Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          SmFDYYcMiWbm9W+BpQolBEpnxG+VEvzWR3jGK/Hdhg4=
Subject key identifier:   8A:D5:71:E9:54:80:E4:26:D5:0F:D0:95:C4:AC:43:10:45:7B:45:72
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       0199FB7D0A16EF7BBDBC092C0282A3411801
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          0368
Signing time:             Sun 19 Oct 2025 08:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:39 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: A4Tlacnwd2U20ya1diE9ROlIO62gpovoszLm5nHrvJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 08:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7d:0a:16:ef:7b:bd:bc:09:2c:02:82:a3:41:18:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: Oct 19 08:01:39 2025 GMT
            Not After : Oct 20 08:01:39 2025 GMT
        Subject: CN=8ad571e95480e426d50fd095c4ac4310457b4572
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8e:02:ef:61:fc:15:bb:57:e2:41:64:d2:c4:
                    13:d9:8b:a5:0f:fc:31:a1:08:97:56:d2:22:8d:6a:
                    65:f6:91:ae:7b:40:0e:36:bf:54:8b:68:22:e8:0f:
                    ca:ac:65:3b:b5:8e:2f:e1:0a:13:78:81:2a:b3:97:
                    24:37:e3:c0:bb:b1:48:6e:0a:8d:f7:2f:75:4f:e1:
                    37:9a:93:24:0f:26:79:52:8f:d1:83:75:17:5a:71:
                    89:82:db:1f:f0:55:ee:fb:b8:b0:19:a4:79:95:bd:
                    1d:5e:67:2b:1f:2c:ad:0f:91:1d:ea:4e:fd:7f:2c:
                    b1:9c:a7:7a:a3:6a:64:1f:cc:3c:bc:5e:04:95:d2:
                    34:07:29:3f:cf:a7:c3:0e:30:7b:74:12:8e:fa:80:
                    ba:0c:b0:84:00:58:6e:b0:49:4e:40:a4:78:fd:97:
                    05:5e:07:1d:5d:83:70:dd:75:b7:0b:ea:8e:ba:1e:
                    1a:75:31:af:64:7c:90:41:8d:24:df:b0:b8:a4:14:
                    3d:25:40:85:62:8e:f0:62:e4:29:43:32:65:85:67:
                    df:b4:a3:9b:7f:ac:9b:83:e5:a4:89:cc:f8:f8:62:
                    99:15:a0:f2:14:ee:5a:2c:75:ff:e5:d1:44:8b:71:
                    ea:9d:b9:0b:de:4e:63:96:d7:1f:91:3d:8f:41:8e:
                    c1:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:D5:71:E9:54:80:E4:26:D5:0F:D0:95:C4:AC:43:10:45:7B:45:72
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:7a:fa:ce:74:5c:cc:32:76:34:81:11:04:60:55:fb:d0:58:
         7f:61:88:63:61:22:b2:f5:eb:d9:b5:5f:4a:03:a7:e4:8e:93:
         16:e2:9d:97:fc:35:20:37:b8:cf:df:d0:a8:e0:e6:61:05:9e:
         3c:0e:24:c9:21:6d:59:6e:09:df:b0:60:5c:59:33:d2:87:89:
         cc:86:d6:3d:e5:08:be:44:93:2b:bd:34:29:e7:ec:e4:6e:74:
         7e:28:77:71:01:a0:ae:3d:0f:44:d9:3a:99:ef:a9:6f:eb:9b:
         8d:a6:7c:82:ed:67:a7:e3:de:fb:11:d4:86:ac:fd:0f:c6:b8:
         4c:ff:df:db:78:56:52:a0:a4:93:0a:01:76:de:39:2f:e3:19:
         9e:f0:dc:e5:cf:c2:b9:9c:7b:7e:fe:57:4f:33:96:57:26:ab:
         53:23:d0:c2:71:47:a8:7b:7b:36:2b:46:1f:82:5b:f9:3c:63:
         df:7a:f7:0a:6b:fb:8d:c1:f2:8f:c4:35:28:3c:b5:6c:ef:76:
         fc:a2:e4:db:16:c0:8b:3e:6d:fe:5b:f4:71:30:55:2a:e8:b8:
         06:39:6c:b7:0d:39:02:b8:7e:89:c0:99:60:61:cf:ad:c0:48:
         e0:b9:2b:61:89:a1:d2:79:69:4a:6b:df:98:22:b9:0d:e8:c4:
         de:e0:ae:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fQoW73u9vAksAoKjQRgBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjUxMDE5MDgwMTM5WhcNMjUxMDIwMDgwMTM5WjAzMTEwLwYDVQQD
Eyg4YWQ1NzFlOTU0ODBlNDI2ZDUwZmQwOTVjNGFjNDMxMDQ1N2I0NTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp44C72H8FbtX4kFk0sQT2YulD/wx
oQiXVtIijWpl9pGue0AONr9Ui2gi6A/KrGU7tY4v4QoTeIEqs5ckN+PAu7FIbgqN
9y91T+E3mpMkDyZ5Uo/Rg3UXWnGJgtsf8FXu+7iwGaR5lb0dXmcrHyytD5Ed6k79
fyyxnKd6o2pkH8w8vF4EldI0Byk/z6fDDjB7dBKO+oC6DLCEAFhusElOQKR4/ZcF
XgcdXYNw3XW3C+qOuh4adTGvZHyQQY0k37C4pBQ9JUCFYo7wYuQpQzJlhWfftKOb
f6ybg+Wkicz4+GKZFaDyFO5aLHX/5dFEi3HqnbkL3k5jltcfkT2PQY7BcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrVcelUgOQm1Q/QlcSsQxBFe0VyMB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFHr6znRc
zDJ2NIERBGBV+9BYf2GIY2EisvXr2bVfSgOn5I6TFuKdl/w1IDe4z9/QqODmYQWe
PA4kySFtWW4J37BgXFkz0oeJzIbWPeUIvkSTK700Kefs5G50fih3cQGgrj0PRNk6
me+pb+ubjaZ8gu1np+Pe+xHUhqz9D8a4TP/f23hWUqCkkwoBdt45L+MZnvDc5c/C
uZx7fv5XTzOWVyarUyPQwnFHqHt7NitGH4Jb+Txj33r3Cmv7jcHyj8Q1KDy1bO92
/KLk2xbAiz5t/lv0cTBVKui4Bjlstw05Arh+icCZYGHPrcBI4LkrYYmh0nlpSmvf
mCK5DejE3uCu2A==
-----END CERTIFICATE-----