Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
File:                     3D56OUu_G77Efz-7aaGJ-KOx0FY.mft (raw, json)
Hash identifier:          6y+6q2iGY/2XQExF6QMINjGt8B8WsjWHxwDoj7C/494=
Subject key identifier:   29:B9:3F:6C:CF:1B:49:22:21:7F:F7:C2:C2:9A:B7:EC:5A:9C:44:51
Authority key identifier: DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56
Certificate issuer:       /CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
Certificate serial:       0199FBB36C9656B5A4D0A8692FB4BE160ADB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
Manifest number:          098D
Signing time:             Sun 19 Oct 2025 09:01:03 +0000
Manifest this update:     Sun 19 Oct 2025 09:01:03 +0000
Manifest next update:     Mon 20 Oct 2025 09:01:03 +0000
Files and hashes:         1: 3D56OUu_G77Efz-7aaGJ-KOx0FY.crl (hash: YUbU61YVbT96fKdUTkB5daiPnsN1uvBqggfm1IhKC5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 09:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:b3:6c:96:56:b5:a4:d0:a8:69:2f:b4:be:16:0a:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056
        Validity
            Not Before: Oct 19 09:01:03 2025 GMT
            Not After : Oct 20 09:01:03 2025 GMT
        Subject: CN=29b93f6ccf1b4922217ff7c2c29ab7ec5a9c4451
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:0c:5a:8f:bb:c0:63:31:5e:68:bb:eb:0a:5a:
                    d8:ad:da:8b:7e:e9:5d:ac:34:73:0c:c6:ad:2b:1f:
                    72:c5:55:be:34:18:f5:7e:7a:fe:9f:35:a5:a8:c5:
                    f5:51:c7:ed:e0:ec:d2:c9:4f:45:28:66:59:7c:ef:
                    97:b6:15:c9:ce:2e:9f:9a:c6:6e:cd:e4:f4:48:dd:
                    60:48:9d:c9:01:98:d4:74:a6:f5:34:fd:52:8b:57:
                    63:81:43:d9:9a:3c:55:c0:0b:90:66:ed:75:70:f9:
                    fd:35:a7:3b:53:c8:54:59:c0:21:05:99:3c:8b:ab:
                    19:69:92:d8:98:be:cc:80:39:fe:42:d7:ce:21:3c:
                    e2:3a:56:9e:2c:ce:22:39:0f:5f:5d:88:fa:0e:06:
                    1d:d9:9e:89:b9:71:ad:71:38:d8:68:98:b3:fe:b7:
                    ba:c2:10:12:0b:9f:c1:ad:12:82:87:7e:59:17:fc:
                    05:96:d2:02:b0:ed:15:1f:ab:58:fe:65:4c:41:63:
                    52:eb:a3:05:e3:b0:87:2e:d0:de:60:ab:f1:bb:02:
                    4f:9f:ec:04:bb:6c:0c:d5:db:8a:c2:8b:a8:5f:61:
                    9f:af:f9:45:fa:2d:65:7f:f2:c3:c9:8f:e3:82:2e:
                    3f:ec:b3:7a:f5:ec:32:58:cf:23:ef:13:7f:ab:09:
                    55:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:B9:3F:6C:CF:1B:49:22:21:7F:F7:C2:C2:9A:B7:EC:5A:9C:44:51
            X509v3 Authority Key Identifier:
                keyid:DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:19:b2:21:79:af:13:54:6c:e2:10:d5:42:69:9b:a7:2a:fd:
         6d:34:a6:d0:42:9c:50:01:d8:e4:4f:1c:9a:76:cc:bd:02:cc:
         70:4c:f5:e5:0d:22:26:fa:50:b4:66:84:42:bb:35:d2:90:f4:
         e3:ac:4b:52:9e:80:e5:c9:08:0e:3b:4e:b2:a2:6a:39:95:ac:
         f6:c2:dd:b6:c6:12:3a:97:9c:1d:bf:0a:9e:f9:08:4f:35:ce:
         0c:f1:61:fa:6e:ab:e0:f5:19:10:76:81:0a:4a:f5:13:56:f3:
         de:2e:b3:7d:00:37:eb:4f:4e:e8:01:a8:6f:73:ed:84:fb:b2:
         ed:7d:92:17:11:be:c7:77:5a:3b:66:a9:be:67:9a:f0:9a:6b:
         58:f7:36:9f:96:04:61:61:20:7e:20:1b:81:42:3d:09:d7:ff:
         cd:3e:ac:71:53:ed:63:d1:9a:5d:62:3f:c2:04:61:24:07:60:
         9b:fc:c3:7c:b0:09:5d:0a:bb:1d:f7:6c:e2:9a:99:b8:23:31:
         44:b4:52:bb:65:50:f1:96:66:c5:93:76:bf:19:4a:ff:9b:ef:
         7f:f6:47:a3:5d:b2:9e:77:5d:91:04:f7:6c:65:bd:e3:3d:6e:
         2a:58:a1:c6:64:5e:df:5b:c8:81:55:22:5d:73:f6:0d:93:07:
         36:3e:00:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7s2yWVrWk0KhpL7S+FgrbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjM2U3YTM5NGJiZjFiYmVjNDdmM2ZiYjY5YTE4OWY4YTNi
MWQwNTYwHhcNMjUxMDE5MDkwMTAzWhcNMjUxMDIwMDkwMTAzWjAzMTEwLwYDVQQD
EygyOWI5M2Y2Y2NmMWI0OTIyMjE3ZmY3YzJjMjlhYjdlYzVhOWM0NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgxaj7vAYzFeaLvrClrYrdqLfuld
rDRzDMatKx9yxVW+NBj1fnr+nzWlqMX1Ucft4OzSyU9FKGZZfO+XthXJzi6fmsZu
zeT0SN1gSJ3JAZjUdKb1NP1Si1djgUPZmjxVwAuQZu11cPn9Nac7U8hUWcAhBZk8
i6sZaZLYmL7MgDn+QtfOITziOlaeLM4iOQ9fXYj6DgYd2Z6JuXGtcTjYaJiz/re6
whASC5/BrRKCh35ZF/wFltICsO0VH6tY/mVMQWNS66MF47CHLtDeYKvxuwJPn+wE
u2wM1duKwouoX2Gfr/lF+i1lf/LDyY/jgi4/7LN69ewyWM8j7xN/qwlVhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCm5P2zPG0kiIX/3wsKat+xanERRMB8GA1UdIwQY
MBaAFNw+ejlLvxu+xH8/u2mhifijsdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2It
NDRiMjFhOGJlYmZkLzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2ItNDRiMjFhOGJlYmZk
LzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWRmyIXmv
E1Rs4hDVQmmbpyr9bTSm0EKcUAHY5E8cmnbMvQLMcEz15Q0iJvpQtGaEQrs10pD0
46xLUp6A5ckIDjtOsqJqOZWs9sLdtsYSOpecHb8KnvkITzXODPFh+m6r4PUZEHaB
Ckr1E1bz3i6zfQA3609O6AGob3PthPuy7X2SFxG+x3daO2apvmea8JprWPc2n5YE
YWEgfiAbgUI9Cdf/zT6scVPtY9GaXWI/wgRhJAdgm/zDfLAJXQq7Hfds4pqZuCMx
RLRSu2VQ8ZZmxZN2vxlK/5vvf/ZHo12ynnddkQT3bGW94z1uKlihxmRe31vIgVUi
XXP2DZMHNj4AMA==
-----END CERTIFICATE-----