Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          1vkNB0Y5/KvjYBdRRt8+FL0uc8GdGUiH27ejrFZHIXc=
Subject key identifier:   A2:02:DC:D0:D0:EB:78:6E:E3:FB:5D:75:AE:08:9C:87:B7:DA:75:18
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       0199FAA0D82B971A6EA571069A7FFB262EC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0ED0
Signing time:             Sun 19 Oct 2025 04:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 04:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 04:01:09 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: jp4ziD+gkQqqs7rYtN54HxiBf0LGkv2mXOAD3l+yJiw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 04:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:a0:d8:2b:97:1a:6e:a5:71:06:9a:7f:fb:26:2e:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Oct 19 04:01:09 2025 GMT
            Not After : Oct 20 04:01:09 2025 GMT
        Subject: CN=a202dcd0d0eb786ee3fb5d75ae089c87b7da7518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:c6:1e:6d:df:1d:34:51:89:ea:76:a0:05:48:
                    40:70:46:5e:09:7c:10:2a:c3:e9:c9:53:a7:dc:5c:
                    ae:46:e8:ea:6f:0d:aa:34:42:a9:d9:36:22:59:f7:
                    7e:ea:40:f6:91:3d:ff:b9:8e:12:69:f1:a2:0a:58:
                    65:c1:18:5a:2d:5a:20:71:55:6e:ee:ba:1e:0b:59:
                    20:2a:c6:73:23:9b:33:b5:44:84:87:c9:24:15:68:
                    cc:95:f3:e8:9a:0d:95:5d:84:79:14:67:de:40:4f:
                    32:c2:ec:be:90:19:c3:72:68:d8:d3:4b:3c:64:c2:
                    ab:d5:7a:a8:a2:29:6e:18:47:82:cd:45:47:e6:7c:
                    11:dc:46:00:ac:97:7e:92:a1:66:72:97:04:9d:55:
                    f5:5e:dc:46:23:16:84:1f:a2:c9:84:f0:73:94:8d:
                    50:b2:2a:9f:4c:e9:ec:44:83:42:fb:9b:af:42:cd:
                    b4:0b:eb:ba:cb:16:eb:36:84:83:94:d7:2f:52:b8:
                    3f:b9:cf:ab:72:d7:65:7c:3d:81:27:62:6e:d7:16:
                    bb:d8:aa:a9:f7:69:9e:32:49:0c:9b:55:72:d0:8d:
                    ca:fa:cf:ae:0e:d0:3c:65:38:5d:bb:71:79:a8:4d:
                    a9:47:d6:f0:e1:ec:7e:05:dd:7a:4f:d7:e7:0b:fb:
                    23:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:02:DC:D0:D0:EB:78:6E:E3:FB:5D:75:AE:08:9C:87:B7:DA:75:18
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:68:da:d4:11:67:fa:8e:91:0d:5a:56:cb:14:9e:d4:3b:77:
         77:86:20:15:19:8a:00:b7:80:84:1b:2a:6f:ac:ac:58:e0:3b:
         40:b3:08:51:9f:8b:07:ca:95:34:a3:fb:f1:ef:ef:ad:fa:5c:
         fa:6f:89:fd:d8:d1:a9:37:31:e8:0d:52:e5:99:9d:ae:39:5e:
         91:ca:67:3f:d9:a2:b1:44:8c:52:46:17:82:c0:ec:7e:a7:6f:
         a2:e5:0e:de:8c:25:11:c9:c5:01:be:b0:35:77:c0:92:43:6c:
         43:d2:23:1c:03:c1:45:4a:12:7c:db:3f:3d:8d:2e:54:1d:f4:
         fe:2d:6f:65:c2:d8:6f:6b:63:35:39:88:51:01:c5:c8:6c:fb:
         e4:86:d4:32:b2:4f:f0:7d:25:eb:23:a3:10:ea:bb:f0:82:82:
         b0:c5:63:8e:54:f3:f0:54:a5:05:a2:13:d8:03:57:78:0b:30:
         b4:d6:5f:15:7a:6d:bc:51:e3:59:91:d1:91:cf:25:50:74:30:
         9d:e9:10:ac:fe:55:71:d5:f8:b5:4a:8f:3b:6a:27:1c:0e:0a:
         6c:76:28:08:aa:cd:c2:96:9e:db:8f:18:36:b2:f4:02:50:d0:
         82:2e:0e:d0:09:21:f4:f4:bb:50:bc:97:dd:e1:ae:ad:ba:6e:
         20:be:3b:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oNgrlxpupXEGmn/7Ji7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjUxMDE5MDQwMTA5WhcNMjUxMDIwMDQwMTA5WjAzMTEwLwYDVQQD
EyhhMjAyZGNkMGQwZWI3ODZlZTNmYjVkNzVhZTA4OWM4N2I3ZGE3NTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8Yebd8dNFGJ6nagBUhAcEZeCXwQ
KsPpyVOn3FyuRujqbw2qNEKp2TYiWfd+6kD2kT3/uY4SafGiClhlwRhaLVogcVVu
7roeC1kgKsZzI5sztUSEh8kkFWjMlfPomg2VXYR5FGfeQE8ywuy+kBnDcmjY00s8
ZMKr1XqooiluGEeCzUVH5nwR3EYArJd+kqFmcpcEnVX1XtxGIxaEH6LJhPBzlI1Q
siqfTOnsRINC+5uvQs20C+u6yxbrNoSDlNcvUrg/uc+rctdlfD2BJ2Ju1xa72Kqp
92meMkkMm1Vy0I3K+s+uDtA8ZThdu3F5qE2pR9bw4ex+Bd16T9fnC/sj8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKIC3NDQ63hu4/tdda4InIe32nUYMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMWja1BFn
+o6RDVpWyxSe1Dt3d4YgFRmKALeAhBsqb6ysWOA7QLMIUZ+LB8qVNKP78e/vrfpc
+m+J/djRqTcx6A1S5ZmdrjlekcpnP9misUSMUkYXgsDsfqdvouUO3owlEcnFAb6w
NXfAkkNsQ9IjHAPBRUoSfNs/PY0uVB30/i1vZcLYb2tjNTmIUQHFyGz75IbUMrJP
8H0l6yOjEOq78IKCsMVjjlTz8FSlBaIT2ANXeAswtNZfFXptvFHjWZHRkc8lUHQw
nekQrP5VcdX4tUqPO2onHA4KbHYoCKrNwpae248YNrL0AlDQgi4O0Akh9PS7ULyX
3eGurbpuIL47+g==
-----END CERTIFICATE-----