Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
File:                     DTr3NGYY2GMOAUanZREkQ-DCyP8.mft (raw, json)
Hash identifier:          4cj+rpG7t6t3WnfM7/jFHYOCFCY+coQCSlnpQmrtYOs=
Subject key identifier:   9A:0F:A6:9E:BD:13:6B:EB:B8:38:38:BD:1C:02:46:75:7C:4D:17:3B
Authority key identifier: 0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF
Certificate issuer:       /CN=0d3af7346618d8630e0146a765112443e0c2c8ff
Certificate serial:       0199FBEC1D05961764DE4D2AD192CB1011CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
Manifest number:          0775
Signing time:             Sun 19 Oct 2025 10:02:59 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:59 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:59 +0000
Files and hashes:         1: DTr3NGYY2GMOAUanZREkQ-DCyP8.crl (hash: Y2A8zJKFCqCJWfPKiPdkYKO64yJJzA+KWxOSoGJ9wMQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:1d:05:96:17:64:de:4d:2a:d1:92:cb:10:11:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3af7346618d8630e0146a765112443e0c2c8ff
        Validity
            Not Before: Oct 19 10:02:59 2025 GMT
            Not After : Oct 20 10:02:59 2025 GMT
        Subject: CN=9a0fa69ebd136bebb83838bd1c0246757c4d173b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d6:4b:73:59:0c:53:e2:d7:ae:92:3c:dd:22:
                    54:06:e2:c4:cf:6a:df:ce:1b:ea:42:d7:35:20:27:
                    4b:98:36:f7:42:3b:57:7a:45:05:dc:7d:ef:7e:40:
                    c0:df:2b:6e:3a:da:de:c0:ca:4b:bb:8b:92:de:1a:
                    22:a9:d8:b1:4c:d8:4a:ba:6d:3d:78:80:05:12:ee:
                    fb:ef:27:5a:95:e9:a4:d8:e5:7a:fd:9e:81:98:57:
                    71:52:f7:96:5c:fe:61:1b:12:e4:28:39:28:d7:a8:
                    a3:d9:1c:0c:7f:e6:26:dd:5f:da:95:69:4d:78:1b:
                    e3:9a:6d:51:bb:f9:95:d2:6d:ca:7d:15:6a:1a:4e:
                    cb:de:09:5b:00:52:87:db:17:e9:b3:18:60:8a:82:
                    aa:cc:dc:23:4a:7c:79:9f:7e:b1:fb:81:81:24:98:
                    0d:7d:b6:c1:0e:27:4c:86:47:b2:2e:9b:d8:bd:60:
                    97:dc:18:e9:25:ab:78:0f:b2:be:f9:7d:39:41:31:
                    70:dd:12:c0:7d:30:c4:9f:e4:34:2d:9a:36:eb:5b:
                    cb:76:aa:62:69:cf:49:b3:58:4a:32:5a:5a:e6:6f:
                    10:d4:73:e2:95:da:d2:e7:1a:d1:06:55:6d:b4:63:
                    9d:1c:49:d4:82:71:5b:5e:ce:df:2b:cc:9c:e2:8d:
                    ae:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:0F:A6:9E:BD:13:6B:EB:B8:38:38:BD:1C:02:46:75:7C:4D:17:3B
            X509v3 Authority Key Identifier:
                keyid:0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:cb:ec:c4:53:6d:d9:a2:e2:2b:88:79:dd:03:0e:2c:49:f6:
         9a:3a:0b:cc:de:55:dc:ef:0d:62:7c:fa:12:b9:6e:76:19:69:
         92:86:8b:51:2d:f7:da:79:5f:f1:92:45:35:6a:a4:51:c2:4a:
         3c:d3:cb:08:7b:0c:62:f7:5c:ff:dd:e2:6d:b8:80:1c:ea:5a:
         3f:e0:f7:0a:67:a3:d3:5d:48:db:4d:2d:6f:07:cb:bf:bf:a4:
         85:75:3a:9f:bd:54:87:fb:c0:73:d8:bb:4b:6b:d7:0f:74:ed:
         f5:f3:13:f4:67:46:c7:59:5d:f7:18:fe:20:d7:35:76:2b:9a:
         82:7f:b2:0d:02:0f:d2:1b:8e:62:87:5e:f6:57:f7:69:0b:44:
         6f:ab:b9:be:d9:18:f7:3d:d0:1a:56:b4:15:f2:b1:fa:78:10:
         52:6a:7e:ae:02:02:e8:64:ae:27:5f:35:3a:60:b5:3a:37:f0:
         31:28:6f:66:08:c7:28:1d:4c:d8:f5:65:24:83:3d:e3:5f:b1:
         59:70:0e:da:11:91:7f:99:b0:92:59:43:23:3b:e3:8d:4a:29:
         b1:c2:54:9a:09:00:c3:fa:f4:f0:52:9e:87:82:a7:df:5d:64:
         1b:66:ee:ce:dc:e2:62:c9:29:62:ae:eb:9f:fe:cc:0a:f0:13:
         cb:99:74:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77B0Flhdk3k0q0ZLLEBHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2FmNzM0NjYxOGQ4NjMwZTAxNDZhNzY1MTEyNDQzZTBj
MmM4ZmYwHhcNMjUxMDE5MTAwMjU5WhcNMjUxMDIwMTAwMjU5WjAzMTEwLwYDVQQD
Eyg5YTBmYTY5ZWJkMTM2YmViYjgzODM4YmQxYzAyNDY3NTdjNGQxNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9ZLc1kMU+LXrpI83SJUBuLEz2rf
zhvqQtc1ICdLmDb3QjtXekUF3H3vfkDA3ytuOtrewMpLu4uS3hoiqdixTNhKum09
eIAFEu777ydalemk2OV6/Z6BmFdxUveWXP5hGxLkKDko16ij2RwMf+Ym3V/alWlN
eBvjmm1Ru/mV0m3KfRVqGk7L3glbAFKH2xfpsxhgioKqzNwjSnx5n36x+4GBJJgN
fbbBDidMhkeyLpvYvWCX3BjpJat4D7K++X05QTFw3RLAfTDEn+Q0LZo261vLdqpi
ac9Js1hKMlpa5m8Q1HPildrS5xrRBlVttGOdHEnUgnFbXs7fK8yc4o2uyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJoPpp69E2vruDg4vRwCRnV8TRc7MB8GA1UdIwQY
MBaAFA069zRmGNhjDgFGp2URJEPgwsj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2Et
ZjNiOWIwYjhkZDcwLzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2EtZjNiOWIwYjhkZDcw
LzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsvsxFNt
2aLiK4h53QMOLEn2mjoLzN5V3O8NYnz6ErludhlpkoaLUS332nlf8ZJFNWqkUcJK
PNPLCHsMYvdc/93ibbiAHOpaP+D3Cmej011I200tbwfLv7+khXU6n71Uh/vAc9i7
S2vXD3Tt9fMT9GdGx1ld9xj+INc1diuagn+yDQIP0huOYode9lf3aQtEb6u5vtkY
9z3QGla0FfKx+ngQUmp+rgIC6GSuJ181OmC1OjfwMShvZgjHKB1M2PVlJIM941+x
WXAO2hGRf5mwkllDIzvjjUopscJUmgkAw/r08FKeh4Kn311kG2buztziYskpYq7r
n/7MCvATy5l0uw==
-----END CERTIFICATE-----