Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
File:                     3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft (raw, json)
Hash identifier:          Q4VUXxoDRLP2lRGxeIneZxwHDLAEHtqkRQLu3UDbDV4=
Subject key identifier:   6D:4F:03:AD:97:FB:ED:20:EB:C9:B4:3F:BB:2E:23:DB:1F:17:1F:FC
Authority key identifier: DE:3D:3A:98:49:5C:27:B9:CE:35:0A:E5:B8:9F:99:14:4B:0A:4C:9D
Certificate issuer:       /CN=de3d3a98495c27b9ce350ae5b89f99144b0a4c9d
Certificate serial:       0199FC8F8FD9BD64EAFF7C7372009058D230
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
Manifest number:          0331
Signing time:             Sun 19 Oct 2025 13:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:30 +0000
Files and hashes:         1: 3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl (hash: lFSnqVuawKtfk2HPWVtOpanQDLHvY3nxYYUP2ynKw8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:8f:d9:bd:64:ea:ff:7c:73:72:00:90:58:d2:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de3d3a98495c27b9ce350ae5b89f99144b0a4c9d
        Validity
            Not Before: Oct 19 13:01:30 2025 GMT
            Not After : Oct 20 13:01:30 2025 GMT
        Subject: CN=6d4f03ad97fbed20ebc9b43fbb2e23db1f171ffc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:1f:d7:57:2d:bd:f5:ef:22:b8:1b:2d:4c:90:
                    ea:69:ce:17:43:55:88:ca:d7:9b:51:ed:73:a1:9e:
                    fa:d8:0a:ab:c3:77:19:a7:97:33:3f:98:53:d6:02:
                    28:9f:79:9f:3d:c0:00:be:0c:64:c1:ff:55:f3:f7:
                    6b:91:df:df:4d:8a:09:eb:a4:49:32:92:c7:66:35:
                    a9:2e:84:58:ff:1a:4a:55:80:73:a7:79:6d:6f:0c:
                    a6:fd:21:bf:f8:37:ac:9f:05:a5:c6:67:48:a5:68:
                    e2:29:02:db:a1:f4:ec:c3:85:9b:54:9a:15:11:ad:
                    d0:cb:6d:b1:20:97:41:4a:f5:e6:44:bd:37:eb:0d:
                    f2:4f:df:5e:d9:ce:62:8f:c2:0e:98:b6:42:1c:7f:
                    70:b1:3d:99:f8:d3:6e:9a:6c:89:53:e8:6c:b3:6c:
                    f6:3f:76:ba:89:c7:9c:dc:00:4d:41:32:c1:1f:7b:
                    0c:50:93:83:e3:90:96:96:41:20:cc:1c:45:00:d0:
                    a2:be:78:27:fc:3e:df:21:2f:a3:4e:a6:db:9d:24:
                    03:43:9c:c0:5a:30:2b:f2:78:8e:3d:d7:ac:12:0a:
                    3c:af:66:34:49:5b:ce:af:a8:b8:7f:1f:07:21:e9:
                    f6:d0:27:15:63:2c:27:31:28:01:33:07:eb:3d:c5:
                    98:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:4F:03:AD:97:FB:ED:20:EB:C9:B4:3F:BB:2E:23:DB:1F:17:1F:FC
            X509v3 Authority Key Identifier:
