Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          dWNFrTWbQ94smTi42QdL27OOEhPBOYGSOA85M4IZ3G4=
Subject key identifier:   C4:99:13:FC:CB:84:D7:45:50:E7:73:47:14:98:BF:9A:11:28:11:CE
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       0199FBEAE6D96271715816BD11D89CF14423
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          1670
Signing time:             Sun 19 Oct 2025 10:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:39 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: Hw4V6Nl7+TIndFUBY/DTh4rbuifr8MJetIU3Ud2GVzQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:e6:d9:62:71:71:58:16:bd:11:d8:9c:f1:44:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Oct 19 10:01:39 2025 GMT
            Not After : Oct 20 10:01:39 2025 GMT
        Subject: CN=c49913fccb84d74550e773471498bf9a112811ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:58:cd:ec:cb:01:d4:fe:9e:48:5f:bf:6b:bb:
                    a6:d7:bb:ab:e7:18:65:36:a7:c1:3d:81:44:0e:0b:
                    3d:ea:1e:f0:e0:90:30:84:73:01:87:6c:84:b1:c1:
                    cf:7c:b4:4b:3e:e9:3b:1d:ec:f1:f0:8d:d8:9a:00:
                    b0:c1:bd:17:fd:19:77:3e:e5:6b:fb:11:39:c8:fd:
                    a1:4c:d2:ac:8a:01:94:bb:dc:57:48:94:6a:1d:41:
                    dc:92:a8:53:f9:33:80:8f:7c:85:67:c6:96:3a:c8:
                    4e:f3:7e:e6:40:01:d7:b0:0e:ef:42:60:a9:d7:4c:
                    0d:ba:2d:a4:55:8a:a1:70:1c:62:9c:77:60:56:b9:
                    c4:76:15:fb:84:16:49:ed:0f:e4:79:a9:ab:4f:6d:
                    23:15:9d:64:5b:ac:27:c6:45:ee:70:bc:a7:b8:2d:
                    3a:95:f0:fd:c8:cd:2c:a5:c6:aa:3a:3c:20:0e:f5:
                    0c:cd:60:0d:ff:87:d2:0e:09:75:c7:0d:8c:04:3c:
                    ed:f8:35:19:73:52:d2:57:6e:c0:ea:4c:aa:27:a3:
                    61:fe:cc:66:26:86:56:3c:b8:8a:f6:c3:31:6e:c2:
                    51:dc:9d:0b:92:a2:9a:b4:50:e2:b8:7d:06:77:30:
                    de:42:7e:ad:7c:fe:d0:99:20:da:54:9c:06:28:2c:
                    0d:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:99:13:FC:CB:84:D7:45:50:E7:73:47:14:98:BF:9A:11:28:11:CE
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ce:7a:87:e7:e2:2c:bb:05:08:23:c9:5a:ed:8e:d2:09:12:b6:
         d5:2f:ed:c6:c3:11:f7:53:78:5e:c8:c6:5a:88:98:f2:f5:b7:
         25:cd:80:59:24:b0:48:56:45:f0:2e:c9:1d:ad:b8:08:bf:8f:
         35:82:67:c8:20:fc:15:18:ea:c7:1f:cc:b4:53:0f:10:e4:b7:
         db:fd:92:6e:8c:57:05:2a:c2:38:12:d4:2b:bb:c4:bd:a2:dd:
         81:50:67:2f:7e:02:bd:d2:ff:97:b0:a9:eb:67:c5:31:ec:fd:
         8a:76:98:ab:33:26:d6:da:8d:73:18:5f:44:6b:b3:18:bc:46:
         d1:75:6b:22:7e:e3:8e:74:42:f7:91:09:fa:c1:68:04:37:0f:
         d1:0e:2e:80:22:49:f4:a3:6d:17:b0:34:4b:23:06:a3:6e:2f:
         71:5d:7e:26:e9:e5:35:b9:ca:96:f5:1b:0a:9b:7a:60:07:9d:
         b4:d4:6f:06:a4:5e:fd:2a:52:9d:ad:63:8d:cc:b7:08:71:88:
         4e:89:07:c5:48:71:be:c6:f1:5d:7f:95:eb:8c:10:26:20:b4:
         91:1a:b6:2d:65:b6:96:d6:61:6e:9f:ec:3a:ba:1a:52:af:01:
         46:ba:77:9f:2f:fe:e9:f9:25:0e:fc:d2:13:4d:ab:5a:59:88:
         9e:63:70:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76ubZYnFxWBa9Edic8UQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjUxMDE5MTAwMTM5WhcNMjUxMDIwMTAwMTM5WjAzMTEwLwYDVQQD
EyhjNDk5MTNmY2NiODRkNzQ1NTBlNzczNDcxNDk4YmY5YTExMjgxMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1jN7MsB1P6eSF+/a7um17ur5xhl
NqfBPYFEDgs96h7w4JAwhHMBh2yEscHPfLRLPuk7Hezx8I3YmgCwwb0X/Rl3PuVr
+xE5yP2hTNKsigGUu9xXSJRqHUHckqhT+TOAj3yFZ8aWOshO837mQAHXsA7vQmCp
10wNui2kVYqhcBxinHdgVrnEdhX7hBZJ7Q/keamrT20jFZ1kW6wnxkXucLynuC06
lfD9yM0spcaqOjwgDvUMzWAN/4fSDgl1xw2MBDzt+DUZc1LSV27A6kyqJ6Nh/sxm
JoZWPLiK9sMxbsJR3J0LkqKatFDiuH0GdzDeQn6tfP7QmSDaVJwGKCwNlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMSZE/zLhNdFUOdzRxSYv5oRKBHOMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAznqH5+Is
uwUII8la7Y7SCRK21S/txsMR91N4XsjGWoiY8vW3Jc2AWSSwSFZF8C7JHa24CL+P
NYJnyCD8FRjqxx/MtFMPEOS32/2SboxXBSrCOBLUK7vEvaLdgVBnL34CvdL/l7Cp
62fFMez9inaYqzMm1tqNcxhfRGuzGLxG0XVrIn7jjnRC95EJ+sFoBDcP0Q4ugCJJ
9KNtF7A0SyMGo24vcV1+JunlNbnKlvUbCpt6YAedtNRvBqRe/SpSna1jjcy3CHGI
TokHxUhxvsbxXX+V64wQJiC0kRq2LWW2ltZhbp/sOroaUq8BRrp3ny/+6fklDvzS
E02rWlmInmNwIA==
-----END CERTIFICATE-----