Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          /VZAZqnpBC/7QD/I6B50eyPv8wBtOEk0ooijtR+b0Ro=
Subject key identifier:   70:CD:5D:6A:44:29:27:C7:B1:88:24:01:EF:7D:63:77:A2:E3:D5:21
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       0199FFC76A4304943CBFA5611C72FE658D9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          0770
Signing time:             Mon 20 Oct 2025 04:01:22 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:22 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:22 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: 31CWDUwWO/rDDN0dBiFiMb3iyRZiOjgjtfO4OZ+8P3g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:6a:43:04:94:3c:bf:a5:61:1c:72:fe:65:8d:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Oct 20 04:01:22 2025 GMT
            Not After : Oct 21 04:01:22 2025 GMT
        Subject: CN=70cd5d6a442927c7b1882401ef7d6377a2e3d521
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b8:e9:17:1f:48:8f:e3:71:d4:57:92:ae:aa:
                    cf:a3:54:a6:91:23:d0:af:5b:ad:63:f3:08:ca:c1:
                    b3:28:1e:f8:fb:25:6e:23:b7:a5:1e:68:d9:df:fb:
                    27:f0:32:13:ba:4c:fc:1b:b8:bc:70:11:c4:5d:fb:
                    51:bd:4a:cc:e4:e7:11:9d:f3:ad:84:32:a2:cb:8e:
                    b9:35:66:88:12:3c:69:13:4b:b2:10:df:52:e6:87:
                    51:35:dc:fa:bc:58:13:32:0f:2a:ff:96:7b:c2:b5:
                    09:8d:a6:bb:48:94:eb:f5:b3:0a:f6:c7:79:27:e2:
                    2e:b8:bd:68:e9:3c:51:3f:99:be:1b:40:b3:19:e9:
                    9d:22:4a:1f:f9:7a:4e:dd:c5:42:53:a7:22:d7:65:
                    f7:89:b0:dc:0f:29:66:85:9f:fb:e4:87:04:ce:9f:
                    ab:c9:3b:6d:55:a5:23:40:ff:44:b8:de:1e:b2:22:
                    4b:ae:fa:a2:c8:a5:4f:05:73:45:23:ea:18:2b:24:
                    e3:f5:5c:0c:99:a7:bf:44:ff:5d:f3:d6:4e:44:76:
                    e8:71:bc:a6:73:89:64:81:ba:11:b2:74:0f:8d:1c:
                    3a:0a:7d:04:7f:47:3d:dd:ac:40:e4:85:11:15:3d:
                    59:63:cb:da:40:26:c0:88:f9:72:2f:d2:54:9c:d8:
                    aa:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:CD:5D:6A:44:29:27:C7:B1:88:24:01:EF:7D:63:77:A2:E3:D5:21
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:cb:ad:21:38:ac:bb:31:46:51:27:aa:2c:31:5f:8b:5b:b2:
         4a:38:fc:fd:4c:0b:ef:5f:1a:a9:a1:86:28:27:e5:62:a7:03:
         61:85:93:60:7f:e6:9b:73:ac:f6:5a:ba:f5:80:54:5c:53:53:
         37:b0:0a:2c:20:62:43:47:1e:32:c6:7f:80:21:10:d8:d1:f5:
         77:1a:1b:7f:e6:a3:98:76:8d:6f:e3:69:b8:ce:4b:4c:bb:9d:
         09:64:1d:e7:bb:59:95:da:00:ab:5f:b6:a4:8c:32:79:15:de:
         03:60:5a:ee:d0:07:ba:cb:75:35:11:96:41:3a:d1:37:ec:f0:
         da:3d:2e:27:63:d5:2c:5b:44:42:07:56:5c:95:91:2d:d7:2f:
         69:49:c2:fb:b4:e1:8f:e2:3c:d3:c7:2e:46:d0:90:dd:7f:ae:
         05:98:c7:5a:cb:42:d6:df:a3:49:18:4d:ae:e3:10:4d:80:6c:
         62:13:d2:0c:57:6a:2b:1d:be:89:97:25:e3:bf:5c:07:7f:26:
         2c:71:88:a0:ea:4c:ca:c1:d1:9e:6c:82:56:1c:52:9c:45:a8:
         aa:70:a0:22:7a:32:a7:9f:d4:63:bc:79:d9:70:f0:36:b7:02:
         fa:fb:b3:e9:04:14:3b:ab:50:48:23:b9:43:6c:a0:2a:6d:e4:
         55:d8:5b:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x2pDBJQ8v6VhHHL+ZY2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjUxMDIwMDQwMTIyWhcNMjUxMDIxMDQwMTIyWjAzMTEwLwYDVQQD
Eyg3MGNkNWQ2YTQ0MjkyN2M3YjE4ODI0MDFlZjdkNjM3N2EyZTNkNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrjpFx9Ij+Nx1FeSrqrPo1SmkSPQ
r1utY/MIysGzKB74+yVuI7elHmjZ3/sn8DITukz8G7i8cBHEXftRvUrM5OcRnfOt
hDKiy465NWaIEjxpE0uyEN9S5odRNdz6vFgTMg8q/5Z7wrUJjaa7SJTr9bMK9sd5
J+IuuL1o6TxRP5m+G0CzGemdIkof+XpO3cVCU6ci12X3ibDcDylmhZ/75IcEzp+r
yTttVaUjQP9EuN4esiJLrvqiyKVPBXNFI+oYKyTj9VwMmae/RP9d89ZORHbocbym
c4lkgboRsnQPjRw6Cn0Ef0c93axA5IURFT1ZY8vaQCbAiPlyL9JUnNiqCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDNXWpEKSfHsYgkAe99Y3ei49UhMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL8utITis
uzFGUSeqLDFfi1uySjj8/UwL718aqaGGKCflYqcDYYWTYH/mm3Os9lq69YBUXFNT
N7AKLCBiQ0ceMsZ/gCEQ2NH1dxobf+ajmHaNb+NpuM5LTLudCWQd57tZldoAq1+2
pIwyeRXeA2Ba7tAHust1NRGWQTrRN+zw2j0uJ2PVLFtEQgdWXJWRLdcvaUnC+7Th
j+I808cuRtCQ3X+uBZjHWstC1t+jSRhNruMQTYBsYhPSDFdqKx2+iZcl479cB38m
LHGIoOpMysHRnmyCVhxSnEWoqnCgInoyp5/UY7x52XDwNrcC+vuz6QQUO6tQSCO5
Q2ygKm3kVdhbFQ==
-----END CERTIFICATE-----