Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
File:                     3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json)
Hash identifier:          hZ9lFPDEQPiykfJWRd9KIhVzOGENc2gDrDgHvJldnEE=
Subject key identifier:   4A:F0:E4:79:F8:5A:C4:85:30:69:F7:F2:0D:6B:B0:14:81:FD:63:C3
Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4
Certificate issuer:       /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
Certificate serial:       0199FDD9249CBB82A4C50CBC807ECDDF7997
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
Manifest number:          0DD5
Signing time:             Sun 19 Oct 2025 19:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:30 +0000
Files and hashes:         1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: qgr+k96N9Zw6wJKdz7QzLWuNjEjhlnLs4XMfUQ67aRs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:24:9c:bb:82:a4:c5:0c:bc:80:7e:cd:df:79:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4
        Validity
            Not Before: Oct 19 19:01:30 2025 GMT
            Not After : Oct 20 19:01:30 2025 GMT
        Subject: CN=4af0e479f85ac4853069f7f20d6bb01481fd63c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:02:03:30:a5:73:3c:ab:89:8a:99:ef:01:9c:
                    a8:a8:0b:7c:d7:8b:c9:2a:2b:a2:7b:9f:0e:ce:98:
                    be:7b:0d:b1:cb:59:93:2f:c2:d8:bb:10:8e:fc:9a:
                    b6:b3:8e:e6:b6:a8:24:20:33:32:88:8a:26:df:64:
                    64:56:00:d5:49:c0:ea:1e:78:33:f4:6f:0e:80:4e:
                    42:6e:0b:36:28:7f:11:c0:99:59:36:ec:95:d2:01:
                    a9:3d:10:44:4e:fc:06:6a:c8:35:52:44:b8:5b:68:
                    36:f6:22:94:38:f2:d7:6a:0b:0c:74:75:4c:38:6b:
                    00:21:ba:21:6c:1b:0e:8d:e3:67:9d:bb:36:e3:06:
                    c2:6f:83:8a:fa:53:a4:26:69:bb:bf:6b:fd:cf:6f:
                    60:a4:6d:92:a5:3c:53:bf:5a:ca:95:93:8b:f3:06:
                    0e:d9:e7:d1:5c:e5:07:e8:f6:ec:6d:4e:b0:b0:b5:
                    71:5a:dc:39:10:87:20:3c:39:0d:fd:11:62:da:27:
                    0b:09:c5:57:67:d6:68:81:bf:b8:f8:d8:86:56:a0:
                    d0:1c:46:b0:b5:60:9f:a9:cc:58:e4:48:d1:f5:08:
                    c0:ed:0f:f7:bc:7d:19:fc:c6:92:ea:91:20:87:6a:
                    c3:a3:38:ad:ab:eb:5d:a0:1c:7b:3e:fc:22:fa:47:
                    71:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:F0:E4:79:F8:5A:C4:85:30:69:F7:F2:0D:6B:B0:14:81:FD:63:C3
            X509v3 Authority Key Identifier:
                keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:49:96:a5:af:cb:24:ae:0e:3f:3a:ba:c2:24:f4:4d:fc:6f:
         ac:7c:88:47:b3:d9:83:eb:27:ed:a9:c3:56:61:37:42:ba:7e:
         9f:63:d6:aa:a2:53:4c:ba:2a:5c:25:32:0b:a4:a8:7e:e7:9c:
         5c:7b:0b:1a:f8:37:2e:3c:d9:5b:82:9e:9b:b4:78:9d:45:d3:
         2f:2a:57:73:d0:bc:78:70:57:a3:1f:35:78:99:2e:18:a6:e5:
         d1:13:12:90:2b:63:2c:9a:e5:e0:17:67:7a:87:b5:a9:29:ab:
         35:54:ca:f3:31:a5:2e:11:7f:29:bb:fb:aa:1b:cb:6a:87:08:
         86:d8:d8:27:95:da:e2:8a:09:ad:61:b2:c1:d1:fb:25:72:b6:
         9d:05:fd:53:93:55:ad:bd:aa:47:07:ed:51:fa:7a:d8:bd:95:
         6e:84:70:42:06:b3:28:e3:50:5a:f7:26:a9:74:1e:d5:b3:85:
         74:7d:9c:37:01:35:07:78:fb:45:99:71:13:bf:53:f4:38:d3:
         3d:14:f7:7e:79:a9:27:81:b0:a3:fe:5d:b2:7b:1d:5c:90:21:
         a3:18:d2:58:41:2f:c2:e5:4b:be:0c:49:f7:55:5e:ce:7e:4c:
         5e:b6:af:fa:f9:1b:b7:db:f8:a7:7e:cb:4c:78:cd:dc:ba:bc:
         44:3e:e7:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92SScu4KkxQy8gH7N33mXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0
MDNjZDQwHhcNMjUxMDE5MTkwMTMwWhcNMjUxMDIwMTkwMTMwWjAzMTEwLwYDVQQD
Eyg0YWYwZTQ3OWY4NWFjNDg1MzA2OWY3ZjIwZDZiYjAxNDgxZmQ2M2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwIDMKVzPKuJipnvAZyoqAt814vJ
Kiuie58Ozpi+ew2xy1mTL8LYuxCO/Jq2s47mtqgkIDMyiIom32RkVgDVScDqHngz
9G8OgE5Cbgs2KH8RwJlZNuyV0gGpPRBETvwGasg1UkS4W2g29iKUOPLXagsMdHVM
OGsAIbohbBsOjeNnnbs24wbCb4OK+lOkJmm7v2v9z29gpG2SpTxTv1rKlZOL8wYO
2efRXOUH6PbsbU6wsLVxWtw5EIcgPDkN/RFi2icLCcVXZ9Zogb+4+NiGVqDQHEaw
tWCfqcxY5EjR9QjA7Q/3vH0Z/MaS6pEgh2rDozitq+tdoBx7Pvwi+kdxEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFErw5Hn4WsSFMGn38g1rsBSB/WPDMB8GA1UdIwQY
MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt
OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl
LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVkmWpa/L
JK4OPzq6wiT0TfxvrHyIR7PZg+sn7anDVmE3Qrp+n2PWqqJTTLoqXCUyC6Sofuec
XHsLGvg3LjzZW4Kem7R4nUXTLypXc9C8eHBXox81eJkuGKbl0RMSkCtjLJrl4Bdn
eoe1qSmrNVTK8zGlLhF/Kbv7qhvLaocIhtjYJ5Xa4ooJrWGywdH7JXK2nQX9U5NV
rb2qRwftUfp62L2VboRwQgazKONQWvcmqXQe1bOFdH2cNwE1B3j7RZlxE79T9DjT
PRT3fnmpJ4Gwo/5dsnsdXJAhoxjSWEEvwuVLvgxJ91Vezn5MXrav+vkbt9v4p37L
THjN3Lq8RD7nNQ==
-----END CERTIFICATE-----