Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          GGyy0KEU6REJfZCQ5NumcB7Df/3xNeJhAsiL46UHmx0=
Subject key identifier:   BD:88:E0:E7:54:76:D5:60:EB:63:0C:9E:C2:45:2A:C4:AF:6E:58:F8
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       0199FDD9A5D7B06C7A4BC993401FBBE176EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          1152
Signing time:             Sun 19 Oct 2025 19:02:03 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:03 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:03 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: 8468lgrRGsgTdkZBYqt3KF2jVS1kpT1MVdCFQEMJpjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:a5:d7:b0:6c:7a:4b:c9:93:40:1f:bb:e1:76:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Oct 19 19:02:03 2025 GMT
            Not After : Oct 20 19:02:03 2025 GMT
        Subject: CN=bd88e0e75476d560eb630c9ec2452ac4af6e58f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:98:e6:5e:f0:6e:39:0f:a6:8e:67:3d:ba:f4:
                    3b:5c:48:cb:80:5b:6c:27:e2:70:0c:b3:69:af:19:
                    9c:84:fb:fd:ea:ac:80:1f:74:89:89:54:47:fe:a0:
                    41:58:fa:43:de:98:7b:01:37:d3:25:bc:fb:ec:b8:
                    ff:f2:cf:18:08:ab:55:7c:74:ca:bf:09:24:7f:f0:
                    2f:94:1b:6d:db:97:68:ef:be:10:81:a8:dc:84:90:
                    32:eb:b2:19:aa:bf:0e:a2:f6:f5:b5:dc:5f:31:50:
                    32:9d:07:3b:33:e1:83:e2:a7:e5:ce:e7:c2:55:e9:
                    84:4a:be:64:bb:ab:63:e2:3b:8f:9f:82:8f:d5:de:
                    56:18:68:91:cc:c3:a3:f9:ce:91:46:11:31:1c:8d:
                    6e:89:ac:8f:d3:88:d8:65:97:4f:b5:06:21:e9:a4:
                    18:9f:6b:39:b4:4a:06:0a:4a:59:89:3e:97:19:9e:
                    4c:4b:24:8f:6c:f8:5e:75:2c:2e:89:96:6f:56:3f:
                    12:95:c2:09:23:e5:10:bf:64:90:79:df:9c:11:0c:
                    46:a2:12:ce:c9:47:95:1e:7c:d5:f8:c7:be:ac:f8:
                    e3:ec:b0:41:4a:fa:f7:d8:4b:5d:2c:bc:61:b6:ad:
                    cb:7c:52:de:a7:c8:b1:3b:65:63:67:ae:c3:4b:9a:
                    cc:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:88:E0:E7:54:76:D5:60:EB:63:0C:9E:C2:45:2A:C4:AF:6E:58:F8
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:8b:81:fb:08:8b:1e:ea:2d:d7:94:6c:37:9a:ac:1c:a3:ed:
         9b:67:af:c7:f9:d9:80:6d:d0:65:ed:81:f9:de:d7:27:71:61:
         25:04:b5:58:b6:cb:07:13:80:be:90:1b:6a:b9:33:37:a2:04:
         39:3c:14:de:9b:d7:c6:9a:1e:4b:fb:0c:a7:ed:88:32:5c:c3:
         74:99:21:39:fa:23:d1:8c:81:d8:61:0a:23:12:28:d1:f0:ca:
         f4:c0:d0:3a:6a:0f:b0:b0:ce:ed:b3:89:22:5a:13:36:43:e2:
         7e:79:fd:b0:9c:19:fd:d9:47:31:5a:bd:55:79:b6:d1:87:93:
         8b:ef:32:1c:8c:eb:d7:12:df:83:9d:b1:51:04:ac:3a:5b:ff:
         8b:75:f7:19:30:37:b8:38:d6:a5:4a:87:a4:74:de:c1:1f:29:
         1d:eb:a0:cb:40:00:ad:0e:d0:4c:ea:cc:23:f2:0d:cb:f6:1a:
         29:75:26:a5:5e:e2:36:f6:84:a0:32:a7:65:23:be:82:9c:42:
         3b:c0:40:6d:d3:b1:fe:09:42:5b:70:15:95:45:20:62:28:20:
         cb:cc:a2:84:99:7f:dd:d0:f2:67:0d:67:75:a6:6a:89:f4:44:
         6b:5b:88:1e:c8:57:43:98:aa:b6:27:a9:75:e8:39:16:4c:bc:
         3f:c0:3f:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92aXXsGx6S8mTQB+74XbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjUxMDE5MTkwMjAzWhcNMjUxMDIwMTkwMjAzWjAzMTEwLwYDVQQD
EyhiZDg4ZTBlNzU0NzZkNTYwZWI2MzBjOWVjMjQ1MmFjNGFmNmU1OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZjmXvBuOQ+mjmc9uvQ7XEjLgFts
J+JwDLNprxmchPv96qyAH3SJiVRH/qBBWPpD3ph7ATfTJbz77Lj/8s8YCKtVfHTK
vwkkf/AvlBtt25do774QgajchJAy67IZqr8Oovb1tdxfMVAynQc7M+GD4qflzufC
VemESr5ku6tj4juPn4KP1d5WGGiRzMOj+c6RRhExHI1uiayP04jYZZdPtQYh6aQY
n2s5tEoGCkpZiT6XGZ5MSySPbPhedSwuiZZvVj8SlcIJI+UQv2SQed+cEQxGohLO
yUeVHnzV+Me+rPjj7LBBSvr32EtdLLxhtq3LfFLep8ixO2VjZ67DS5rMsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2I4OdUdtVg62MMnsJFKsSvblj4MB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxYuB+wiL
Huot15RsN5qsHKPtm2evx/nZgG3QZe2B+d7XJ3FhJQS1WLbLBxOAvpAbarkzN6IE
OTwU3pvXxpoeS/sMp+2IMlzDdJkhOfoj0YyB2GEKIxIo0fDK9MDQOmoPsLDO7bOJ
IloTNkPifnn9sJwZ/dlHMVq9VXm20YeTi+8yHIzr1xLfg52xUQSsOlv/i3X3GTA3
uDjWpUqHpHTewR8pHeugy0AArQ7QTOrMI/INy/YaKXUmpV7iNvaEoDKnZSO+gpxC
O8BAbdOx/glCW3AVlUUgYiggy8yihJl/3dDyZw1ndaZqifREa1uIHshXQ5iqtiep
deg5Fky8P8A/GQ==
-----END CERTIFICATE-----