Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
File:                     dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft (raw, json)
Hash identifier:          YTdXed6GUz+H3YLfLhnntXWadrn+tvzdnC2tNcJlwGg=
Subject key identifier:   AA:A4:FE:A7:53:C4:6B:7C:B2:8B:D4:F5:6E:73:1B:28:F7:FA:0B:2C
Authority key identifier: 74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6
Certificate issuer:       /CN=74230d142eec7f6a99b0db4096f93a0420483fe6
Certificate serial:       0199FDDA0A4DE238BBFFCA74144F463862DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
Manifest number:          08D8
Signing time:             Sun 19 Oct 2025 19:02:28 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:28 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:28 +0000
Files and hashes:         1: dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl (hash: DN5tcaEqDm9sBdI3qs3zE+AVF0q1EhWSbenuxa5olPo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:0a:4d:e2:38:bb:ff:ca:74:14:4f:46:38:62:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74230d142eec7f6a99b0db4096f93a0420483fe6
        Validity
            Not Before: Oct 19 19:02:28 2025 GMT
            Not After : Oct 20 19:02:28 2025 GMT
        Subject: CN=aaa4fea753c46b7cb28bd4f56e731b28f7fa0b2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:61:60:78:29:be:f4:d0:06:16:cc:63:0f:b6:
                    dd:c1:67:be:26:42:6e:fe:91:df:02:ed:53:ef:51:
                    c4:e8:f7:80:00:fc:24:a6:c2:13:1b:33:01:50:b2:
                    6c:ab:36:da:1b:fc:e6:7c:3d:f6:cf:1a:dd:03:d7:
                    be:d8:f6:27:1f:93:32:61:70:00:8e:ac:64:66:19:
                    ba:33:1e:2e:f4:fc:fe:cb:82:dd:b0:27:4f:4e:7a:
                    71:f3:98:31:e6:00:c5:7d:d6:29:8b:cc:c3:70:ac:
                    7d:42:b6:d0:e3:cb:fd:c9:4f:15:f2:c2:27:2d:c1:
                    04:2b:1c:9f:4b:d8:d4:95:9a:44:26:a0:4c:c4:fa:
                    7f:e1:b3:e5:cb:be:20:f7:a5:ab:c8:70:45:fb:b6:
                    50:67:17:d2:09:c0:83:12:4e:ad:7a:76:08:8b:b6:
                    4c:2d:88:ac:a1:63:1d:db:0e:01:0e:bc:71:d0:d1:
                    79:c3:0e:22:00:bf:e0:ad:96:dc:63:17:52:e7:31:
                    9a:cc:44:94:c9:22:2c:e0:0f:e3:f2:f2:41:65:38:
                    41:08:54:f7:b5:49:23:02:12:a8:4e:e9:a6:33:f7:
                    c8:2b:d7:d2:59:df:1b:3d:e9:1b:a2:0c:66:be:0a:
                    34:85:05:2c:f5:b3:17:53:c5:5f:81:fd:4f:30:04:
                    43:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:A4:FE:A7:53:C4:6B:7C:B2:8B:D4:F5:6E:73:1B:28:F7:FA:0B:2C
            X509v3 Authority Key Identifier:
                keyid:74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:eb:01:cd:da:25:54:40:c7:6e:9e:65:bf:a3:89:17:f1:6e:
         9f:ae:4c:4b:4f:74:2c:cc:af:a9:27:ed:41:78:5e:c2:7b:86:
         9c:8b:5a:40:f6:dc:f2:0f:50:82:0d:bf:f0:72:95:ab:23:cd:
         4b:23:92:5e:d8:7a:c9:91:ae:06:b1:a2:b0:bd:e5:be:5e:cb:
         0c:cb:23:71:c7:b9:96:9a:c4:1e:fb:c8:28:66:49:9e:73:95:
         88:ec:07:75:0c:2f:d5:a5:63:ea:92:ad:4b:68:b5:28:e6:dd:
         e8:e8:31:54:e5:b3:cd:8c:c7:79:94:b3:59:85:42:d9:37:08:
         04:de:56:54:c2:33:5b:d7:75:d5:f4:f4:19:35:3c:16:e5:e6:
         21:93:48:72:7d:ba:4b:4a:b3:21:ea:4f:1a:a6:16:65:cc:a9:
         df:cf:fa:2e:aa:46:32:ee:51:7e:b1:a8:17:a5:54:57:25:15:
         b2:e0:39:48:a5:be:56:9f:ed:44:a9:d6:0a:a5:72:39:64:02:
         b7:7b:54:45:62:db:3b:1e:6d:a9:c6:92:44:4f:3d:b7:72:2c:
         1c:03:cf:6c:48:1f:72:05:78:bb:76:53:a3:77:27:4a:e8:ff:
         37:10:2f:d1:76:3e:36:20:55:b3:e2:66:41:ff:a8:c2:fd:5a:
         48:89:74:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92gpN4ji7/8p0FE9GOGLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjMwZDE0MmVlYzdmNmE5OWIwZGI0MDk2ZjkzYTA0MjA0
ODNmZTYwHhcNMjUxMDE5MTkwMjI4WhcNMjUxMDIwMTkwMjI4WjAzMTEwLwYDVQQD
EyhhYWE0ZmVhNzUzYzQ2YjdjYjI4YmQ0ZjU2ZTczMWIyOGY3ZmEwYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GFgeCm+9NAGFsxjD7bdwWe+JkJu
/pHfAu1T71HE6PeAAPwkpsITGzMBULJsqzbaG/zmfD32zxrdA9e+2PYnH5MyYXAA
jqxkZhm6Mx4u9Pz+y4LdsCdPTnpx85gx5gDFfdYpi8zDcKx9QrbQ48v9yU8V8sIn
LcEEKxyfS9jUlZpEJqBMxPp/4bPly74g96WryHBF+7ZQZxfSCcCDEk6tenYIi7ZM
LYisoWMd2w4BDrxx0NF5ww4iAL/grZbcYxdS5zGazESUySIs4A/j8vJBZThBCFT3
tUkjAhKoTummM/fIK9fSWd8bPekbogxmvgo0hQUs9bMXU8Vfgf1PMARDXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqk/qdTxGt8sovU9W5zGyj3+gssMB8GA1UdIwQY
MBaAFHQjDRQu7H9qmbDbQJb5OgQgSD/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQt
Y2UxYzAzNDAwZDRkLzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQtY2UxYzAzNDAwZDRk
LzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAausBzdol
VEDHbp5lv6OJF/Fun65MS090LMyvqSftQXhewnuGnItaQPbc8g9Qgg2/8HKVqyPN
SyOSXth6yZGuBrGisL3lvl7LDMsjcce5lprEHvvIKGZJnnOViOwHdQwv1aVj6pKt
S2i1KObd6OgxVOWzzYzHeZSzWYVC2TcIBN5WVMIzW9d11fT0GTU8FuXmIZNIcn26
S0qzIepPGqYWZcyp38/6LqpGMu5RfrGoF6VUVyUVsuA5SKW+Vp/tRKnWCqVyOWQC
t3tURWLbOx5tqcaSRE89t3IsHAPPbEgfcgV4u3ZTo3cnSuj/NxAv0XY+NiBVs+Jm
Qf+owv1aSIl0vA==
-----END CERTIFICATE-----