                keyid:DE:3D:3A:98:49:5C:27:B9:CE:35:0A:E5:B8:9F:99:14:4B:0A:4C:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3j06mElcJ7nONQrluJ-ZFEsKTJ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cb4127-8e06-47d9-bdf1-c888b20489fc/1/3j06mElcJ7nONQrluJ-ZFEsKTJ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:2b:98:a6:af:10:a1:e1:da:82:0c:ff:a4:ea:2c:a7:7e:ab:
         dd:9b:2b:61:3d:f8:e6:4c:f9:05:5f:ac:05:5e:58:ad:8d:ec:
         5b:35:ea:bb:ba:1d:de:34:33:d1:33:c0:11:a9:22:f7:71:ee:
         89:7e:56:51:48:7f:e4:9c:a6:eb:34:70:0d:9a:ed:79:82:a7:
         63:61:c7:bc:e5:33:e2:98:e8:97:df:54:1b:24:04:93:6f:a7:
         58:fd:3a:7d:c6:6d:01:35:9c:7c:38:3e:2a:08:70:e8:1f:da:
         67:0b:34:3f:f0:87:f9:ec:0f:95:eb:5e:ca:f1:34:3b:ac:8a:
         d9:e5:e8:43:07:7e:e9:27:40:ee:c9:9c:61:61:a6:44:c9:55:
         79:76:89:35:9b:c7:15:d5:f0:14:63:62:4d:66:d0:86:6d:42:
         7b:c5:64:94:b5:44:3a:60:c7:cb:b3:54:d2:68:0e:ee:e1:6d:
         6b:d5:c9:6d:0c:46:39:60:cf:f2:a1:d2:79:6a:45:3d:e1:e4:
         f1:d9:68:d7:dc:4d:e9:74:29:ea:f4:23:9a:64:dd:58:3f:7f:
         02:07:44:e4:8e:c1:95:85:48:1d:af:97:59:3d:ef:ef:3d:3a:
         56:f9:80:ae:76:02:da:00:2d:ec:55:b1:fb:93:46:4a:5d:73:
         0c:bd:4a:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j4/ZvWTq/3xzcgCQWNIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlM2QzYTk4NDk1YzI3YjljZTM1MGFlNWI4OWY5OTE0NGIw
YTRjOWQwHhcNMjUxMDE5MTMwMTMwWhcNMjUxMDIwMTMwMTMwWjAzMTEwLwYDVQQD
Eyg2ZDRmMDNhZDk3ZmJlZDIwZWJjOWI0M2ZiYjJlMjNkYjFmMTcxZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR/XVy299e8iuBstTJDqac4XQ1WI
ytebUe1zoZ762Aqrw3cZp5czP5hT1gIon3mfPcAAvgxkwf9V8/drkd/fTYoJ66RJ
MpLHZjWpLoRY/xpKVYBzp3ltbwym/SG/+DesnwWlxmdIpWjiKQLbofTsw4WbVJoV
Ea3Qy22xIJdBSvXmRL036w3yT99e2c5ij8IOmLZCHH9wsT2Z+NNummyJU+hss2z2
P3a6icec3ABNQTLBH3sMUJOD45CWlkEgzBxFANCivngn/D7fIS+jTqbbnSQDQ5zA
WjAr8niOPdesEgo8r2Y0SVvOr6i4fx8HIen20CcVYywnMSgBMwfrPcWYMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1PA62X++0g68m0P7suI9sfFx/8MB8GA1UdIwQY
MBaAFN49OphJXCe5zjUK5bifmRRLCkydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jYjQxMjctOGUwNi00N2Q5LWJkZjEt
Yzg4OGIyMDQ4OWZjLzEvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jYjQxMjctOGUwNi00N2Q5LWJkZjEtYzg4OGIyMDQ4OWZj
LzEvM2owNm1FbGNKN25PTlFybHVKLVpGRXNLVEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJiuYpq8Q
oeHaggz/pOosp36r3ZsrYT345kz5BV+sBV5YrY3sWzXqu7od3jQz0TPAEaki93Hu
iX5WUUh/5Jym6zRwDZrteYKnY2HHvOUz4pjol99UGyQEk2+nWP06fcZtATWcfDg+
Kghw6B/aZws0P/CH+ewPleteyvE0O6yK2eXoQwd+6SdA7smcYWGmRMlVeXaJNZvH
FdXwFGNiTWbQhm1Ce8VklLVEOmDHy7NU0mgO7uFta9XJbQxGOWDP8qHSeWpFPeHk
8dlo19xN6XQp6vQjmmTdWD9/AgdE5I7BlYVIHa+XWT3v7z06VvmArnYC2gAt7FWx
+5NGSl1zDL1KmQ==
-----END CERTIFICATE-----