Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
File:                     3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft (raw, json)
Hash identifier:          4rL4bvPJ5+CwTeLposYlprNrX2ZaHkyXtGo4fAaJGHg=
Subject key identifier:   70:C7:4A:F5:96:7C:8E:9A:5B:8D:47:BB:45:2F:3B:7D:2F:6C:DA:A7
Authority key identifier: DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B
Certificate issuer:       /CN=de11cc6df13366fc595a6e72ed03c53800792b4b
Certificate serial:       0199FC58C9337AA1A11090FF30DB4222F4A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
Manifest number:          0E45
Signing time:             Sun 19 Oct 2025 12:01:41 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:41 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:41 +0000
Files and hashes:         1: 3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl (hash: lDIEDUeuDRcVlEnXskQwDlGLrqtRo+WmawA2yaeiNjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:c9:33:7a:a1:a1:10:90:ff:30:db:42:22:f4:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de11cc6df13366fc595a6e72ed03c53800792b4b
        Validity
            Not Before: Oct 19 12:01:41 2025 GMT
            Not After : Oct 20 12:01:41 2025 GMT
        Subject: CN=70c74af5967c8e9a5b8d47bb452f3b7d2f6cdaa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:fb:6f:d2:33:1a:bb:c6:78:1b:66:2b:fa:b8:
                    71:f9:32:20:6a:2b:3e:3d:a4:fc:4d:6d:90:13:cf:
                    f8:2e:fa:41:13:49:ae:d8:38:47:f5:d3:e3:0e:18:
                    6e:78:f5:7a:b5:57:01:eb:ec:2d:62:a0:d9:df:9b:
                    0d:47:7b:5d:7f:c1:a8:14:43:73:5f:e8:f3:f7:c0:
                    0a:eb:6f:91:16:3a:ac:33:88:bc:ac:30:e9:24:33:
                    9c:04:3e:67:b6:1a:05:91:23:4e:e4:97:d6:29:ea:
                    95:47:61:44:8a:7d:01:46:af:ed:36:4f:d5:40:4b:
                    57:84:56:f1:d9:ac:b3:9a:26:56:19:cd:90:bd:17:
                    e7:9c:9f:65:10:c3:ac:8b:92:dd:aa:90:03:0c:09:
                    97:3b:24:35:12:73:29:11:04:b2:86:36:4f:49:f5:
                    dd:8a:87:6c:88:4f:8f:60:8d:fb:8a:b9:d5:6e:b7:
                    3f:fb:ca:dd:63:a5:38:20:05:d2:a8:67:7e:81:5e:
                    8b:0a:4e:32:7b:cb:4b:04:96:ec:e1:e8:28:d8:fe:
                    28:d5:1d:9e:d8:36:52:37:c9:a9:1a:5c:b9:a4:71:
                    c5:ec:61:0a:d6:88:50:bf:a4:70:dc:77:32:75:f7:
                    f3:35:69:a6:ac:85:88:eb:6c:a0:d8:dc:49:56:96:
                    da:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:C7:4A:F5:96:7C:8E:9A:5B:8D:47:BB:45:2F:3B:7D:2F:6C:DA:A7
            X509v3 Authority Key Identifier:
