Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
File:                     DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft (raw, json)
Hash identifier:          HhJotBiJR7Y7wVdKRkXMR5nTA4xASyTNJmnG8ae6+Q4=
Subject key identifier:   ED:48:1B:02:BB:42:66:90:76:47:6B:C8:25:4A:DE:26:5F:67:1C:85
Authority key identifier: 0C:87:4A:5F:52:73:4E:26:0E:7B:FA:4D:45:11:4A:DD:92:77:E3:53
Certificate issuer:       /CN=0c874a5f52734e260e7bfa4d45114add9277e353
Certificate serial:       0199FBEBE14623D44E47EE9FAF22F7CA5A6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
Manifest number:          08CE
Signing time:             Sun 19 Oct 2025 10:02:43 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:43 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:43 +0000
Files and hashes:         1: DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl (hash: psVl74G/JwmpUDaMRQNllzx8TaZsm1K9UTDnGKzCx8k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:e1:46:23:d4:4e:47:ee:9f:af:22:f7:ca:5a:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c874a5f52734e260e7bfa4d45114add9277e353
        Validity
            Not Before: Oct 19 10:02:43 2025 GMT
            Not After : Oct 20 10:02:43 2025 GMT
        Subject: CN=ed481b02bb42669076476bc8254ade265f671c85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4e:05:42:08:fa:b9:2b:de:f8:d7:fa:bc:57:
                    3a:a1:f4:2a:a1:e8:34:0e:a6:c2:41:10:dc:9a:4f:
                    40:18:db:78:57:03:73:21:f4:0f:1a:13:d5:45:ec:
                    c6:c2:81:95:59:c5:0e:97:50:d8:8e:52:46:b0:c6:
                    0e:48:b5:76:4f:44:a2:3e:02:41:94:b8:26:8a:1d:
                    06:d0:ee:c0:2b:17:89:81:a2:08:df:e9:35:bb:44:
                    b0:ca:a8:fe:ad:16:76:70:07:0f:65:e1:63:f8:41:
                    7d:ca:00:e7:67:89:fc:75:a1:1e:c0:c7:f2:d4:ad:
                    4b:4c:cf:16:a9:9d:60:6a:cd:1a:2d:93:64:3a:61:
                    71:fb:e3:54:0c:e9:b7:f8:3f:e3:5c:6a:0d:7b:cc:
                    98:e3:09:4c:64:85:b7:2a:2f:3e:1e:34:9a:79:45:
                    f4:78:7f:0a:0b:4b:ca:3a:92:50:7f:33:06:31:41:
                    74:20:00:b3:2d:52:38:9a:94:9f:26:86:f6:62:01:
                    53:f2:25:e0:94:df:be:ba:45:3a:f2:20:c7:1b:0d:
                    29:41:ab:b1:96:e0:f5:0e:8e:fb:1b:78:1d:96:aa:
                    e0:1e:d3:f0:2d:cf:8f:91:1b:26:0b:0b:73:5e:82:
                    4a:d1:16:68:75:b5:a8:bf:93:51:ff:d4:cd:44:52:
                    71:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:48:1B:02:BB:42:66:90:76:47:6B:C8:25:4A:DE:26:5F:67:1C:85
