Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
File:                     3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json)
Hash identifier:          YErH50HUfNDR2KTa2AMDVU5ikShK7OVXY7G4Pvi6jmU=
Subject key identifier:   03:BB:5F:E8:CF:20:E9:76:C5:0B:3D:2D:A4:92:CE:65:E7:90:74:87
Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04
Certificate issuer:       /CN=dc88945c8867a7262ba379b3a69840091a4f1904
Certificate serial:       0199FC8F627AF3A59711DE2338E690C2BCF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
Manifest number:          0AB4
Signing time:             Sun 19 Oct 2025 13:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:19 +0000
Files and hashes:         1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: c4uupHrWP2oMixZ5m99CJC6s+M0xoONdc7n82fKCY5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:62:7a:f3:a5:97:11:de:23:38:e6:90:c2:bc:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904
        Validity
            Not Before: Oct 19 13:01:19 2025 GMT
            Not After : Oct 20 13:01:19 2025 GMT
        Subject: CN=03bb5fe8cf20e976c50b3d2da492ce65e7907487
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:2d:d1:9f:cb:da:46:4c:64:37:60:a6:0b:ee:
                    db:1d:55:4c:de:ec:aa:52:95:2d:1c:f7:f6:9d:ab:
                    d1:09:28:c6:bf:77:c1:64:75:d4:d1:b9:c0:f4:e5:
                    58:a9:db:6b:a3:be:69:93:e5:a8:1c:0a:f4:f1:92:
                    10:b9:5d:00:01:9b:c2:8a:f3:e3:39:f3:42:0a:38:
                    0f:f1:8b:0f:6d:7d:86:85:0d:4a:50:65:e1:4d:c9:
                    4f:3b:72:60:27:cd:e4:43:e7:45:70:d0:ba:5d:84:
                    6c:1e:0d:06:94:4a:01:a2:b8:8a:ab:2d:9c:21:5f:
                    14:69:c7:3d:f5:35:17:4f:d3:e1:63:ae:8f:b8:5a:
                    5a:d4:de:88:8a:04:dd:3f:5e:05:e3:7e:7e:19:c2:
                    f8:c8:c5:ff:3c:5d:69:03:9b:ff:c4:84:29:0e:b8:
                    40:9b:93:4d:f2:f8:86:6e:c8:b4:b9:92:40:71:f0:
                    c5:b2:f1:01:18:4a:31:6a:e6:4d:70:3a:82:77:6a:
                    05:ca:f0:6e:50:ce:40:b3:5b:3f:71:c4:d9:4d:14:
                    fa:e3:4d:70:f1:18:14:f3:42:6d:7b:56:7b:d6:12:
                    02:bd:bf:18:d3:b6:8c:e7:40:27:d0:6c:8f:e2:8b:
                    df:df:65:22:a2:d4:88:7d:94:1a:d0:ed:4c:2e:8d:
                    97:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:BB:5F:E8:CF:20:E9:76:C5:0B:3D:2D:A4:92:CE:65:E7:90:74:87
            X509v3 Authority Key Identifier:
                keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:3c:be:76:df:6b:6b:89:05:0a:62:99:49:eb:9d:81:4d:aa:
         d9:1a:cd:55:6a:de:5b:58:ae:17:5c:33:cb:bb:63:d4:9f:ae:
         d6:cd:77:74:67:23:1d:3b:24:72:75:d5:4f:b7:28:ad:42:e5:
         76:da:d4:e2:be:46:98:e9:49:9d:bf:ff:48:85:01:fd:25:a8:
         19:6b:08:47:bc:56:91:a9:5f:e7:b0:63:24:26:89:be:95:dc:
         e8:51:ec:a5:a9:f2:16:16:a7:d5:a4:be:94:95:9f:22:ee:35:
         a8:00:91:5b:94:39:b3:80:3c:3a:f2:b2:4a:73:cb:87:fe:4f:
         30:20:3b:8c:3a:40:26:53:0b:2a:bf:61:a3:27:1f:c0:f2:d2:
         22:7e:76:8d:54:65:10:cb:29:60:ba:9a:1f:a0:91:74:68:5a:
         e1:e7:09:e7:29:23:05:ed:12:14:7c:91:92:51:b6:29:6d:f3:
         3c:f2:0f:d0:73:c4:d9:16:2b:c8:98:7f:e7:18:88:c2:2f:85:
         be:8a:af:1b:1c:b1:53:e9:d2:8f:55:c4:53:f9:51:18:09:8c:
         4c:cd:8a:6b:32:3f:4f:22:87:3d:bb:72:ef:9a:dc:57:07:2e:
         5d:4d:c0:01:9e:e7:ec:98:5e:0a:7e:00:fe:a1:08:7e:a9:f3:
         a0:25:b5:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j2J686WXEd4jOOaQwrz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0
ZjE5MDQwHhcNMjUxMDE5MTMwMTE5WhcNMjUxMDIwMTMwMTE5WjAzMTEwLwYDVQQD
EygwM2JiNWZlOGNmMjBlOTc2YzUwYjNkMmRhNDkyY2U2NWU3OTA3NDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS3Rn8vaRkxkN2CmC+7bHVVM3uyq
UpUtHPf2navRCSjGv3fBZHXU0bnA9OVYqdtro75pk+WoHAr08ZIQuV0AAZvCivPj
OfNCCjgP8YsPbX2GhQ1KUGXhTclPO3JgJ83kQ+dFcNC6XYRsHg0GlEoBoriKqy2c
IV8Uacc99TUXT9PhY66PuFpa1N6IigTdP14F435+GcL4yMX/PF1pA5v/xIQpDrhA
m5NN8viGbsi0uZJAcfDFsvEBGEoxauZNcDqCd2oFyvBuUM5As1s/ccTZTRT6401w
8RgU80Jte1Z71hICvb8Y07aM50An0GyP4ovf32UiotSIfZQa0O1MLo2X7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAO7X+jPIOl2xQs9LaSSzmXnkHSHMB8GA1UdIwQY
MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et
OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj
LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhjy+dt9r
a4kFCmKZSeudgU2q2RrNVWreW1iuF1wzy7tj1J+u1s13dGcjHTskcnXVT7corULl
dtrU4r5GmOlJnb//SIUB/SWoGWsIR7xWkalf57BjJCaJvpXc6FHspanyFhan1aS+
lJWfIu41qACRW5Q5s4A8OvKySnPLh/5PMCA7jDpAJlMLKr9hoycfwPLSIn52jVRl
EMspYLqaH6CRdGha4ecJ5ykjBe0SFHyRklG2KW3zPPIP0HPE2RYryJh/5xiIwi+F
voqvGxyxU+nSj1XEU/lRGAmMTM2KazI/TyKHPbty75rcVwcuXU3AAZ7n7JheCn4A
/qEIfqnzoCW16g==
-----END CERTIFICATE-----