Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
File:                     3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json)
Hash identifier:          8D70if3e6OgkRmfe0ldrhfjKQM3+1ecLZToBx2jFzRY=
Subject key identifier:   31:BD:8D:3C:2B:FA:65:80:50:39:22:30:B6:21:BA:8F:8B:FC:C3:76
Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52
Certificate issuer:       /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
Certificate serial:       0199FDD8E47EDA286CD699423379B95925A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
Manifest number:          0774
Signing time:             Sun 19 Oct 2025 19:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:13 +0000
Files and hashes:         1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: OJVcLJisaiPj8cIW7NTKP4dtwhac4XXcMPEw3W5kZmU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d8:e4:7e:da:28:6c:d6:99:42:33:79:b9:59:25:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152
        Validity
            Not Before: Oct 19 19:01:13 2025 GMT
            Not After : Oct 20 19:01:13 2025 GMT
        Subject: CN=31bd8d3c2bfa658050392230b621ba8f8bfcc376
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:8f:2c:0e:30:00:98:b7:d8:3f:f4:b5:b0:8c:
                    84:d8:b0:16:bd:22:4f:e7:db:1e:0e:72:db:1b:8e:
                    80:f5:ab:c4:61:1a:07:3d:9d:8f:9e:9b:f4:58:88:
                    24:5e:e3:7b:96:7c:db:b6:9a:37:0f:48:1b:25:f3:
                    ca:b7:ea:ee:17:7a:76:83:fc:df:59:19:0c:7c:de:
                    25:41:e2:98:a9:f1:07:3a:b3:3a:f5:59:91:6f:a6:
                    6e:91:ef:3d:2f:69:09:01:43:77:56:ce:d9:58:7f:
                    30:71:57:fd:a7:c2:ff:e2:a8:29:cd:5b:16:7c:47:
                    91:cc:4c:73:da:e2:c2:aa:db:b3:b5:37:e9:01:f0:
                    ec:cc:e5:d5:9d:38:26:25:d4:fa:01:16:72:84:56:
                    76:30:84:f2:46:e9:1b:23:4f:87:7c:dc:c9:a8:ac:
                    7a:6c:b9:f8:1d:5d:ff:c3:20:40:fe:b7:58:5e:bd:
                    b6:df:a8:66:86:f7:70:f8:87:0b:68:40:c3:10:55:
                    47:41:17:e2:f9:4f:0f:51:10:a2:6e:e2:15:1e:5a:
                    59:f0:7e:86:0a:a6:12:49:50:8b:f5:7b:7c:73:82:
                    a2:d2:d5:10:0e:5a:07:1f:16:69:88:44:c5:ec:df:
                    ca:b0:69:9d:95:69:50:65:a2:bd:4f:5a:16:a0:44:
                    b6:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:BD:8D:3C:2B:FA:65:80:50:39:22:30:B6:21:BA:8F:8B:FC:C3:76
            X509v3 Authority Key Identifier:
                keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:03:c6:38:68:db:25:dd:f2:78:91:f0:65:a4:2d:e3:75:94:
         9b:63:61:23:a4:d8:a3:3d:e7:ea:cd:8d:dd:35:46:d0:43:5f:
         91:bd:52:54:ed:9a:61:cb:44:65:34:e6:29:bf:c6:8b:76:a6:
         e1:c6:19:eb:06:9a:29:ea:a5:58:f0:dc:74:9c:a6:ce:60:a9:
         f7:73:b5:02:fc:dd:42:c5:61:90:e8:22:58:de:0c:1c:d3:19:
         c4:43:f3:37:7f:4f:15:20:de:12:c7:88:36:87:92:ba:fc:36:
         b3:6a:06:43:3c:13:e1:98:81:36:02:c8:f4:c8:02:1e:cd:b2:
         b3:af:a0:e5:d2:1a:b0:df:bf:c4:cb:df:06:a0:7a:13:bc:ec:
         52:68:a7:68:07:41:8c:2d:e9:26:1a:6a:e4:08:5d:94:77:a7:
         f2:6c:d3:e6:09:4f:ed:2e:cd:22:35:0a:f3:72:1d:71:0f:48:
         93:06:db:7f:d4:e4:02:18:5a:d3:09:cc:46:cd:b8:68:92:19:
         b2:e0:98:03:a0:f3:cf:73:3d:6c:4e:fc:ec:fd:26:8d:bb:72:
         af:18:37:dd:6f:88:de:68:af:28:49:e4:ac:0b:dd:db:d1:e3:
         df:90:9c:b6:77:c6:07:89:20:57:8d:0c:73:d6:c1:5d:50:66:
         4c:6b:b6:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92OR+2ihs1plCM3m5WSWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh
OTIxNTIwHhcNMjUxMDE5MTkwMTEzWhcNMjUxMDIwMTkwMTEzWjAzMTEwLwYDVQQD
EygzMWJkOGQzYzJiZmE2NTgwNTAzOTIyMzBiNjIxYmE4ZjhiZmNjMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA048sDjAAmLfYP/S1sIyE2LAWvSJP
59seDnLbG46A9avEYRoHPZ2Pnpv0WIgkXuN7lnzbtpo3D0gbJfPKt+ruF3p2g/zf
WRkMfN4lQeKYqfEHOrM69VmRb6Zuke89L2kJAUN3Vs7ZWH8wcVf9p8L/4qgpzVsW
fEeRzExz2uLCqtuztTfpAfDszOXVnTgmJdT6ARZyhFZ2MITyRukbI0+HfNzJqKx6
bLn4HV3/wyBA/rdYXr2236hmhvdw+IcLaEDDEFVHQRfi+U8PURCibuIVHlpZ8H6G
CqYSSVCL9Xt8c4Ki0tUQDloHHxZpiETF7N/KsGmdlWlQZaK9T1oWoES2zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDG9jTwr+mWAUDkiMLYhuo+L/MN2MB8GA1UdIwQY
MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It
YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz
LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATgPGOGjb
Jd3yeJHwZaQt43WUm2NhI6TYoz3n6s2N3TVG0ENfkb1SVO2aYctEZTTmKb/Gi3am
4cYZ6waaKeqlWPDcdJymzmCp93O1AvzdQsVhkOgiWN4MHNMZxEPzN39PFSDeEseI
NoeSuvw2s2oGQzwT4ZiBNgLI9MgCHs2ys6+g5dIasN+/xMvfBqB6E7zsUminaAdB
jC3pJhpq5AhdlHen8mzT5glP7S7NIjUK83IdcQ9Ikwbbf9TkAhha0wnMRs24aJIZ
suCYA6Dzz3M9bE787P0mjbtyrxg33W+I3mivKEnkrAvd29Hj35CctnfGB4kgV40M
c9bBXVBmTGu2zQ==
-----END CERTIFICATE-----