIznTFg==
-----END CERTIFICATE-----