Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          brNmi5aJyp5qAdVM17ne2ajVi4yBo3uGE2nEf6Uu7PQ=
Subject key identifier:   67:62:80:F2:F2:68:92:38:AC:6B:33:5C:5E:97:58:84:BB:08:45:82
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       0199FC59151A3AA92BD57CBE844699091257
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0E8D
Signing time:             Sun 19 Oct 2025 12:02:00 +0000
Manifest this update:     Sun 19 Oct 2025 12:02:00 +0000
Manifest next update:     Mon 20 Oct 2025 12:02:00 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: +TCsIxix8ve0wTV9/dEsjwRtd/Slt75Mw3GnBEKPGqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:59:15:1a:3a:a9:2b:d5:7c:be:84:46:99:09:12:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Oct 19 12:02:00 2025 GMT
            Not After : Oct 20 12:02:00 2025 GMT
        Subject: CN=676280f2f2689238ac6b335c5e975884bb084582
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:e3:90:d1:ac:f1:0d:fb:65:b2:64:19:52:87:
                    19:92:92:b1:28:55:f5:02:9e:aa:36:eb:df:80:21:
                    8e:31:d1:d2:1f:d6:ff:be:1f:d7:68:38:2f:ae:3d:
                    14:05:23:75:6d:b4:e5:72:db:b7:8b:2b:d7:b4:da:
                    a1:a1:6c:31:b7:1c:8d:c0:0c:50:80:10:34:ae:f5:
                    a0:65:a1:22:fc:95:8b:70:50:27:7b:96:e7:6f:2c:
                    8e:6a:43:37:b7:24:67:f5:5f:c5:35:a0:09:b6:5f:
                    0e:f9:01:74:79:2f:d1:c3:97:92:35:e6:b1:7d:ec:
                    37:b0:55:98:6c:08:8c:de:59:55:58:65:af:3c:44:
                    e4:81:7e:6a:b8:8a:7d:e6:25:ea:29:87:a1:36:87:
                    51:66:ec:b7:21:6d:bb:17:40:99:ff:de:82:cb:dc:
                    3a:c8:ed:b1:86:cf:fb:4b:7e:c9:14:1d:3e:61:e5:
                    a6:3b:da:51:75:4f:8f:e3:6f:17:12:ed:85:f8:8a:
                    97:8d:37:39:53:6e:74:0c:e0:fd:de:96:cd:2c:3e:
                    3d:ef:e7:f2:53:90:87:f9:a9:c2:5c:8d:fe:49:f8:
                    30:dd:a0:ed:41:b2:43:14:a9:33:1e:8e:d2:47:ba:
                    c5:5d:36:5c:3d:08:94:9d:4f:a5:3e:5b:ec:3f:6b:
                    df:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:62:80:F2:F2:68:92:38:AC:6B:33:5C:5E:97:58:84:BB:08:45:82
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:43:15:2e:38:ab:56:83:35:94:ed:f6:09:7d:1d:3d:7e:ec:
         08:29:5e:f6:9b:8c:4c:3b:4d:83:00:c4:38:34:9c:5a:e5:4e:
         c7:48:d9:37:d5:d6:d1:30:5e:cc:0a:31:1f:00:6f:04:73:c6:
         7d:2d:0f:32:55:ef:b0:73:20:6a:cb:cf:b7:40:f9:af:f4:2e:
         cb:19:6e:31:98:07:08:63:d9:a7:e6:5f:c4:a5:8e:54:64:2d:
         e5:47:3a:7e:f2:c2:51:c4:9c:03:7f:3c:1d:4a:42:db:04:ea:
         7e:e2:83:42:53:50:95:60:81:d9:9c:14:0b:84:f5:86:df:65:
         96:07:38:59:c6:4c:22:48:81:41:a5:79:04:8f:c7:37:bb:b2:
         31:c6:0a:0e:fb:5c:1a:df:7d:5f:38:4a:7a:38:ed:20:35:29:
         07:21:65:50:ea:f3:b4:96:0b:48:06:69:9a:c9:f4:0e:29:59:
         43:5c:6b:6a:e3:a0:23:ae:ec:ea:69:04:ee:bf:98:d0:bf:fd:
         ec:d2:6f:a6:39:7f:95:2f:a2:97:40:dd:ce:54:ad:14:e3:d8:
         6d:5f:8e:ec:9c:3d:29:05:e1:fc:dd:b3:4f:77:e6:05:c7:d3:
         a1:0e:82:d4:97:ab:90:2b:56:d4:37:ac:2e:18:2d:0e:1d:d1:
         d7:82:43:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WRUaOqkr1Xy+hEaZCRJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjUxMDE5MTIwMjAwWhcNMjUxMDIwMTIwMjAwWjAzMTEwLwYDVQQD
Eyg2NzYyODBmMmYyNjg5MjM4YWM2YjMzNWM1ZTk3NTg4NGJiMDg0NTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OOQ0azxDftlsmQZUocZkpKxKFX1
Ap6qNuvfgCGOMdHSH9b/vh/XaDgvrj0UBSN1bbTlctu3iyvXtNqhoWwxtxyNwAxQ
gBA0rvWgZaEi/JWLcFAne5bnbyyOakM3tyRn9V/FNaAJtl8O+QF0eS/Rw5eSNeax
few3sFWYbAiM3llVWGWvPETkgX5quIp95iXqKYehNodRZuy3IW27F0CZ/96Cy9w6
yO2xhs/7S37JFB0+YeWmO9pRdU+P428XEu2F+IqXjTc5U250DOD93pbNLD497+fy
U5CH+anCXI3+Sfgw3aDtQbJDFKkzHo7SR7rFXTZcPQiUnU+lPlvsP2vfvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdigPLyaJI4rGszXF6XWIS7CEWCMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiUMVLjir
VoM1lO32CX0dPX7sCCle9puMTDtNgwDEODScWuVOx0jZN9XW0TBezAoxHwBvBHPG
fS0PMlXvsHMgasvPt0D5r/QuyxluMZgHCGPZp+ZfxKWOVGQt5Uc6fvLCUcScA388
HUpC2wTqfuKDQlNQlWCB2ZwUC4T1ht9llgc4WcZMIkiBQaV5BI/HN7uyMcYKDvtc
Gt99XzhKejjtIDUpByFlUOrztJYLSAZpmsn0DilZQ1xrauOgI67s6mkE7r+Y0L/9
7NJvpjl/lS+il0DdzlStFOPYbV+O7Jw9KQXh/N2zT3fmBcfToQ6C1JerkCtW1Des
LhgtDh3R14JDvg==
-----END CERTIFICATE-----