                keyid:DE:11:CC:6D:F1:33:66:FC:59:5A:6E:72:ED:03:C5:38:00:79:2B:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hHMbfEzZvxZWm5y7QPFOAB5K0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/c6494d-fc66-453c-bc83-e6c4df46f04d/1/3hHMbfEzZvxZWm5y7QPFOAB5K0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:1f:ff:69:1b:cc:47:4f:0d:c5:c2:dd:96:64:98:81:b9:b0:
         fe:4a:99:e9:66:58:b3:25:36:5e:12:32:01:2c:30:6d:e6:3d:
         98:e6:5a:ba:30:a1:57:2c:5d:4b:b5:05:77:3b:ac:33:fc:c1:
         95:78:8a:7b:e7:40:f7:ff:e8:5a:22:a7:42:92:47:57:0b:c4:
         63:8c:35:32:4d:90:40:37:a3:d0:05:91:c9:60:84:32:d4:7d:
         fb:2d:c9:6f:75:73:f9:06:27:6b:9b:3d:45:49:d7:5c:ed:84:
         fd:24:9d:c2:9e:ff:3c:7d:dd:ab:9f:e6:3c:a1:ae:34:56:f8:
         75:83:41:c3:c8:43:f0:cf:60:af:22:ad:1f:eb:ef:c0:ef:16:
         d9:88:04:53:97:87:54:6c:ba:71:38:93:99:e7:75:2f:fd:c4:
         0b:f2:b7:28:6b:4c:bb:43:c8:71:5a:68:92:b0:7b:7f:0e:bc:
         36:ca:64:88:94:40:70:cb:37:fe:12:ca:d5:5a:9f:f2:ba:5b:
         62:18:7d:37:69:71:10:eb:a6:59:ca:55:ec:60:40:5b:2c:84:
         da:a9:e0:d3:19:21:c1:7b:0b:55:bc:e3:71:b5:f3:a4:f8:ef:
         1c:7f:81:34:e2:4e:4b:f2:f0:55:03:29:84:f0:fa:b1:13:52:
         93:e6:bc:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WMkzeqGhEJD/MNtCIvShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTFjYzZkZjEzMzY2ZmM1OTVhNmU3MmVkMDNjNTM4MDA3
OTJiNGIwHhcNMjUxMDE5MTIwMTQxWhcNMjUxMDIwMTIwMTQxWjAzMTEwLwYDVQQD
Eyg3MGM3NGFmNTk2N2M4ZTlhNWI4ZDQ3YmI0NTJmM2I3ZDJmNmNkYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiftv0jMau8Z4G2Yr+rhx+TIgais+
PaT8TW2QE8/4LvpBE0mu2DhH9dPjDhhuePV6tVcB6+wtYqDZ35sNR3tdf8GoFENz
X+jz98AK62+RFjqsM4i8rDDpJDOcBD5nthoFkSNO5JfWKeqVR2FEin0BRq/tNk/V
QEtXhFbx2ayzmiZWGc2QvRfnnJ9lEMOsi5LdqpADDAmXOyQ1EnMpEQSyhjZPSfXd
iodsiE+PYI37irnVbrc/+8rdY6U4IAXSqGd+gV6LCk4ye8tLBJbs4ego2P4o1R2e
2DZSN8mpGly5pHHF7GEK1ohQv6Rw3HcydffzNWmmrIWI62yg2NxJVpbazQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDHSvWWfI6aW41Hu0UvO30vbNqnMB8GA1UdIwQY
MBaAFN4RzG3xM2b8WVpucu0DxTgAeStLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMt
ZTZjNGRmNDZmMDRkLzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9jNjQ5NGQtZmM2Ni00NTNjLWJjODMtZTZjNGRmNDZmMDRk
LzEvM2hITWJmRXpadnhaV201eTdRUEZPQUI1SzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAex//aRvM
R08NxcLdlmSYgbmw/kqZ6WZYsyU2XhIyASwwbeY9mOZaujChVyxdS7UFdzusM/zB
lXiKe+dA9//oWiKnQpJHVwvEY4w1Mk2QQDej0AWRyWCEMtR9+y3Jb3Vz+QYna5s9
RUnXXO2E/SSdwp7/PH3dq5/mPKGuNFb4dYNBw8hD8M9gryKtH+vvwO8W2YgEU5eH
VGy6cTiTmed1L/3EC/K3KGtMu0PIcVpokrB7fw68NspkiJRAcMs3/hLK1Vqf8rpb
Yhh9N2lxEOumWcpV7GBAWyyE2qng0xkhwXsLVbzjcbXzpPjvHH+BNOJOS/LwVQMp
hPD6sRNSk+a8zQ==
-----END CERTIFICATE-----