Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
File:                     3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft (raw, json)
Hash identifier:          ocBycbFZrGs5S3nskBoFP0bdUX/WS+QjSY/mdQ/5ZR8=
Subject key identifier:   30:BE:6D:58:B0:F7:49:25:51:35:5B:70:E7:AF:C0:0F:0F:0F:76:FB
Authority key identifier: DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D
Certificate issuer:       /CN=dd70c5f09b62683292fd9109e694713590281f8d
Certificate serial:       0199FC8F528926772CBC32BF88790749608B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 13:01:15 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:15 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:15 +0000
Files and hashes:         1: 3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl (hash: q5lk6l3Cb8t+VYRLTWm+39QP0biknMfzdgKQOF9sXL4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:52:89:26:77:2c:bc:32:bf:88:79:07:49:60:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd70c5f09b62683292fd9109e694713590281f8d
        Validity
            Not Before: Oct 19 13:01:15 2025 GMT
            Not After : Oct 20 13:01:15 2025 GMT
        Subject: CN=30be6d58b0f7492551355b70e7afc00f0f0f76fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6b:76:f1:6e:c4:50:ed:0e:d4:46:e4:cc:4a:
                    0b:e3:8a:a5:0c:d8:dc:59:7b:9a:cb:98:a2:6c:01:
                    cc:07:f4:f0:a0:50:7e:88:5b:40:5e:1a:8c:9f:74:
                    1c:83:9a:74:3c:47:5d:20:e4:33:35:0f:55:62:88:
                    4c:9d:fc:d6:48:39:52:5d:cc:37:a7:ec:f0:0d:64:
                    a8:95:9b:d6:e6:35:bf:2f:8e:83:d8:13:15:7a:be:
                    06:39:c9:25:68:ca:a8:a8:d7:43:07:13:bc:5b:17:
                    65:bd:25:e9:c1:94:c7:ac:89:9e:3c:70:18:8c:6c:
                    a2:ac:2b:89:33:cd:7f:0d:95:7c:40:51:c0:ba:55:
                    2b:61:0a:9d:38:9c:8a:47:8b:0b:26:62:0a:3c:67:
                    2a:0b:b0:42:0f:d4:ba:1f:e8:de:4f:00:a5:ef:ac:
                    e7:17:98:5b:8d:5e:d6:cd:9f:8a:70:fd:65:82:74:
                    87:87:11:37:c5:34:36:8e:b7:a8:85:b3:c7:8e:6d:
                    a9:b3:0b:d0:fd:94:2a:57:f9:13:75:01:9a:ce:68:
                    41:63:b9:7e:f2:42:5b:07:d2:88:46:1d:14:ce:7e:
                    ce:fd:ae:af:f7:4c:3e:3a:e9:c5:a3:65:30:10:8e:
                    b3:0c:e4:98:59:9b:56:b2:9f:fe:c3:a3:aa:b6:49:
                    b0:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:BE:6D:58:B0:F7:49:25:51:35:5B:70:E7:AF:C0:0F:0F:0F:76:FB
            X509v3 Authority Key Identifier:
                keyid:DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:fb:5c:e7:bf:8b:f4:71:00:4b:5c:9c:55:44:97:51:6a:e5:
         21:72:31:2b:7d:b2:92:f4:75:0b:a7:c0:b5:eb:7e:e5:4b:3c:
         4f:51:20:20:46:90:8c:ae:18:1d:57:64:14:fc:0a:54:64:73:
         c2:14:02:0c:f0:9a:c5:58:c5:4c:01:9b:cd:78:37:51:e8:33:
         28:5b:03:40:04:55:79:a4:ae:28:09:8d:2b:fc:c4:73:09:9c:
         6a:50:28:54:20:de:cf:90:1f:e3:16:45:71:fe:aa:02:26:c7:
         c0:68:9d:48:76:28:06:5b:3e:5a:21:18:a7:f3:8b:0f:22:69:
         2d:59:9a:39:af:75:7f:ea:63:cc:0b:bb:d6:5d:09:d0:f2:cf:
         8c:4d:ee:c6:dc:f9:a4:e7:07:c6:5e:2e:b1:b5:a8:0d:f9:b4:
         2a:c2:79:44:c7:38:45:2e:1b:06:7b:30:62:d1:8b:70:79:ca:
         36:83:b9:02:e9:a2:e8:d4:3b:ce:bd:47:d4:b3:1b:67:97:68:
         c0:99:35:b0:00:e4:dd:10:38:d0:3b:4e:70:b9:b0:00:33:d2:
         fd:57:91:27:99:33:f7:0c:c9:12:ff:66:95:58:09:3f:e4:14:
         7e:75:36:97:1b:9b:7f:37:57:38:84:b9:eb:c6:bc:45:e6:83:
         ef:a2:db:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j1KJJncsvDK/iHkHSWCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzBjNWYwOWI2MjY4MzI5MmZkOTEwOWU2OTQ3MTM1OTAy
ODFmOGQwHhcNMjUxMDE5MTMwMTE1WhcNMjUxMDIwMTMwMTE1WjAzMTEwLwYDVQQD
EygzMGJlNmQ1OGIwZjc0OTI1NTEzNTViNzBlN2FmYzAwZjBmMGY3NmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmt28W7EUO0O1EbkzEoL44qlDNjc
WXuay5iibAHMB/TwoFB+iFtAXhqMn3Qcg5p0PEddIOQzNQ9VYohMnfzWSDlSXcw3
p+zwDWSolZvW5jW/L46D2BMVer4GOcklaMqoqNdDBxO8WxdlvSXpwZTHrImePHAY
jGyirCuJM81/DZV8QFHAulUrYQqdOJyKR4sLJmIKPGcqC7BCD9S6H+jeTwCl76zn
F5hbjV7WzZ+KcP1lgnSHhxE3xTQ2jreohbPHjm2pswvQ/ZQqV/kTdQGazmhBY7l+
8kJbB9KIRh0Uzn7O/a6v90w+OunFo2UwEI6zDOSYWZtWsp/+w6OqtkmwDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDC+bViw90klUTVbcOevwA8PD3b7MB8GA1UdIwQY
MBaAFN1wxfCbYmgykv2RCeaUcTWQKB+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMt
YTdmY2FiOWFhN2FhLzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMtYTdmY2FiOWFhN2Fh
LzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE/tc57+L
9HEAS1ycVUSXUWrlIXIxK32ykvR1C6fAtet+5Us8T1EgIEaQjK4YHVdkFPwKVGRz
whQCDPCaxVjFTAGbzXg3UegzKFsDQARVeaSuKAmNK/zEcwmcalAoVCDez5Af4xZF
cf6qAibHwGidSHYoBls+WiEYp/OLDyJpLVmaOa91f+pjzAu71l0J0PLPjE3uxtz5
pOcHxl4usbWoDfm0KsJ5RMc4RS4bBnswYtGLcHnKNoO5Aumi6NQ7zr1H1LMbZ5do
wJk1sADk3RA40DtOcLmwADPS/VeRJ5kz9wzJEv9mlVgJP+QUfnU2lxubfzdXOIS5
68a8ReaD76LbNA==
-----END CERTIFICATE-----