Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
File:                     PbbHfudmfXoeivbnKly0P5_DSA4.mft (raw, json)
Hash identifier:          DmxpTZS68DNY6LVRScYbad9VUu0S0A2y6vVbNUfLVzI=
Subject key identifier:   B0:33:DE:11:CC:9C:C0:96:9D:14:65:CE:84:35:6F:31:E0:D5:D0:62
Authority key identifier: 3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E
Certificate issuer:       /CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
Certificate serial:       0199FB7CF40FC3F602433C535B5F68A4F163
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
Manifest number:          014C
Signing time:             Sun 19 Oct 2025 08:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:33 +0000
Files and hashes:         1: PbbHfudmfXoeivbnKly0P5_DSA4.crl (hash: bRAhw3uf4wCyvip95cewzrs+x1Mrt3sM0DqAMRxTQVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:f4:0f:c3:f6:02:43:3c:53:5b:5f:68:a4:f1:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
        Validity
            Not Before: Oct 19 08:01:33 2025 GMT
            Not After : Oct 20 08:01:33 2025 GMT
        Subject: CN=b033de11cc9cc0969d1465ce84356f31e0d5d062
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:d6:44:e7:f0:b8:ce:cb:3c:44:31:8a:90:21:
                    32:51:8e:41:9a:a9:97:5c:f5:dd:34:68:f2:57:76:
                    2b:c5:e3:ba:83:a4:d2:32:43:b7:13:29:92:a4:6f:
                    23:86:82:d1:c7:44:3d:b1:95:49:ac:8e:ec:e9:14:
                    45:49:26:dd:a4:77:dc:30:ac:43:0a:42:80:61:ee:
                    14:e9:64:bc:47:2b:fa:bc:20:61:2a:41:f2:10:4c:
                    3f:c9:b6:20:b3:3a:3c:27:b0:7c:45:75:03:32:b5:
                    66:15:3e:00:8d:90:a8:1c:c3:85:e0:10:5e:7c:2b:
                    d0:2c:c1:19:fb:fb:df:9c:53:93:05:d0:63:3c:47:
                    52:c0:d8:1c:25:93:0e:ac:05:58:0e:82:eb:7d:50:
                    7e:72:06:b4:3c:c3:a1:be:55:41:d3:12:d5:83:3b:
                    b5:09:36:59:93:6a:da:ef:a9:b1:8e:d9:bb:de:ab:
                    cb:d4:b8:4a:51:26:a8:69:65:d4:08:1c:cb:56:4e:
                    1d:f0:b3:ba:bd:18:d0:33:da:41:c8:2e:34:8e:f0:
                    f7:0b:7c:f4:74:b7:b5:21:f5:ce:9c:e6:22:e8:13:
                    43:6a:6e:58:82:1c:0d:b8:4a:27:3f:07:02:0b:59:
                    12:0a:24:68:cf:71:62:2d:b1:70:f8:6e:ef:e8:45:
                    7d:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:33:DE:11:CC:9C:C0:96:9D:14:65:CE:84:35:6F:31:E0:D5:D0:62
            X509v3 Authority Key Identifier:
                keyid:3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:c4:68:01:3a:c0:55:b4:28:9f:69:df:99:a4:3e:b9:06:c8:
         13:ac:e1:bd:3a:ea:92:8d:65:8a:14:35:5c:9a:ec:65:6f:30:
         0f:72:f9:d4:fa:2c:49:2f:4e:5d:e4:bb:39:a3:16:e4:7b:64:
         ad:6a:2e:4b:51:65:69:73:0b:ca:dc:bd:3e:5e:2b:8e:67:05:
         48:07:ee:da:22:24:28:06:e9:ce:16:1f:01:ba:f5:0d:73:d0:
         26:60:3a:be:52:a6:e0:c4:bb:fc:04:7b:65:f0:67:ac:9e:ce:
         a7:f8:15:ed:64:2c:e3:17:5b:91:fa:b7:a3:33:aa:9f:41:2b:
         04:05:1c:89:31:24:0c:db:79:22:8b:75:ae:ab:ec:f2:58:a7:
         ec:f9:57:92:42:a4:75:9d:90:63:14:10:be:1f:2b:02:39:db:
         0b:37:a5:71:26:9c:0d:6f:49:f8:33:d6:d6:05:bb:bc:04:3f:
         3a:dc:19:64:1a:d2:65:87:7a:d7:17:05:52:86:c7:8f:14:66:
         8c:18:99:02:0f:f6:fd:04:3b:e9:a3:cc:b1:77:37:4b:86:e0:
         e3:80:e7:72:d0:0c:8c:6f:b8:cf:80:e0:d5:63:b9:2a:4d:39:
         f1:d0:53:11:9c:bd:40:6d:9c:f8:23:c4:17:5d:a5:29:c0:3b:
         96:66:42:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fPQPw/YCQzxTW19opPFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZjNzdlZTc2NjdkN2ExZThhZjZlNzJhNWNiNDNmOWZj
MzQ4MGUwHhcNMjUxMDE5MDgwMTMzWhcNMjUxMDIwMDgwMTMzWjAzMTEwLwYDVQQD
EyhiMDMzZGUxMWNjOWNjMDk2OWQxNDY1Y2U4NDM1NmYzMWUwZDVkMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dZE5/C4zss8RDGKkCEyUY5BmqmX
XPXdNGjyV3YrxeO6g6TSMkO3EymSpG8jhoLRx0Q9sZVJrI7s6RRFSSbdpHfcMKxD
CkKAYe4U6WS8Ryv6vCBhKkHyEEw/ybYgszo8J7B8RXUDMrVmFT4AjZCoHMOF4BBe
fCvQLMEZ+/vfnFOTBdBjPEdSwNgcJZMOrAVYDoLrfVB+cga0PMOhvlVB0xLVgzu1
CTZZk2ra76mxjtm73qvL1LhKUSaoaWXUCBzLVk4d8LO6vRjQM9pByC40jvD3C3z0
dLe1IfXOnOYi6BNDam5YghwNuEonPwcCC1kSCiRoz3FiLbFw+G7v6EV9zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAz3hHMnMCWnRRlzoQ1bzHg1dBiMB8GA1UdIwQY
MBaAFD22x37nZn16Hor25ypctD+fw0gOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYt
ZGY2YmRhMzg5OTA1LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYtZGY2YmRhMzg5OTA1
LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPsRoATrA
VbQon2nfmaQ+uQbIE6zhvTrqko1lihQ1XJrsZW8wD3L51PosSS9OXeS7OaMW5Htk
rWouS1FlaXMLyty9Pl4rjmcFSAfu2iIkKAbpzhYfAbr1DXPQJmA6vlKm4MS7/AR7
ZfBnrJ7Op/gV7WQs4xdbkfq3ozOqn0ErBAUciTEkDNt5Iot1rqvs8lin7PlXkkKk
dZ2QYxQQvh8rAjnbCzelcSacDW9J+DPW1gW7vAQ/OtwZZBrSZYd61xcFUobHjxRm
jBiZAg/2/QQ76aPMsXc3S4bg44DnctAMjG+4z4Dg1WO5Kk058dBTEZy9QG2c+CPE
F12lKcA7lmZCsw==
-----END CERTIFICATE-----