Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
File:                     DXtk3YGIxSbrXrReqB6mqK-cWek.mft (raw, json)
Hash identifier:          agxgvJpHxp8D8THg9wza3ge8ehfbcEbZ5oega3R/h+E=
Subject key identifier:   74:63:FD:5E:E7:2F:8C:DF:96:8A:45:2A:65:C6:22:B5:A5:02:21:87
Authority key identifier: 0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9
Certificate issuer:       /CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
Certificate serial:       0198D4DFFE7EB9A68F9102B1CF9F8EDC7B0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
Manifest number:          02CF
Signing time:             Sat 23 Aug 2025 03:01:46 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:46 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:46 +0000
Files and hashes:         1: DXtk3YGIxSbrXrReqB6mqK-cWek.crl (hash: n5HJRyT9d/q3HxeDhR3na4ascXfjO9ikf0VE6eDsSlA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:fe:7e:b9:a6:8f:91:02:b1:cf:9f:8e:dc:7b:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
        Validity
            Not Before: Aug 23 03:01:46 2025 GMT
            Not After : Aug 24 03:01:46 2025 GMT
        Subject: CN=7463fd5ee72f8cdf968a452a65c622b5a5022187
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e6:f9:54:d7:be:4b:c7:c6:d2:b1:99:de:38:
                    db:9d:af:a1:9b:f4:1d:be:7f:ee:22:2a:e3:a7:d7:
                    c3:a9:de:e3:e7:8d:45:0e:12:32:c7:86:a7:64:12:
                    e0:4e:bf:6e:28:eb:be:a7:a5:2f:8c:92:4b:b4:a5:
                    c2:94:c5:69:2b:f9:09:55:5e:97:58:11:c1:af:de:
                    1e:14:56:69:dd:31:a2:68:2e:48:e8:b3:9f:8e:ad:
                    3b:35:93:f9:01:88:c3:41:3b:9d:6f:6e:ca:36:7b:
                    46:bd:36:e6:17:b0:e1:29:f2:a8:c9:e7:4b:3f:e4:
                    66:93:ca:3c:0a:d1:66:f7:58:c4:85:b4:12:74:aa:
                    7d:b8:77:cb:92:f8:85:13:cb:da:fe:f7:3b:f6:17:
                    88:f0:18:a3:58:6c:72:76:fd:b9:db:1f:94:7e:80:
                    a8:2d:8a:ee:04:3b:2c:7d:2c:c7:64:c0:5e:c6:fc:
                    33:79:6e:1c:0d:cc:59:83:4f:ce:1d:4e:41:61:45:
                    c4:8e:fc:39:66:9a:ec:93:cb:e8:73:b4:3c:8a:fd:
                    be:4d:56:fd:d2:e3:e1:f9:1f:8e:1d:39:83:dc:16:
                    25:5b:ef:18:14:e4:d8:bc:88:3b:1d:cb:4f:57:ff:
                    a2:7d:90:02:2a:6b:d5:4b:2a:52:6d:16:25:4e:32:
                    71:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:63:FD:5E:E7:2F:8C:DF:96:8A:45:2A:65:C6:22:B5:A5:02:21:87
            X509v3 Authority Key Identifier:
                keyid:0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:f7:0d:39:c0:52:ef:a5:e3:18:43:6e:df:53:79:76:1b:e6:
         32:06:eb:e5:43:e2:ce:d3:82:f4:f6:cc:0d:e2:db:1b:8f:a4:
         79:0b:a4:fe:b7:ac:36:83:8e:1c:04:6e:39:65:51:c8:6e:25:
         d7:b9:55:a1:a6:df:2b:6c:d4:e2:21:ed:03:01:94:a8:8e:15:
         0c:a1:1d:80:2b:41:81:87:d9:0a:1c:69:bf:1c:ba:d8:1c:58:
         17:bf:ea:1f:23:7a:85:e9:30:32:3b:7a:7b:23:13:3b:37:ec:
         17:ad:53:4c:9a:97:5d:82:e3:8e:8b:77:d0:90:30:77:6f:31:
         da:a2:b2:26:89:c7:33:f5:b5:9f:ed:ee:f6:28:65:89:c3:a1:
         33:6c:15:d3:97:eb:dd:2b:70:bc:f7:c7:e9:02:b3:3b:0a:48:
         e8:54:69:0d:90:26:7f:f4:e0:1e:57:41:67:75:95:3f:0c:8d:
         aa:fb:62:63:75:88:4a:57:54:69:c1:13:66:46:3f:95:55:f4:
         54:dd:da:93:61:2b:09:86:44:48:30:44:0c:d1:e1:da:5b:f9:
         ee:46:17:b8:e1:95:bc:ef:0b:92:90:18:46:dc:53:44:a5:3a:
         b1:75:d5:72:b4:14:6d:dd:db:75:ef:f2:61:fb:bf:10:7b:c7:
         b7:35:38:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3/5+uaaPkQKxz5+O3HsKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkN2I2NGRkODE4OGM1MjZlYjVlYjQ1ZWE4MWVhNmE4YWY5
YzU5ZTkwHhcNMjUwODIzMDMwMTQ2WhcNMjUwODI0MDMwMTQ2WjAzMTEwLwYDVQQD
Eyg3NDYzZmQ1ZWU3MmY4Y2RmOTY4YTQ1MmE2NWM2MjJiNWE1MDIyMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOb5VNe+S8fG0rGZ3jjbna+hm/Qd
vn/uIirjp9fDqd7j541FDhIyx4anZBLgTr9uKOu+p6UvjJJLtKXClMVpK/kJVV6X
WBHBr94eFFZp3TGiaC5I6LOfjq07NZP5AYjDQTudb27KNntGvTbmF7DhKfKoyedL
P+Rmk8o8CtFm91jEhbQSdKp9uHfLkviFE8va/vc79heI8BijWGxydv252x+UfoCo
LYruBDssfSzHZMBexvwzeW4cDcxZg0/OHU5BYUXEjvw5Zprsk8voc7Q8iv2+TVb9
0uPh+R+OHTmD3BYlW+8YFOTYvIg7HctPV/+ifZACKmvVSypSbRYlTjJxoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRj/V7nL4zflopFKmXGIrWlAiGHMB8GA1UdIwQY
MBaAFA17ZN2BiMUm6160XqgepqivnFnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgt
MzNkMzEyOTNmMGUxLzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgtMzNkMzEyOTNmMGUx
LzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbPcNOcBS
76XjGENu31N5dhvmMgbr5UPiztOC9PbMDeLbG4+keQuk/resNoOOHARuOWVRyG4l
17lVoabfK2zU4iHtAwGUqI4VDKEdgCtBgYfZChxpvxy62BxYF7/qHyN6hekwMjt6
eyMTOzfsF61TTJqXXYLjjot30JAwd28x2qKyJonHM/W1n+3u9ihlicOhM2wV05fr
3StwvPfH6QKzOwpI6FRpDZAmf/TgHldBZ3WVPwyNqvtiY3WISldUacETZkY/lVX0
VN3ak2ErCYZESDBEDNHh2lv57kYXuOGVvO8LkpAYRtxTRKU6sXXVcrQUbd3bde/y
Yfu/EHvHtzU4Gg==
-----END CERTIFICATE-----