Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          KMst/LcqzO5+sf7JnqqZw/DAcpBv3Y4kK/bQxEU5s0U=
Subject key identifier:   BC:2A:9E:31:13:55:C5:EE:E3:87:09:AB:AA:F0:8A:A6:3E:F4:7E:4A
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       0199FC585F4E76524E262CF646693C4AE17F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          0A8C
Signing time:             Sun 19 Oct 2025 12:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:13 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: s9PF/2UBqK0zIRvfzVuqsK7DBmBu8lSMzur0K2WMbIE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:5f:4e:76:52:4e:26:2c:f6:46:69:3c:4a:e1:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Oct 19 12:01:13 2025 GMT
            Not After : Oct 20 12:01:13 2025 GMT
        Subject: CN=bc2a9e311355c5eee38709abaaf08aa63ef47e4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8e:f4:28:46:0a:d5:90:86:0f:24:4b:b1:55:
                    a8:1d:1c:50:9f:0d:ef:b3:42:fa:51:40:4a:c5:6b:
                    f3:9c:38:b4:c1:07:09:0b:4e:68:5f:68:61:38:b4:
                    dd:6c:14:1a:6a:00:8e:94:57:a0:19:84:87:8f:7f:
                    da:1c:c1:0a:74:32:33:55:0e:1e:f2:bb:4f:e2:78:
                    30:01:c4:79:17:6a:9b:6f:fa:84:56:e4:3f:3b:64:
                    27:70:48:40:c5:5a:ef:66:94:22:41:29:a3:9c:a1:
                    0a:06:70:7a:10:e0:eb:05:94:d3:24:53:af:26:47:
                    01:ad:46:ef:54:20:6c:c2:0f:8a:8c:19:4d:c4:26:
                    bc:2e:7c:f6:a1:b6:04:ef:2e:ae:a0:26:29:a4:ba:
                    81:b5:88:36:10:4e:f9:c4:69:96:d7:da:b1:aa:a3:
                    1c:47:f7:7e:81:9b:03:75:9d:1c:41:4a:bc:cd:08:
                    13:d7:8d:06:3b:ec:98:ab:cb:65:ee:1c:61:0e:e0:
                    9d:77:86:60:c9:08:d7:47:72:d4:39:b1:22:af:84:
                    36:fb:8c:70:07:87:14:e8:45:86:91:f3:92:f6:7b:
                    a9:b3:43:1b:af:72:20:93:eb:1b:3f:e0:41:fa:bb:
                    c4:30:94:bb:85:b2:83:b1:40:9c:11:b9:f7:74:d8:
                    55:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:2A:9E:31:13:55:C5:EE:E3:87:09:AB:AA:F0:8A:A6:3E:F4:7E:4A
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:1f:ed:e2:fb:b6:d0:98:8d:15:bf:2f:c5:50:98:d3:25:b7:
         ba:8b:0c:e5:25:81:79:d2:dd:be:6c:75:e3:2a:1b:ff:43:ca:
         03:33:d3:76:07:c6:16:e1:7e:90:67:88:f6:e2:94:b1:35:6e:
         6a:4f:bb:97:27:dc:9c:8f:ad:d4:5d:21:b9:c5:d5:07:3d:02:
         44:c9:36:a4:9f:ed:b9:e6:72:f9:fa:ec:dd:48:35:9d:db:ea:
         05:b0:1a:6e:3e:38:11:a3:a9:c8:a5:a2:61:94:94:9e:67:7b:
         6d:22:e1:cb:28:b9:63:39:4b:7e:c7:8c:ee:10:1e:f2:87:42:
         e5:ed:9a:85:c8:24:34:07:11:8b:04:bc:2f:f2:be:25:4e:e1:
         ef:74:86:9d:9b:1d:a0:0b:3f:1a:a6:e4:db:d3:f4:14:29:2f:
         09:71:e7:b2:15:86:50:0c:90:f3:4c:c4:bd:51:f9:ac:ed:ac:
         8d:01:42:ce:3e:3d:01:86:a1:5a:ef:f4:af:54:e3:e0:88:a9:
         34:07:66:30:11:eb:f4:2e:6b:83:85:fb:de:85:9f:50:f7:31:
         65:f3:3f:b6:0b:1e:83:d6:9c:4e:0c:09:cf:27:1a:da:21:d9:
         28:49:cd:36:47:d6:8d:d2:23:a1:0c:01:81:96:71:9a:78:29:
         67:a7:58:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WF9OdlJOJiz2Rmk8SuF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjUxMDE5MTIwMTEzWhcNMjUxMDIwMTIwMTEzWjAzMTEwLwYDVQQD
EyhiYzJhOWUzMTEzNTVjNWVlZTM4NzA5YWJhYWYwOGFhNjNlZjQ3ZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr470KEYK1ZCGDyRLsVWoHRxQnw3v
s0L6UUBKxWvznDi0wQcJC05oX2hhOLTdbBQaagCOlFegGYSHj3/aHMEKdDIzVQ4e
8rtP4ngwAcR5F2qbb/qEVuQ/O2QncEhAxVrvZpQiQSmjnKEKBnB6EODrBZTTJFOv
JkcBrUbvVCBswg+KjBlNxCa8Lnz2obYE7y6uoCYppLqBtYg2EE75xGmW19qxqqMc
R/d+gZsDdZ0cQUq8zQgT140GO+yYq8tl7hxhDuCdd4ZgyQjXR3LUObEir4Q2+4xw
B4cU6EWGkfOS9nups0Mbr3Igk+sbP+BB+rvEMJS7hbKDsUCcEbn3dNhV4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwqnjETVcXu44cJq6rwiqY+9H5KMB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALx/t4vu2
0JiNFb8vxVCY0yW3uosM5SWBedLdvmx14yob/0PKAzPTdgfGFuF+kGeI9uKUsTVu
ak+7lyfcnI+t1F0hucXVBz0CRMk2pJ/tueZy+frs3Ug1ndvqBbAabj44EaOpyKWi
YZSUnmd7bSLhyyi5YzlLfseM7hAe8odC5e2ahcgkNAcRiwS8L/K+JU7h73SGnZsd
oAs/Gqbk29P0FCkvCXHnshWGUAyQ80zEvVH5rO2sjQFCzj49AYahWu/0r1Tj4Iip
NAdmMBHr9C5rg4X73oWfUPcxZfM/tgseg9acTgwJzyca2iHZKEnNNkfWjdIjoQwB
gZZxmngpZ6dYYw==
-----END CERTIFICATE-----