Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          PvH0cqBOltERBgL2+dlUdCsS6udnGdOPIdWqcz3jFp0=
Subject key identifier:   F0:76:1D:4A:56:A5:9C:59:58:95:AF:A6:9A:66:FE:AB:B9:51:6E:89
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       0199FE7D92ABF7FB10F737DDDE0C4F8CBECA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          0650
Signing time:             Sun 19 Oct 2025 22:01:06 +0000
Manifest this update:     Sun 19 Oct 2025 22:01:06 +0000
Manifest next update:     Mon 20 Oct 2025 22:01:06 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: JuG1g8DqhhzzmyKnSsWKg3Uw9bHpxNU7B6SrS0GehRQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:7d:92:ab:f7:fb:10:f7:37:dd:de:0c:4f:8c:be:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: Oct 19 22:01:06 2025 GMT
            Not After : Oct 20 22:01:06 2025 GMT
        Subject: CN=f0761d4a56a59c595895afa69a66feabb9516e89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:aa:2b:d1:ed:86:71:a0:0a:21:0e:2b:82:79:
                    62:bd:a8:9c:74:33:bf:47:d3:8f:65:c5:e6:96:9d:
                    30:9a:4e:ba:93:0a:88:92:05:4f:85:93:c9:df:9b:
                    7b:d1:c5:c0:43:e8:18:bb:6a:af:b9:58:0a:8d:b0:
                    2f:c1:14:95:60:ef:0b:84:aa:ca:15:39:17:95:f4:
                    22:ac:8f:2a:6b:ff:56:86:bd:3f:eb:ef:38:b9:4e:
                    c3:06:38:16:67:c2:d2:1a:c3:c4:2b:ec:5e:1d:cb:
                    a4:c4:0f:a3:d6:26:86:2d:f4:67:b3:1f:b9:78:20:
                    5d:85:f6:07:fb:05:11:ce:c1:c9:bc:de:88:48:7d:
                    6d:6c:ae:02:36:07:f8:e5:c2:79:ee:0a:8a:7c:ea:
                    96:7f:85:5a:40:1a:40:2e:71:05:cb:8a:80:ea:28:
                    cf:b3:bb:b2:ee:79:0f:12:5f:6d:76:a5:5f:55:64:
                    22:39:c6:0e:a4:a8:4f:d7:61:ec:24:9b:07:43:4b:
                    80:41:20:88:96:4f:d5:36:d2:a9:e6:ce:25:49:71:
                    5f:a3:8c:c2:b0:8e:40:5f:2a:85:67:a3:b0:a8:b2:
                    00:1b:17:27:45:dc:24:86:eb:41:ea:ff:26:50:13:
                    3a:c4:42:e5:f3:6e:6c:cb:bc:8d:99:96:c8:a5:45:
                    a7:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:76:1D:4A:56:A5:9C:59:58:95:AF:A6:9A:66:FE:AB:B9:51:6E:89
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:31:04:87:97:02:40:68:fd:e1:a0:25:4e:49:48:12:40:2a:
         d1:d0:ef:ba:96:f5:99:c4:36:cc:ac:2d:2c:1d:71:97:b3:38:
         21:96:c1:34:1c:76:7f:cf:77:26:bf:31:05:d9:fb:e3:c4:56:
         2c:12:f8:5f:16:e8:3a:7f:f1:99:7b:99:0e:cf:b0:a6:aa:fc:
         56:58:c1:ef:f1:a2:1d:f9:86:c5:ef:d1:a0:bc:7e:23:44:83:
         09:e2:fb:10:2b:52:83:61:ef:f3:3f:ae:93:d3:46:e1:bf:09:
         49:83:e9:f7:a0:5d:be:9b:c2:cd:da:aa:6e:55:07:38:57:75:
         1e:d7:cc:c3:94:ba:c0:a8:ce:8c:37:16:03:94:0a:ef:b2:6f:
         b4:09:c9:c3:57:e3:74:12:fa:39:89:79:20:8b:0c:7a:b1:e2:
         19:41:21:ae:ef:ac:24:b5:b4:65:44:0c:06:e8:14:ca:aa:0b:
         9d:bc:b9:46:2a:07:bf:64:70:c6:bf:dd:5b:bd:3a:46:f6:49:
         59:af:74:7e:3b:38:20:07:bc:74:23:c8:4b:d6:74:fd:e2:11:
         36:21:b1:a3:f5:eb:0a:8d:08:e5:00:58:07:53:47:fb:38:14:
         9d:a5:1a:67:4a:bf:78:60:dd:e3:e6:4a:6e:8c:5e:7e:54:da:
         a3:f9:a6:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fZKr9/sQ9zfd3gxPjL7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjUxMDE5MjIwMTA2WhcNMjUxMDIwMjIwMTA2WjAzMTEwLwYDVQQD
EyhmMDc2MWQ0YTU2YTU5YzU5NTg5NWFmYTY5YTY2ZmVhYmI5NTE2ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26or0e2GcaAKIQ4rgnlivaicdDO/
R9OPZcXmlp0wmk66kwqIkgVPhZPJ35t70cXAQ+gYu2qvuVgKjbAvwRSVYO8LhKrK
FTkXlfQirI8qa/9Whr0/6+84uU7DBjgWZ8LSGsPEK+xeHcukxA+j1iaGLfRnsx+5
eCBdhfYH+wURzsHJvN6ISH1tbK4CNgf45cJ57gqKfOqWf4VaQBpALnEFy4qA6ijP
s7uy7nkPEl9tdqVfVWQiOcYOpKhP12HsJJsHQ0uAQSCIlk/VNtKp5s4lSXFfo4zC
sI5AXyqFZ6OwqLIAGxcnRdwkhutB6v8mUBM6xELl825sy7yNmZbIpUWnuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPB2HUpWpZxZWJWvpppm/qu5UW6JMB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAajEEh5cC
QGj94aAlTklIEkAq0dDvupb1mcQ2zKwtLB1xl7M4IZbBNBx2f893Jr8xBdn748RW
LBL4XxboOn/xmXuZDs+wpqr8VljB7/GiHfmGxe/RoLx+I0SDCeL7ECtSg2Hv8z+u
k9NG4b8JSYPp96BdvpvCzdqqblUHOFd1HtfMw5S6wKjOjDcWA5QK77JvtAnJw1fj
dBL6OYl5IIsMerHiGUEhru+sJLW0ZUQMBugUyqoLnby5RioHv2Rwxr/dW706RvZJ
Wa90fjs4IAe8dCPIS9Z0/eIRNiGxo/XrCo0I5QBYB1NH+zgUnaUaZ0q/eGDd4+ZK
boxeflTao/mmhw==
-----END CERTIFICATE-----