Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/bffc72-bb6d-4998-a10b-6ff8c37db1a8/1/3DhEUAcx1V-JiN3phVnP7QswmrY.mft
File:                     3DhEUAcx1V-JiN3phVnP7QswmrY.mft (raw, json)
Hash identifier:          nkUdjJ3Hqu88j71JSHQWro1hx4GOB3aH226ufQZszbY=
Subject key identifier:   1F:A7:1F:36:10:A1:B3:78:24:CE:2A:2D:F4:EB:27:5D:41:D1:89:57
Authority key identifier: DC:38:44:50:07:31:D5:5F:89:88:DD:E9:85:59:CF:ED:0B:30:9A:B6
Certificate issuer:       /CN=dc3844500731d55f8988dde98559cfed0b309ab6
Certificate serial:       0199FF22E45DEEFE1F238EFFF10968B505F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DhEUAcx1V-JiN3phVnP7QswmrY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/bffc72-bb6d-4998-a10b-6ff8c37db1a8/1/3DhEUAcx1V-JiN3phVnP7QswmrY.mft
Manifest number:          01DF
Signing time:             Mon 20 Oct 2025 01:01:40 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:40 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:40 +0000
Files and hashes:         1: 3DhEUAcx1V-JiN3phVnP7QswmrY.crl (hash: Y9lKvdYk8d8dN7fuXnUhVJ87EJWhbCnabt0QJ++rKQw=)
                          2: 4YPbiAtEI4aIVwSYoOB9atG5l_o.roa (hash: 5G9M3UH6Px38TdWKWNsZTcUTomaq2supA1BUuPBFOUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/bffc72-bb6d-4998-a10b-6ff8c37db1a8/1/3DhEUAcx1V-JiN3phVnP7QswmrY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/bffc72-bb6d-4998-a10b-6ff8c37db1a8/1/3DhEUAcx1V-JiN3phVnP7QswmrY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DhEUAcx1V-JiN3phVnP7QswmrY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:e4:5d:ee:fe:1f:23:8e:ff:f1:09:68:b5:05:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc3844500731d55f8988dde98559cfed0b309ab6
        Validity
            Not Before: Oct 20 01:01:40 2025 GMT
            Not After : Oct 21 01:01:40 2025 GMT
        Subject: CN=1fa71f3610a1b37824ce2a2df4eb275d41d18957
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:84:f1:4a:76:44:92:62:fb:ce:c2:36:ed:1f:
                    fd:06:87:ca:25:1d:6f:28:63:6d:dd:56:0a:04:fa:
                    2a:91:7a:e4:31:96:62:48:83:2c:a7:60:2b:d7:2b:
                    de:69:8f:7c:c0:6f:aa:3c:15:4d:11:a7:b2:4c:2f:
                    02:36:82:90:f1:f7:0a:ee:31:fa:80:42:e5:b2:87:
                    d9:b8:74:9a:68:43:c0:b3:b8:cb:46:7d:52:22:8a:
                    bc:2c:08:eb:ea:0c:40:44:d3:f8:59:2c:73:a7:ca:
                    17:de:e2:a9:1b:e1:a8:f4:2e:96:f2:32:2d:05:90:
                    0a:4f:c7:af:b1:20:46:fe:ef:5b:a9:c2:3b:62:63:
                    bf:c9:b6:cf:f4:af:1a:9a:ca:3b:a0:c3:52:1d:e9:
                    21:d0:bc:ee:fe:35:78:5e:a8:e4:49:d5:4e:53:77:
                    74:0a:31:07:e5:fe:a5:27:82:65:40:85:1d:ee:4c:
                    60:81:e3:12:59:f2:67:e6:77:13:91:66:86:27:be:
                    ca:f5:90:51:f0:70:6f:57:76:cc:78:3b:0e:b1:86:
                    71:44:94:87:90:8c:b1:a5:16:c2:58:ac:c5:ef:9c:
                    cb:ea:46:78:6a:ca:13:4c:e5:6a:ce:05:f7:a4:1f:
                    08:ac:9e:07:7b:bf:a5:2e:0e:b5:bb:6c:d6:06:0b:
                    f6:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:A7:1F:36:10:A1:B3:78:24:CE:2A:2D:F4:EB:27:5D:41:D1:89:57
