Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
File:                     PDetizomkODPRy2ybo_isWgBkiQ.mft (raw, json)
Hash identifier:          UuYg3EUAU7VaRo97/Be+lPXt73SqLeKFX0xlUpweHFo=
Subject key identifier:   05:9F:47:29:88:4F:70:E0:E2:7A:55:63:53:6C:EE:CD:C7:C4:B6:F6
Authority key identifier: 3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24
Certificate issuer:       /CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
Certificate serial:       0199FC59176B4BF36E756E5C9942A7EDA4BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
Manifest number:          1503
Signing time:             Sun 19 Oct 2025 12:02:01 +0000
Manifest this update:     Sun 19 Oct 2025 12:02:01 +0000
Manifest next update:     Mon 20 Oct 2025 12:02:01 +0000
Files and hashes:         1: PDetizomkODPRy2ybo_isWgBkiQ.crl (hash: U22twcE3y3horCxat0Wz+dNy+qHbMXlx2IgRCG/4gRo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:59:17:6b:4b:f3:6e:75:6e:5c:99:42:a7:ed:a4:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
        Validity
            Not Before: Oct 19 12:02:01 2025 GMT
            Not After : Oct 20 12:02:01 2025 GMT
        Subject: CN=059f4729884f70e0e27a5563536ceecdc7c4b6f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:de:e7:bc:ba:bc:e0:34:cf:21:40:fe:20:45:
                    8f:fe:f0:f6:3c:c3:cf:5f:18:59:71:9d:04:95:97:
                    2d:be:35:e3:1f:20:90:2c:c9:a1:8f:13:e2:dd:61:
                    64:4c:94:4a:df:94:8d:e2:76:2e:6b:4a:cc:f8:d3:
                    33:eb:15:77:1a:38:68:14:cb:66:9b:20:c5:2a:35:
                    f1:49:41:a1:30:ec:6e:b3:e8:d6:c8:1c:b7:2d:e3:
                    49:6f:91:69:0b:6b:12:ba:30:64:11:24:01:a6:a5:
                    ba:08:f8:e4:cb:95:3f:57:3a:aa:54:3d:f4:d3:ce:
                    a2:ee:33:2c:4c:3b:0b:67:76:bb:36:27:df:89:c6:
                    1e:d4:20:63:18:f3:a5:d0:46:09:72:71:b2:67:ef:
                    a7:f8:59:1d:a6:2f:e2:fb:c4:2e:93:8d:25:95:03:
                    82:44:20:ae:79:22:ae:05:ae:89:40:e9:be:27:ff:
                    f4:c7:a9:fc:03:22:10:34:8f:e3:5e:4b:6b:a1:71:
                    79:0e:b6:07:b3:0a:b3:23:c0:32:db:d0:62:e0:b0:
                    6a:32:83:cb:4e:ed:cf:ad:b3:1b:9a:65:3d:f7:fc:
                    77:c8:0b:61:4c:94:87:ba:70:65:15:4e:07:c5:3a:
                    53:e8:3f:80:72:a8:67:e9:a0:de:cc:c6:1a:90:d7:
                    ee:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:9F:47:29:88:4F:70:E0:E2:7A:55:63:53:6C:EE:CD:C7:C4:B6:F6
            X509v3 Authority Key Identifier:
                keyid:3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:c2:88:de:ac:23:d0:bb:6b:51:a4:a1:89:e3:0a:2d:54:4a:
         49:6e:12:40:87:f2:49:f4:2d:32:85:df:bf:d6:a4:5b:30:74:
         c5:a3:6b:92:8e:b4:69:47:7b:91:6f:fa:c5:67:f1:01:8a:e7:
         72:74:3b:db:90:47:4e:61:18:a5:75:56:bd:44:09:dc:46:8f:
         54:af:6b:4e:3a:53:ff:de:39:4c:03:7e:bc:80:e3:83:ea:05:
         bc:21:32:0c:9d:f6:7a:cd:7d:43:dd:27:64:17:2c:85:48:52:
         fc:42:a4:2b:8b:94:42:ae:2f:01:70:6b:2b:30:64:d6:33:a0:
         1c:a5:08:e9:5a:24:56:ef:f1:75:49:76:2e:83:b1:c0:19:b9:
         d0:28:b9:fe:26:89:9b:66:38:03:54:d7:0e:9d:da:84:6d:3f:
         ec:07:9e:5c:e7:da:08:94:77:7c:5a:00:76:f1:73:9f:41:c4:
         83:3a:36:8c:f6:42:2c:0e:4d:c0:67:1e:da:fd:14:99:62:3e:
         00:6e:11:36:44:bb:75:c1:83:22:66:04:fa:e9:56:e8:c5:2d:
         f9:db:54:b9:e2:60:3b:bf:a3:7c:bd:81:3e:36:bb:ac:0c:4d:
         23:8f:d0:d7:2c:82:81:29:24:04:47:ce:b7:94:f4:d1:97:ba:
         8a:a2:41:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WRdrS/NudW5cmUKn7aS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzdhZDhiM2EyNjkwZTBjZjQ3MmRiMjZlOGZlMmIxNjgw
MTkyMjQwHhcNMjUxMDE5MTIwMjAxWhcNMjUxMDIwMTIwMjAxWjAzMTEwLwYDVQQD
EygwNTlmNDcyOTg4NGY3MGUwZTI3YTU1NjM1MzZjZWVjZGM3YzRiNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt7nvLq84DTPIUD+IEWP/vD2PMPP
XxhZcZ0ElZctvjXjHyCQLMmhjxPi3WFkTJRK35SN4nYua0rM+NMz6xV3GjhoFMtm
myDFKjXxSUGhMOxus+jWyBy3LeNJb5FpC2sSujBkESQBpqW6CPjky5U/VzqqVD30
086i7jMsTDsLZ3a7NifficYe1CBjGPOl0EYJcnGyZ++n+Fkdpi/i+8Quk40llQOC
RCCueSKuBa6JQOm+J//0x6n8AyIQNI/jXktroXF5DrYHswqzI8Ay29Bi4LBqMoPL
Tu3PrbMbmmU99/x3yAthTJSHunBlFU4HxTpT6D+Acqhn6aDezMYakNfuqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAWfRymIT3Dg4npVY1Ns7s3HxLb2MB8GA1UdIwQY
MBaAFDw3rYs6JpDgz0ctsm6P4rFoAZIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2Njct
MmUyYjU2YjQxNWMxLzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2NjctMmUyYjU2YjQxNWMx
LzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFMKI3qwj
0LtrUaShieMKLVRKSW4SQIfySfQtMoXfv9akWzB0xaNrko60aUd7kW/6xWfxAYrn
cnQ725BHTmEYpXVWvUQJ3EaPVK9rTjpT/945TAN+vIDjg+oFvCEyDJ32es19Q90n
ZBcshUhS/EKkK4uUQq4vAXBrKzBk1jOgHKUI6VokVu/xdUl2LoOxwBm50Ci5/iaJ
m2Y4A1TXDp3ahG0/7AeeXOfaCJR3fFoAdvFzn0HEgzo2jPZCLA5NwGce2v0UmWI+
AG4RNkS7dcGDImYE+ulW6MUt+dtUueJgO7+jfL2BPja7rAxNI4/Q1yyCgSkkBEfO
t5T00Ze6iqJB7A==
-----END CERTIFICATE-----