Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          gccCB+83FINpabruiVF7ZODvtmoXax9LqysLYvPKD1c=
Subject key identifier:   2C:21:D2:F3:6D:67:64:77:2F:C7:E9:EA:55:6F:A0:63:24:41:79:33
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       0199FCC680CD21302E3C621C128D886EA769
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          041F
Signing time:             Sun 19 Oct 2025 14:01:31 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:31 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:31 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: +hFLeTlbp1PzAfij2jHAHRu4inDIt49txiPuDTEoyA8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:80:cd:21:30:2e:3c:62:1c:12:8d:88:6e:a7:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: Oct 19 14:01:31 2025 GMT
            Not After : Oct 20 14:01:31 2025 GMT
        Subject: CN=2c21d2f36d6764772fc7e9ea556fa06324417933
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:78:c3:f5:05:ec:4a:ab:12:12:48:1c:d1:8c:
                    52:c9:bf:2a:5d:7a:d3:10:a9:6e:7b:fe:80:5a:d2:
                    d4:57:5c:d6:8e:c3:10:83:64:0c:58:7a:bb:8c:9a:
                    70:42:63:e4:08:23:e6:36:e9:62:fc:0c:81:f7:88:
                    37:f2:9a:08:50:09:04:7f:9b:41:41:fa:50:cc:de:
                    64:86:3f:38:39:6d:03:20:e5:2a:ec:cb:3e:c5:85:
                    9d:c2:e8:ea:01:50:36:a9:4a:6b:ae:ab:e1:99:e1:
                    2b:4a:bf:9d:8a:38:9a:03:a2:11:20:31:ec:04:c6:
                    79:b9:c3:56:33:b0:c7:f0:1b:7f:d7:19:ea:1e:f3:
                    e5:93:56:71:ae:19:ed:b4:ac:92:d4:95:30:73:36:
                    ea:c4:24:53:17:a2:ad:1a:63:ee:cc:02:1a:fa:73:
                    27:9d:29:59:07:76:b9:99:e0:b9:02:47:3f:8e:0d:
                    df:de:be:26:8d:26:f6:7c:22:d3:20:35:98:2c:07:
                    ad:21:e6:6f:ca:2f:31:fa:49:1c:96:3c:8f:50:5d:
                    1d:63:a8:22:f5:50:c7:ff:fa:0e:e2:cf:f9:74:4e:
                    ff:61:82:ba:81:59:e6:f2:22:d1:f8:73:5b:19:e6:
                    46:7b:7d:ac:5c:8a:88:f8:c2:21:26:54:4e:7e:13:
                    48:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:21:D2:F3:6D:67:64:77:2F:C7:E9:EA:55:6F:A0:63:24:41:79:33
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:0b:fe:2e:f7:04:e4:26:e4:79:e7:a4:1f:98:81:a0:8e:f2:
         d0:03:e1:ed:0e:3c:23:aa:a0:42:e8:b0:72:6b:c3:85:ac:82:
         e2:73:d9:2d:63:ec:06:2f:30:17:c9:a5:92:7e:dd:69:aa:f0:
         6b:0f:f0:ba:91:a4:3f:f9:4b:9b:19:d3:c1:4d:37:d8:a8:b9:
         ce:5f:8c:46:eb:cd:2e:44:1b:c0:ba:10:8c:b5:f7:cd:c2:42:
         37:d3:2a:8a:99:8a:dd:82:6f:66:62:4c:61:19:cd:0f:f9:0a:
         8d:4e:1b:34:3c:31:6d:c6:5f:cd:39:da:36:31:71:5c:56:57:
         2e:b9:a9:91:75:4b:c8:ae:46:aa:62:3a:47:30:24:7b:da:76:
         b5:ea:d5:e6:9d:31:13:9f:c1:d7:c8:2d:e4:18:d4:2c:d6:a6:
         8d:9b:58:1d:68:1f:9d:03:d8:6c:33:01:2f:b8:c1:af:2c:05:
         48:b4:dd:8b:42:93:64:15:65:9f:35:34:8d:78:6f:b0:83:4a:
         9e:cd:67:80:ec:a3:e6:40:f4:9e:bd:c3:82:75:68:77:b6:79:
         84:f3:9e:08:31:d1:18:21:be:2b:02:14:6a:46:ca:00:c7:57:
         e8:1e:e6:09:d2:01:45:66:97:6f:ae:36:5f:eb:6a:1f:ed:58:
         a0:51:c2:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xoDNITAuPGIcEo2IbqdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjUxMDE5MTQwMTMxWhcNMjUxMDIwMTQwMTMxWjAzMTEwLwYDVQQD
EygyYzIxZDJmMzZkNjc2NDc3MmZjN2U5ZWE1NTZmYTA2MzI0NDE3OTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXjD9QXsSqsSEkgc0YxSyb8qXXrT
EKlue/6AWtLUV1zWjsMQg2QMWHq7jJpwQmPkCCPmNuli/AyB94g38poIUAkEf5tB
QfpQzN5khj84OW0DIOUq7Ms+xYWdwujqAVA2qUprrqvhmeErSr+dijiaA6IRIDHs
BMZ5ucNWM7DH8Bt/1xnqHvPlk1ZxrhnttKyS1JUwczbqxCRTF6KtGmPuzAIa+nMn
nSlZB3a5meC5Akc/jg3f3r4mjSb2fCLTIDWYLAetIeZvyi8x+kkcljyPUF0dY6gi
9VDH//oO4s/5dE7/YYK6gVnm8iLR+HNbGeZGe32sXIqI+MIhJlROfhNI3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwh0vNtZ2R3L8fp6lVvoGMkQXkzMB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUgv+LvcE
5CbkeeekH5iBoI7y0APh7Q48I6qgQuiwcmvDhayC4nPZLWPsBi8wF8mlkn7daarw
aw/wupGkP/lLmxnTwU032Ki5zl+MRuvNLkQbwLoQjLX3zcJCN9MqipmK3YJvZmJM
YRnND/kKjU4bNDwxbcZfzTnaNjFxXFZXLrmpkXVLyK5GqmI6RzAke9p2terV5p0x
E5/B18gt5BjULNamjZtYHWgfnQPYbDMBL7jBrywFSLTdi0KTZBVlnzU0jXhvsINK
ns1ngOyj5kD0nr3DgnVod7Z5hPOeCDHRGCG+KwIUakbKAMdX6B7mCdIBRWaXb642
X+tqH+1YoFHCMg==
-----END CERTIFICATE-----