Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
File:                     3XzvizrZIDFjCqyiJqntebpgVYY.mft (raw, json)
Hash identifier:          VAMusvdAZ2tcQpl1DuoO1IbyAopPZh8GRExPqRLxrlo=
Subject key identifier:   7D:B9:71:F1:97:02:98:C6:15:B1:A5:B2:F2:AA:32:00:C7:CF:F0:F4
Authority key identifier: DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86
Certificate issuer:       /CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
Certificate serial:       0199FEEBC702C049D99C439AE9825708C1BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
Manifest number:          024A
Signing time:             Mon 20 Oct 2025 00:01:28 +0000
Manifest this update:     Mon 20 Oct 2025 00:01:28 +0000
Manifest next update:     Tue 21 Oct 2025 00:01:28 +0000
Files and hashes:         1: 3XzvizrZIDFjCqyiJqntebpgVYY.crl (hash: +9OFh1sFUaB+cvFLX6nbbLod5fLuRATV/KISWsqwG00=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:eb:c7:02:c0:49:d9:9c:43:9a:e9:82:57:08:c1:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd7cef8b3ad92031630aaca226a9ed79ba605586
        Validity
            Not Before: Oct 20 00:01:28 2025 GMT
            Not After : Oct 21 00:01:28 2025 GMT
        Subject: CN=7db971f1970298c615b1a5b2f2aa3200c7cff0f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d0:ec:ee:e9:27:fb:da:a8:ab:13:72:70:8f:
                    65:b8:bb:91:0e:6e:23:c9:49:da:bc:62:8e:21:df:
                    f4:60:89:08:ca:7b:33:08:4c:07:d5:30:34:1e:c4:
                    8e:4f:29:52:c7:7b:cf:7d:68:6f:ab:66:d7:2b:c2:
                    94:07:e8:ae:aa:8d:8c:86:cf:6c:1e:57:ef:2e:2c:
                    91:71:5d:a2:0a:52:74:93:9b:f1:67:f3:64:1a:1d:
                    ee:30:b6:64:f1:39:0e:95:84:f2:62:80:ae:7d:04:
                    4d:9f:4a:26:54:44:5d:57:3d:4f:43:f1:7a:64:a1:
                    99:a3:bb:de:0d:af:e1:96:8f:4e:b7:9a:13:16:2e:
                    2d:a4:62:09:60:95:68:77:c3:ac:fb:86:71:2d:b3:
                    3c:fe:69:80:be:c4:82:e8:d1:a8:e4:53:8b:17:91:
                    0a:a6:8c:cb:7b:9f:83:bf:ef:25:da:c0:fa:7c:5e:
                    6c:1a:46:79:78:b7:dd:a7:a4:b2:26:60:f9:42:cf:
                    a3:46:18:2c:d1:6d:26:89:52:db:f4:58:3b:f7:88:
                    ae:04:44:6a:1f:4e:08:13:bf:ce:ff:f2:db:74:80:
                    f6:df:8c:2e:ae:e0:e8:8b:2a:6f:bb:47:dc:b8:35:
                    e2:ca:75:78:07:e8:71:a1:59:d9:b4:27:2a:29:fb:
                    fc:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:B9:71:F1:97:02:98:C6:15:B1:A5:B2:F2:AA:32:00:C7:CF:F0:F4
            X509v3 Authority Key Identifier:
                keyid:DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:e3:a1:a9:f5:2e:cf:27:a4:58:b6:9b:21:25:d5:f4:a2:37:
         af:69:24:82:d5:69:a8:8a:d8:eb:d3:ec:17:2c:c9:23:b8:fb:
         fb:e0:55:37:97:37:35:83:66:9b:4e:a6:b5:53:cc:93:52:f2:
         45:69:1e:73:1e:35:58:9a:3d:17:0d:0a:c0:a0:45:a2:eb:d2:
         83:a4:dc:5b:8b:a9:31:a9:ac:0b:a5:06:13:87:db:74:81:2f:
         1b:fb:b8:8d:ee:16:9f:cd:00:30:da:a8:df:de:20:d3:a2:6e:
         ba:b5:15:27:1d:5c:8e:d7:55:c7:48:84:59:48:a0:14:9f:84:
         06:80:9d:ac:27:5b:df:8d:92:33:2a:b1:eb:ae:d0:10:06:79:
         94:e4:89:91:cf:ab:76:b4:3f:f1:a9:7e:e0:f9:82:fb:0d:03:
         20:5f:97:fe:1c:06:b0:97:9c:12:f2:07:c9:a1:b9:81:a5:26:
         b5:5f:6a:02:db:61:8e:55:06:51:4c:18:4c:cd:3f:4a:e0:8e:
         1e:4c:2f:72:fb:8c:70:0b:52:fd:bb:60:1e:17:18:29:f3:b4:
         ef:ab:7e:f7:63:d2:37:af:d3:bc:8f:57:ec:73:c5:04:52:aa:
         dd:7b:bc:9e:43:fb:f8:72:23:a9:7b:fb:42:df:50:0d:59:ed:
         0a:39:23:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+68cCwEnZnEOa6YJXCMG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkN2NlZjhiM2FkOTIwMzE2MzBhYWNhMjI2YTllZDc5YmE2
MDU1ODYwHhcNMjUxMDIwMDAwMTI4WhcNMjUxMDIxMDAwMTI4WjAzMTEwLwYDVQQD
Eyg3ZGI5NzFmMTk3MDI5OGM2MTViMWE1YjJmMmFhMzIwMGM3Y2ZmMGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9Ds7ukn+9qoqxNycI9luLuRDm4j
yUnavGKOId/0YIkIynszCEwH1TA0HsSOTylSx3vPfWhvq2bXK8KUB+iuqo2Mhs9s
HlfvLiyRcV2iClJ0k5vxZ/NkGh3uMLZk8TkOlYTyYoCufQRNn0omVERdVz1PQ/F6
ZKGZo7veDa/hlo9Ot5oTFi4tpGIJYJVod8Os+4ZxLbM8/mmAvsSC6NGo5FOLF5EK
pozLe5+Dv+8l2sD6fF5sGkZ5eLfdp6SyJmD5Qs+jRhgs0W0miVLb9Fg794iuBERq
H04IE7/O//LbdID234wuruDoiypvu0fcuDXiynV4B+hxoVnZtCcqKfv8BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH25cfGXApjGFbGlsvKqMgDHz/D0MB8GA1UdIwQY
MBaAFN1874s62SAxYwqsoiap7Xm6YFWGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUt
MzcyZjY1ZDk5YTlmLzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUtMzcyZjY1ZDk5YTlm
LzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPOOhqfUu
zyekWLabISXV9KI3r2kkgtVpqIrY69PsFyzJI7j7++BVN5c3NYNmm06mtVPMk1Ly
RWkecx41WJo9Fw0KwKBFouvSg6TcW4upMamsC6UGE4fbdIEvG/u4je4Wn80AMNqo
394g06JuurUVJx1cjtdVx0iEWUigFJ+EBoCdrCdb342SMyqx667QEAZ5lOSJkc+r
drQ/8al+4PmC+w0DIF+X/hwGsJecEvIHyaG5gaUmtV9qAtthjlUGUUwYTM0/SuCO
HkwvcvuMcAtS/btgHhcYKfO076t+92PSN6/TvI9X7HPFBFKq3Xu8nkP7+HIjqXv7
Qt9QDVntCjkjaA==
-----END CERTIFICATE-----