Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          aJiKwCvyLCUz+tdiWuCwMykqiSdvwJaJEJ3Y8QZ+2HY=
Subject key identifier:   E4:E6:82:96:76:3B:61:87:76:43:95:27:3F:08:9D:CC:4E:1D:47:97
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       0198D4727AE53448E3804CCE03F6EFAA5124
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          11D8
Signing time:             Sat 23 Aug 2025 01:02:08 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:08 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:08 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: VwCva/bhSZh+I35tYMC4dOohWvZOyLpsAIyPHlBDAdY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:7a:e5:34:48:e3:80:4c:ce:03:f6:ef:aa:51:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Aug 23 01:02:08 2025 GMT
            Not After : Aug 24 01:02:08 2025 GMT
        Subject: CN=e4e68296763b6187764395273f089dcc4e1d4797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:2d:d7:ef:72:01:49:d7:7f:95:e9:ba:03:0b:
                    0d:e8:13:26:3d:66:de:36:14:6b:61:db:ba:30:17:
                    8e:c3:01:00:e6:ec:4b:bc:ab:c9:e5:cb:55:10:d2:
                    dd:81:23:66:46:ab:26:2e:aa:a0:f3:92:42:22:22:
                    50:e3:a0:8a:a5:d5:e2:96:99:cd:36:70:15:69:d9:
                    b1:40:ba:48:b5:a8:15:b2:84:12:6c:1b:2f:4a:e7:
                    1a:5f:7e:0d:bc:7c:5b:10:ee:f9:e9:4c:09:99:d0:
                    00:3e:12:47:1c:8a:f2:71:7c:a9:0a:a9:d7:42:b9:
                    63:eb:56:59:59:4e:08:1c:98:eb:d0:69:a4:fb:0e:
                    8b:01:65:47:f9:71:2f:8e:8f:ae:f9:14:95:aa:8e:
                    7b:60:57:de:97:ee:90:90:1f:f9:58:af:10:00:ad:
                    07:6f:0d:3b:74:99:0e:14:e6:48:13:1c:3b:24:d1:
                    ab:e6:df:c0:00:e9:b3:2d:18:ba:ae:36:22:37:f6:
                    9e:85:48:05:b7:20:15:04:66:cb:8d:c3:8e:ed:d9:
                    be:4a:12:9b:db:b7:c0:b8:dc:b0:c3:e8:99:fa:b0:
                    9e:4b:43:2c:35:03:5b:21:12:8a:e0:c2:4f:b4:f1:
                    e0:b2:f3:5b:44:5c:fb:05:f2:90:97:75:be:f1:cc:
                    8c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:E6:82:96:76:3B:61:87:76:43:95:27:3F:08:9D:CC:4E:1D:47:97
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:1b:2f:8a:ec:26:41:66:32:70:aa:80:cd:1f:49:64:4c:57:
         d9:ab:9d:8d:1a:89:7c:44:d5:fc:eb:b2:64:67:2c:e2:9a:c2:
         ee:44:94:10:ae:d2:3b:c0:de:84:c8:d7:6e:6c:95:fc:30:bc:
         af:e3:f7:7b:5b:b6:e5:e3:1b:8b:12:9f:66:e8:0e:70:3f:49:
         bb:5d:8e:ea:e3:76:4a:d3:72:50:c9:9a:74:08:f9:67:14:64:
         8b:7b:85:d1:af:80:d2:42:4d:28:1e:01:df:e0:17:96:33:0c:
         f6:7c:68:60:84:fe:d4:5e:72:d5:2c:45:a1:a3:b2:a9:08:4c:
         70:81:08:2e:f4:0a:e3:3e:a5:97:1f:e5:a9:c6:a4:52:57:24:
         32:ab:29:f8:01:2e:49:0f:9d:f4:fe:85:9f:28:0a:6a:88:42:
         f6:97:2a:5b:c2:f8:18:9f:f9:1d:dc:6b:66:25:e5:81:cf:ac:
         ca:c8:c1:b8:ed:ef:ab:b8:7f:82:cd:ad:42:67:cf:be:ed:4e:
         48:d5:ea:3e:40:a4:3d:0f:67:87:e4:22:85:66:a9:50:f0:8b:
         9d:31:53:5c:2c:ff:f2:48:e9:f1:20:5e:65:f1:65:ef:7e:f8:
         de:b3:01:e5:a4:e2:d9:e2:c3:55:97:a4:5f:b5:c1:aa:2e:e3:
         ce:88:93:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcnrlNEjjgEzOA/bvqlEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUwODIzMDEwMjA4WhcNMjUwODI0MDEwMjA4WjAzMTEwLwYDVQQD
EyhlNGU2ODI5Njc2M2I2MTg3NzY0Mzk1MjczZjA4OWRjYzRlMWQ0Nzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmS3X73IBSdd/lem6AwsN6BMmPWbe
NhRrYdu6MBeOwwEA5uxLvKvJ5ctVENLdgSNmRqsmLqqg85JCIiJQ46CKpdXilpnN
NnAVadmxQLpItagVsoQSbBsvSucaX34NvHxbEO756UwJmdAAPhJHHIrycXypCqnX
Qrlj61ZZWU4IHJjr0Gmk+w6LAWVH+XEvjo+u+RSVqo57YFfel+6QkB/5WK8QAK0H
bw07dJkOFOZIExw7JNGr5t/AAOmzLRi6rjYiN/aehUgFtyAVBGbLjcOO7dm+ShKb
27fAuNyww+iZ+rCeS0MsNQNbIRKK4MJPtPHgsvNbRFz7BfKQl3W+8cyMNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOTmgpZ2O2GHdkOVJz8IncxOHUeXMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaRsviuwm
QWYycKqAzR9JZExX2audjRqJfETV/OuyZGcs4prC7kSUEK7SO8DehMjXbmyV/DC8
r+P3e1u25eMbixKfZugOcD9Ju12O6uN2StNyUMmadAj5ZxRki3uF0a+A0kJNKB4B
3+AXljMM9nxoYIT+1F5y1SxFoaOyqQhMcIEILvQK4z6llx/lqcakUlckMqsp+AEu
SQ+d9P6FnygKaohC9pcqW8L4GJ/5HdxrZiXlgc+sysjBuO3vq7h/gs2tQmfPvu1O
SNXqPkCkPQ9nh+QihWapUPCLnTFTXCz/8kjp8SBeZfFl73743rMB5aTi2eLDVZek
X7XBqi7jzoiTQw==
-----END CERTIFICATE-----