            X509v3 Authority Key Identifier:
                keyid:DC:38:44:50:07:31:D5:5F:89:88:DD:E9:85:59:CF:ED:0B:30:9A:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DhEUAcx1V-JiN3phVnP7QswmrY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/bffc72-bb6d-4998-a10b-6ff8c37db1a8/1/3DhEUAcx1V-JiN3phVnP7QswmrY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/bffc72-bb6d-4998-a10b-6ff8c37db1a8/1/3DhEUAcx1V-JiN3phVnP7QswmrY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:57:3d:ca:81:e7:0e:00:1e:0e:96:72:f3:29:a3:95:da:48:
         1d:04:47:77:63:35:f4:5a:27:c1:91:c8:35:1d:94:77:36:be:
         a8:bc:de:b2:43:f9:9c:ed:4f:6b:3f:9e:e6:18:79:4f:e3:df:
         00:b8:ce:d2:66:d7:13:2c:95:ef:38:e5:f7:c0:59:24:1f:d9:
         8b:7c:e2:4f:81:c0:c5:70:43:d9:35:74:e2:5d:40:20:e1:99:
         38:ea:66:90:fb:59:18:5d:47:db:de:59:8d:6f:42:0c:39:28:
         16:65:f5:3f:8d:7d:62:1c:6b:f4:a2:44:9a:98:a4:eb:cc:4d:
         ca:6c:5f:a5:2a:51:18:40:cd:9c:b6:5c:4f:7c:47:e4:e0:1c:
         fd:7a:7a:b7:c1:54:c1:04:73:59:8e:a4:53:ae:51:2f:6a:b5:
         a0:9f:62:29:2e:14:04:49:e5:8f:7e:10:6c:a3:ec:69:5b:af:
         c5:d6:08:34:56:47:d6:c9:6f:44:9a:5c:06:7d:52:55:ac:b4:
         4c:a3:8c:ac:d0:22:23:70:7e:70:5e:11:af:64:19:1f:e8:bd:
         9d:e6:26:1e:a7:d0:66:31:60:45:38:70:b5:dc:33:29:06:d0:
         55:2f:d1:a2:cd:b1:a9:7f:d4:ae:7b:96:fd:0c:77:b9:10:92:
         98:93:44:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IuRd7v4fI47/8QlotQXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzg0NDUwMDczMWQ1NWY4OTg4ZGRlOTg1NTljZmVkMGIz
MDlhYjYwHhcNMjUxMDIwMDEwMTQwWhcNMjUxMDIxMDEwMTQwWjAzMTEwLwYDVQQD
EygxZmE3MWYzNjEwYTFiMzc4MjRjZTJhMmRmNGViMjc1ZDQxZDE4OTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oTxSnZEkmL7zsI27R/9BofKJR1v
KGNt3VYKBPoqkXrkMZZiSIMsp2Ar1yveaY98wG+qPBVNEaeyTC8CNoKQ8fcK7jH6
gELlsofZuHSaaEPAs7jLRn1SIoq8LAjr6gxARNP4WSxzp8oX3uKpG+Go9C6W8jIt
BZAKT8evsSBG/u9bqcI7YmO/ybbP9K8amso7oMNSHekh0Lzu/jV4XqjkSdVOU3d0
CjEH5f6lJ4JlQIUd7kxggeMSWfJn5ncTkWaGJ77K9ZBR8HBvV3bMeDsOsYZxRJSH
kIyxpRbCWKzF75zL6kZ4asoTTOVqzgX3pB8IrJ4He7+lLg61u2zWBgv2bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+nHzYQobN4JM4qLfTrJ11B0YlXMB8GA1UdIwQY
MBaAFNw4RFAHMdVfiYjd6YVZz+0LMJq2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RoRVVBY3gxVi1KaU4zcGhWblA3UXN3bXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9iZmZjNzItYmI2ZC00OTk4LWExMGIt
NmZmOGMzN2RiMWE4LzEvM0RoRVVBY3gxVi1KaU4zcGhWblA3UXN3bXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9iZmZjNzItYmI2ZC00OTk4LWExMGItNmZmOGMzN2RiMWE4
LzEvM0RoRVVBY3gxVi1KaU4zcGhWblA3UXN3bXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIVc9yoHn
DgAeDpZy8ymjldpIHQRHd2M19FonwZHINR2Udza+qLzeskP5nO1Paz+e5hh5T+Pf
ALjO0mbXEyyV7zjl98BZJB/Zi3ziT4HAxXBD2TV04l1AIOGZOOpmkPtZGF1H295Z
jW9CDDkoFmX1P419Yhxr9KJEmpik68xNymxfpSpRGEDNnLZcT3xH5OAc/Xp6t8FU
wQRzWY6kU65RL2q1oJ9iKS4UBEnlj34QbKPsaVuvxdYINFZH1slvRJpcBn1SVay0
TKOMrNAiI3B+cF4Rr2QZH+i9neYmHqfQZjFgRThwtdwzKQbQVS/Ros2xqX/UrnuW
/Qx3uRCSmJNEXg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:32:51 2025 by rpki-client