            X509v3 Authority Key Identifier:
                keyid:0C:87:4A:5F:52:73:4E:26:0E:7B:FA:4D:45:11:4A:DD:92:77:E3:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:e1:23:9a:80:d8:94:76:49:0e:8d:9b:e3:42:54:48:4e:c9:
         ad:b8:64:fe:6f:ee:59:f6:bb:5f:fd:a2:6b:24:77:ac:c8:25:
         8d:3c:f6:8b:b5:1d:85:a5:63:c9:d5:d8:93:c3:5c:e9:24:b0:
         31:b0:f5:cf:7d:12:3d:bc:35:f9:d1:75:1f:27:5a:94:6a:36:
         d8:c9:0c:8a:e9:98:d8:39:be:92:1e:54:f4:4e:56:ab:14:b8:
         ca:e3:80:e2:41:c9:44:54:28:55:c1:13:2a:d5:c7:b2:3e:07:
         e5:bf:d1:79:7a:75:60:90:d9:3b:e5:8c:1a:0e:a0:2e:c6:cf:
         9e:13:8d:98:6e:a8:f4:4b:1b:d0:97:27:ea:38:7b:ce:4d:d6:
         0d:29:43:7b:ae:72:fc:0d:38:37:43:d6:a1:e8:73:16:66:d6:
         71:93:6d:c0:49:09:4c:95:07:a5:7e:cc:65:0b:3e:d0:c0:06:
         a7:6b:08:36:fa:cb:d0:b5:e1:8f:b8:91:77:9d:ed:4a:6d:d5:
         eb:b1:97:35:34:1a:95:d5:4f:6a:4b:aa:3c:50:90:62:d4:05:
         20:5d:48:2d:9e:c9:d3:78:47:04:df:a0:75:de:35:21:32:ca:
         e3:f1:cf:d7:00:ff:03:54:92:75:55:e7:ea:9d:f3:e3:7c:ff:
         e7:7b:18:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76+FGI9ROR+6fryL3ylptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjODc0YTVmNTI3MzRlMjYwZTdiZmE0ZDQ1MTE0YWRkOTI3
N2UzNTMwHhcNMjUxMDE5MTAwMjQzWhcNMjUxMDIwMTAwMjQzWjAzMTEwLwYDVQQD
EyhlZDQ4MWIwMmJiNDI2NjkwNzY0NzZiYzgyNTRhZGUyNjVmNjcxYzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr04FQgj6uSve+Nf6vFc6ofQqoeg0
DqbCQRDcmk9AGNt4VwNzIfQPGhPVRezGwoGVWcUOl1DYjlJGsMYOSLV2T0SiPgJB
lLgmih0G0O7AKxeJgaII3+k1u0Swyqj+rRZ2cAcPZeFj+EF9ygDnZ4n8daEewMfy
1K1LTM8WqZ1gas0aLZNkOmFx++NUDOm3+D/jXGoNe8yY4wlMZIW3Ki8+HjSaeUX0
eH8KC0vKOpJQfzMGMUF0IACzLVI4mpSfJob2YgFT8iXglN++ukU68iDHGw0pQaux
luD1Do77G3gdlqrgHtPwLc+PkRsmCwtzXoJK0RZodbWov5NR/9TNRFJxIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1IGwK7QmaQdkdryCVK3iZfZxyFMB8GA1UdIwQY
MBaAFAyHSl9Sc04mDnv6TUURSt2Sd+NTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81M2I0ODktYWI0OC00OWZlLTlkMDEt
YTBlMzdmMjVhNTE1LzEvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81M2I0ODktYWI0OC00OWZlLTlkMDEtYTBlMzdmMjVhNTE1
LzEvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJOEjmoDY
lHZJDo2b40JUSE7Jrbhk/m/uWfa7X/2iayR3rMgljTz2i7UdhaVjydXYk8Nc6SSw
MbD1z30SPbw1+dF1HydalGo22MkMiumY2Dm+kh5U9E5WqxS4yuOA4kHJRFQoVcET
KtXHsj4H5b/ReXp1YJDZO+WMGg6gLsbPnhONmG6o9Esb0Jcn6jh7zk3WDSlDe65y
/A04N0PWoehzFmbWcZNtwEkJTJUHpX7MZQs+0MAGp2sINvrL0LXhj7iRd53tSm3V
67GXNTQaldVPakuqPFCQYtQFIF1ILZ7J03hHBN+gdd41ITLK4/HP1wD/A1SSdVXn
6p3z43z/53sYhQ==
-----END CERTIFICATE-----