Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          sIo9hbbCjOvH3MT7TRS7sJFoz8C20V/1cVe5MOmYa5I=
Subject key identifier:   4B:CB:66:B2:18:99:CB:50:F5:D9:90:29:4C:DA:F1:6B:D4:9F:78:19
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       0199FBEA93E59502861079C475362B10B69E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          0808
Signing time:             Sun 19 Oct 2025 10:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:18 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: 5svOA2RW3F6IfVm2gViE7nubtjH/qE5a70gJ/sY/e7k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:93:e5:95:02:86:10:79:c4:75:36:2b:10:b6:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: Oct 19 10:01:18 2025 GMT
            Not After : Oct 20 10:01:18 2025 GMT
        Subject: CN=4bcb66b21899cb50f5d990294cdaf16bd49f7819
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:69:28:7a:48:12:5e:94:d3:f1:25:87:11:59:
                    2c:82:75:c7:3d:6c:9a:6b:2b:a5:4c:eb:87:2a:e8:
                    d5:13:d0:3b:64:83:bf:47:22:11:cd:d6:81:15:36:
                    92:9f:c9:02:de:c1:ec:63:17:86:26:ba:dc:0a:c4:
                    b5:7a:48:f2:af:b9:af:96:15:7b:e7:44:42:ce:3a:
                    35:8c:1b:f1:55:23:27:ec:3f:01:5c:05:63:32:08:
                    63:4e:5e:eb:90:16:7e:37:5e:63:58:a6:11:08:a1:
                    db:0f:ef:f0:4c:5d:9d:9b:45:7b:6c:0f:ff:6a:34:
                    dd:35:f4:f4:cb:2f:f1:0c:43:0b:8b:a0:ec:07:8e:
                    4d:9e:df:57:6e:19:3a:74:96:3e:6e:50:d9:b7:7a:
                    df:9b:7e:e5:1c:bf:1b:43:7d:21:a4:8c:9b:aa:d2:
                    35:9b:e7:2d:17:19:5e:86:3b:00:52:80:ac:b6:f1:
                    a1:47:7f:b7:fb:a6:3c:76:9e:5f:26:d8:d2:8f:c3:
                    90:44:27:1a:71:10:15:46:e2:81:de:8c:cc:8d:0d:
                    a4:61:9f:ac:7f:65:c8:b0:41:d2:bf:b2:23:36:ff:
                    57:ed:b4:b7:36:90:aa:38:d2:66:b0:2b:96:2f:b4:
                    15:5c:c1:c3:1f:f9:e3:b9:cd:02:7e:3b:55:d5:3c:
                    50:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:CB:66:B2:18:99:CB:50:F5:D9:90:29:4C:DA:F1:6B:D4:9F:78:19
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:5a:47:1e:ad:b8:51:00:37:ed:72:bf:62:64:bd:c4:db:d1:
         11:d7:05:dc:50:6b:5c:32:d9:1b:19:23:91:88:4e:40:cd:a1:
         32:1f:d8:eb:1b:d6:c5:40:64:85:1c:bc:ef:46:85:b2:6f:fa:
         f7:09:d1:53:6a:a0:bd:24:79:c0:07:c4:31:6d:dd:f2:10:b6:
         c7:6f:39:05:17:eb:ee:b7:d1:f1:65:46:71:46:97:75:0c:16:
         8e:d9:5c:c7:b4:87:07:a2:26:89:19:6f:45:e6:0f:98:1e:59:
         4c:93:a3:f4:d5:31:45:0d:d4:57:83:a6:c4:47:c3:bf:37:8d:
         1b:37:d4:01:82:63:1a:63:96:1e:65:44:b7:35:06:59:1b:a5:
         2d:71:74:78:04:a3:f2:af:f0:18:4f:65:61:25:c3:70:83:1c:
         54:1c:78:f6:ea:5f:45:f6:49:ec:46:22:0d:f5:a7:fe:77:4e:
         e4:27:99:c0:d9:e8:1e:ce:f5:c4:a7:83:fc:ab:f7:eb:61:56:
         ef:91:e0:ec:e9:cc:be:a3:83:a3:7a:26:32:0e:1d:ac:c7:36:
         ea:06:27:5c:54:a3:fe:82:5d:20:97:b3:00:05:46:59:49:4f:
         79:b5:57:8a:c0:57:90:82:35:31:cf:fc:31:89:27:54:44:50:
         d5:a9:3b:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76pPllQKGEHnEdTYrELaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjUxMDE5MTAwMTE4WhcNMjUxMDIwMTAwMTE4WjAzMTEwLwYDVQQD
Eyg0YmNiNjZiMjE4OTljYjUwZjVkOTkwMjk0Y2RhZjE2YmQ0OWY3ODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGkoekgSXpTT8SWHEVksgnXHPWya
ayulTOuHKujVE9A7ZIO/RyIRzdaBFTaSn8kC3sHsYxeGJrrcCsS1ekjyr7mvlhV7
50RCzjo1jBvxVSMn7D8BXAVjMghjTl7rkBZ+N15jWKYRCKHbD+/wTF2dm0V7bA//
ajTdNfT0yy/xDEMLi6DsB45Nnt9Xbhk6dJY+blDZt3rfm37lHL8bQ30hpIybqtI1
m+ctFxlehjsAUoCstvGhR3+3+6Y8dp5fJtjSj8OQRCcacRAVRuKB3ozMjQ2kYZ+s
f2XIsEHSv7IjNv9X7bS3NpCqONJmsCuWL7QVXMHDH/njuc0CfjtV1TxQlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvLZrIYmctQ9dmQKUza8WvUn3gZMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFVpHHq24
UQA37XK/YmS9xNvREdcF3FBrXDLZGxkjkYhOQM2hMh/Y6xvWxUBkhRy870aFsm/6
9wnRU2qgvSR5wAfEMW3d8hC2x285BRfr7rfR8WVGcUaXdQwWjtlcx7SHB6ImiRlv
ReYPmB5ZTJOj9NUxRQ3UV4OmxEfDvzeNGzfUAYJjGmOWHmVEtzUGWRulLXF0eASj
8q/wGE9lYSXDcIMcVBx49upfRfZJ7EYiDfWn/ndO5CeZwNnoHs71xKeD/Kv362FW
75Hg7OnMvqODo3omMg4drMc26gYnXFSj/oJdIJezAAVGWUlPebVXisBXkII1Mc/8
MYknVERQ1ak7Rg==
-----END CERTIFICATE-----