Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
File:                     3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json)
Hash identifier:          4P9sygLT3NbVatPVGbeSGuhmenuHS3DaHoP+Im1czxw=
Subject key identifier:   8D:65:70:D8:C2:57:52:35:37:0C:C6:CE:CD:0E:BF:B7:A4:6F:D8:AF
Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9
Certificate issuer:       /CN=dd1738311581228ad28753944be8bcf2169faba9
Certificate serial:       0199FBEB83F0768529FB1AC41D192A80A8CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
Manifest number:          0E83
Signing time:             Sun 19 Oct 2025 10:02:19 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:19 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:19 +0000
Files and hashes:         1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: LH+y3ZfifMGDRVrAXU+NcRG34r0EAzPB8ubMA/8UiC0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:83:f0:76:85:29:fb:1a:c4:1d:19:2a:80:a8:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9
        Validity
            Not Before: Oct 19 10:02:19 2025 GMT
            Not After : Oct 20 10:02:19 2025 GMT
        Subject: CN=8d6570d8c2575235370cc6cecd0ebfb7a46fd8af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c1:69:d5:77:9b:3a:c9:77:bc:ef:1a:84:3b:
                    ce:70:63:48:ef:b5:b0:04:11:ba:b5:09:d8:8d:f3:
                    20:09:2b:d2:d0:ba:90:39:19:6b:ce:84:0f:bd:bb:
                    09:27:a8:c6:a4:e8:fb:11:ba:93:14:44:a7:04:82:
                    ab:b5:eb:ae:72:ce:af:17:45:e8:d1:5f:8b:7e:e4:
                    d9:9c:53:1e:01:76:04:03:b3:2c:a4:09:24:5c:10:
                    16:c9:2e:fb:d2:32:d4:b0:9a:2d:92:44:c7:aa:a5:
                    51:1e:70:ae:da:ec:b4:f2:f1:58:8b:0a:9d:63:ed:
                    59:95:8d:13:60:ee:47:70:7c:6d:34:74:19:e0:a4:
                    bf:bb:71:11:39:d7:04:a3:ea:18:18:ac:0d:ce:dd:
                    e4:7d:c9:e7:a6:4c:7f:25:50:57:0b:af:35:27:3a:
                    1c:d1:26:84:2a:64:26:c6:4a:f6:c3:06:cb:b9:2c:
                    40:af:d7:f8:a4:f0:44:df:b1:57:f6:21:13:3e:1c:
                    70:9c:46:22:a6:97:a3:27:ab:3d:55:59:73:34:2c:
                    41:15:a3:28:80:af:bc:19:d8:59:a5:d7:d3:ee:f4:
                    ed:dd:37:3d:9c:0a:a7:b5:e2:fb:7a:8c:52:98:89:
                    80:83:b8:bf:2f:32:66:86:70:4d:01:e2:12:2c:27:
                    3e:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:65:70:D8:C2:57:52:35:37:0C:C6:CE:CD:0E:BF:B7:A4:6F:D8:AF
            X509v3 Authority Key Identifier:
                keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:e5:b2:8a:4b:2e:02:02:53:aa:08:15:cb:ad:37:c2:bc:f0:
         b7:5b:25:bd:3f:f4:21:6c:1a:ce:4d:55:31:d1:a5:b2:4f:c3:
         55:17:1d:fb:d9:5a:8e:d8:77:fb:b3:0e:14:c2:20:89:e5:04:
         93:b2:c9:42:7e:f7:3e:d7:10:1d:34:ad:92:10:4a:51:fb:ce:
         52:6f:a2:7e:2c:e4:7e:4b:24:d8:25:55:ce:bd:d3:0f:75:65:
         18:4f:71:02:ea:65:d6:09:2b:4d:b2:5b:fd:ea:e2:29:7e:f6:
         33:48:80:27:91:e7:2c:7c:46:57:a4:75:07:1d:3a:ed:30:5b:
         59:85:aa:bb:e9:4e:71:39:21:40:65:8d:05:c3:fd:ca:20:fd:
         12:b4:e5:98:e3:2e:89:69:c3:77:ce:c9:57:e8:6b:0a:bd:b1:
         8d:03:02:44:ef:96:b6:2d:50:68:af:88:4c:51:d3:9e:89:09:
         6e:bc:02:59:df:01:94:d3:9c:72:71:36:36:33:5e:62:2f:a7:
         27:a8:c1:3a:7f:9a:2b:0b:b2:2b:b5:d8:fa:b7:4f:71:ba:44:
         5b:5a:0f:77:71:ee:4b:2e:36:4f:87:b7:8b:56:49:25:95:c7:
         7e:c0:3a:8d:85:fd:29:6d:63:17:02:80:f6:32:51:0d:70:d7:
         05:a2:7f:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn764PwdoUp+xrEHRkqgKjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5
ZmFiYTkwHhcNMjUxMDE5MTAwMjE5WhcNMjUxMDIwMTAwMjE5WjAzMTEwLwYDVQQD
Eyg4ZDY1NzBkOGMyNTc1MjM1MzcwY2M2Y2VjZDBlYmZiN2E0NmZkOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysFp1XebOsl3vO8ahDvOcGNI77Ww
BBG6tQnYjfMgCSvS0LqQORlrzoQPvbsJJ6jGpOj7EbqTFESnBIKrteuucs6vF0Xo
0V+LfuTZnFMeAXYEA7MspAkkXBAWyS770jLUsJotkkTHqqVRHnCu2uy08vFYiwqd
Y+1ZlY0TYO5HcHxtNHQZ4KS/u3EROdcEo+oYGKwNzt3kfcnnpkx/JVBXC681Jzoc
0SaEKmQmxkr2wwbLuSxAr9f4pPBE37FX9iETPhxwnEYippejJ6s9VVlzNCxBFaMo
gK+8GdhZpdfT7vTt3Tc9nAqnteL7eoxSmImAg7i/LzJmhnBNAeISLCc+EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1lcNjCV1I1NwzGzs0Ov7ekb9ivMB8GA1UdIwQY
MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt
YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm
LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVeWyiksu
AgJTqggVy603wrzwt1slvT/0IWwazk1VMdGlsk/DVRcd+9lajth3+7MOFMIgieUE
k7LJQn73PtcQHTStkhBKUfvOUm+ifizkfksk2CVVzr3TD3VlGE9xAupl1gkrTbJb
/eriKX72M0iAJ5HnLHxGV6R1Bx067TBbWYWqu+lOcTkhQGWNBcP9yiD9ErTlmOMu
iWnDd87JV+hrCr2xjQMCRO+Wti1QaK+ITFHTnokJbrwCWd8BlNOccnE2NjNeYi+n
J6jBOn+aKwuyK7XY+rdPcbpEW1oPd3HuSy42T4e3i1ZJJZXHfsA6jYX9KW1jFwKA
9jJRDXDXBaJ/5w==
-----END CERTIFICATE-----