Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
File:                     3XF0IQf16FBis-CuZa-kuuZw4Es.mft (raw, json)
Hash identifier:          rmmNR/vOtR3YGlMIQWMQ3NUWLQ3DvFEqMAxtojlrAOE=
Subject key identifier:   0F:2E:43:45:79:7D:A2:F3:3D:8E:38:26:F4:77:A2:A7:4B:AE:8D:8A
Authority key identifier: DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B
Certificate issuer:       /CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
Certificate serial:       0199FD3466A6E9568825EECDD4BB75B16971
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
Manifest number:          0563
Signing time:             Sun 19 Oct 2025 16:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:33 +0000
Files and hashes:         1: 3XF0IQf16FBis-CuZa-kuuZw4Es.crl (hash: TwhsNPDxe58ZBNZDje2JP2Paeev31oE5QUUQKekLBvE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:66:a6:e9:56:88:25:ee:cd:d4:bb:75:b1:69:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd71742107f5e85062b3e0ae65afa4bae670e04b
        Validity
            Not Before: Oct 19 16:01:33 2025 GMT
            Not After : Oct 20 16:01:33 2025 GMT
        Subject: CN=0f2e4345797da2f33d8e3826f477a2a74bae8d8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:9a:36:9c:47:4b:17:af:b0:96:8b:c5:d7:41:
                    63:2e:0c:ee:46:f7:97:be:a9:dd:be:47:a6:ac:c0:
                    16:be:79:ca:a4:3e:5e:a6:89:68:9e:bc:65:c7:37:
                    27:d1:07:f9:ed:3d:df:49:68:b0:3f:44:d6:55:69:
                    8f:88:19:f0:f7:3d:40:03:77:c2:41:bd:fe:a9:81:
                    2b:b5:36:17:4d:2f:99:70:fe:c4:b9:0b:64:ef:46:
                    47:f1:de:22:a4:32:1c:43:08:b5:81:4c:0f:e0:6d:
                    6b:07:91:e8:5d:cb:9d:7a:b1:b7:67:cd:a0:5e:98:
                    8f:be:5f:33:43:fb:89:d3:49:c9:51:61:d3:83:13:
                    33:62:4d:76:67:ee:23:df:88:4a:3b:94:9b:cf:18:
                    a2:03:d8:17:6b:5b:71:fb:5f:ef:2c:a4:d9:51:7f:
                    90:d4:23:cb:02:a8:16:d0:a3:9a:f4:b7:86:7f:e1:
                    38:eb:7c:4e:bc:d0:51:70:49:58:42:84:28:15:5d:
                    ed:60:09:37:1e:4c:21:02:72:05:93:2b:37:d6:a0:
                    06:07:d1:f4:61:78:e8:a8:da:10:71:90:11:ec:65:
                    e3:87:4d:43:5e:f6:05:83:65:e8:80:6f:9a:bb:79:
                    ee:ff:a9:1d:89:4f:53:a0:11:06:39:ac:af:2e:2f:
                    f0:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:2E:43:45:79:7D:A2:F3:3D:8E:38:26:F4:77:A2:A7:4B:AE:8D:8A
            X509v3 Authority Key Identifier:
                keyid:DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:96:12:eb:a2:24:d6:de:6b:e5:2d:60:62:48:06:84:1e:0d:
         5f:29:b2:6a:49:f6:30:f8:d8:5a:88:df:ef:6f:b8:44:d4:f0:
         cc:b7:64:63:e4:ab:74:80:7f:1d:ec:3a:7f:4c:3a:46:44:90:
         b7:0f:fd:1c:37:b4:10:be:a4:82:e0:16:68:db:43:70:e1:92:
         ae:9c:23:33:09:dd:c7:fe:57:0a:2b:66:53:27:fe:02:ad:57:
         e4:28:e4:81:eb:35:b9:04:79:1b:6c:ea:ec:81:65:c5:86:df:
         10:e4:d9:50:1d:a8:57:99:39:f4:f9:75:4e:aa:9f:84:78:f1:
         16:13:8a:5c:7e:ee:e5:4b:ef:84:f7:37:89:ce:df:d0:76:29:
         e0:0d:f2:67:8c:79:c3:47:bb:a5:77:24:24:d3:4f:cf:9b:f5:
         ff:9f:af:0a:66:3f:28:15:e8:e2:b4:80:b7:45:7a:cb:c9:01:
         44:5d:26:ec:e1:74:e5:42:4a:6f:d0:c9:85:c5:94:c8:33:5b:
         2a:05:90:e5:51:04:ec:2b:3f:70:be:65:b8:f4:79:d6:a8:0a:
         dc:b7:34:0f:b6:dd:c8:ea:af:ee:db:d2:06:f6:85:90:8c:0a:
         a1:6b:50:5b:4a:9f:a8:cf:c9:79:76:f6:00:7c:7c:db:ab:28:
         20:98:2d:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NGam6VaIJe7N1Lt1sWlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNzE3NDIxMDdmNWU4NTA2MmIzZTBhZTY1YWZhNGJhZTY3
MGUwNGIwHhcNMjUxMDE5MTYwMTMzWhcNMjUxMDIwMTYwMTMzWjAzMTEwLwYDVQQD
EygwZjJlNDM0NTc5N2RhMmYzM2Q4ZTM4MjZmNDc3YTJhNzRiYWU4ZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJo2nEdLF6+wlovF10FjLgzuRveX
vqndvkemrMAWvnnKpD5epolonrxlxzcn0Qf57T3fSWiwP0TWVWmPiBnw9z1AA3fC
Qb3+qYErtTYXTS+ZcP7EuQtk70ZH8d4ipDIcQwi1gUwP4G1rB5HoXcuderG3Z82g
XpiPvl8zQ/uJ00nJUWHTgxMzYk12Z+4j34hKO5SbzxiiA9gXa1tx+1/vLKTZUX+Q
1CPLAqgW0KOa9LeGf+E463xOvNBRcElYQoQoFV3tYAk3HkwhAnIFkys31qAGB9H0
YXjoqNoQcZAR7GXjh01DXvYFg2XogG+au3nu/6kdiU9ToBEGOayvLi/wSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8uQ0V5faLzPY44JvR3oqdLro2KMB8GA1UdIwQY
MBaAFN1xdCEH9ehQYrPgrmWvpLrmcOBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTct
YTc3MDZiYTMwODg5LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTctYTc3MDZiYTMwODg5
LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs5YS66Ik
1t5r5S1gYkgGhB4NXymyakn2MPjYWojf72+4RNTwzLdkY+SrdIB/Hew6f0w6RkSQ
tw/9HDe0EL6kguAWaNtDcOGSrpwjMwndx/5XCitmUyf+Aq1X5Cjkges1uQR5G2zq
7IFlxYbfEOTZUB2oV5k59Pl1TqqfhHjxFhOKXH7u5UvvhPc3ic7f0HYp4A3yZ4x5
w0e7pXckJNNPz5v1/5+vCmY/KBXo4rSAt0V6y8kBRF0m7OF05UJKb9DJhcWUyDNb
KgWQ5VEE7Cs/cL5luPR51qgK3Lc0D7bdyOqv7tvSBvaFkIwKoWtQW0qfqM/JeXb2
AHx826soIJgtOw==
-----END CERTIFICATE-----