Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
File:                     dGMPFkhbT5M4X5So7HEArUjF_FA.mft (raw, json)
Hash identifier:          YTCr2KiyiEu1U2UWO8k6yvPTEjLjrZER7iBoQ+dusPI=
Subject key identifier:   68:64:7B:64:11:D3:D5:BB:82:F1:04:96:91:CF:E7:2A:E5:4D:62:42
Authority key identifier: 74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50
Certificate issuer:       /CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
Certificate serial:       0199FBEAE8FF29C7C91D9617B55BB4D4F8DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
Manifest number:          0E1A
Signing time:             Sun 19 Oct 2025 10:01:40 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:40 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:40 +0000
Files and hashes:         1: dGMPFkhbT5M4X5So7HEArUjF_FA.crl (hash: e1rwKVWuuKoLFxC07duTQRespFXl06FSGdsco470gJY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:e8:ff:29:c7:c9:1d:96:17:b5:5b:b4:d4:f8:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
        Validity
            Not Before: Oct 19 10:01:40 2025 GMT
            Not After : Oct 20 10:01:40 2025 GMT
        Subject: CN=68647b6411d3d5bb82f1049691cfe72ae54d6242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:76:61:0c:a0:c2:9c:9d:7d:a1:55:a2:2f:60:
                    3c:44:18:84:8a:72:86:70:8c:ac:c4:4c:53:6f:ac:
                    cd:2f:b1:50:64:ae:26:00:50:af:23:f2:01:46:05:
                    90:4c:34:4b:b1:2f:f6:e4:10:7c:df:d7:89:69:83:
                    4f:82:02:db:90:8e:d4:76:c4:d0:7b:e0:74:7c:de:
                    5c:9a:1a:e4:f6:5e:a9:6b:d9:cf:89:f2:e2:5a:33:
                    eb:a6:31:ad:55:f7:b9:5e:ff:11:a9:05:08:c0:02:
                    5c:2e:e0:9f:2b:ca:2b:2a:d3:9c:ce:0b:66:ed:83:
                    ac:1b:57:bb:19:29:c3:ac:59:56:6b:2f:b4:39:18:
                    9d:18:14:bd:58:bd:4d:63:ef:4f:0a:36:c8:f1:4d:
                    db:1e:e1:a7:c1:e9:cb:c3:a7:d0:23:32:55:5c:ab:
                    78:54:c6:a6:83:b8:bf:23:09:32:43:94:b3:65:38:
                    fd:a1:d3:30:23:f9:e0:0c:db:20:ce:88:8c:46:d4:
                    2c:ed:95:c2:da:73:d0:63:d4:a9:2e:df:2b:19:b2:
                    b3:23:47:2a:92:a9:c2:4e:1a:a2:8a:da:11:85:86:
                    74:fa:ee:65:dc:4f:03:8c:f3:e6:33:05:c4:a9:bb:
                    cc:44:7e:87:41:72:9b:6b:3a:59:69:69:bf:ab:cf:
                    ab:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:64:7B:64:11:D3:D5:BB:82:F1:04:96:91:CF:E7:2A:E5:4D:62:42
            X509v3 Authority Key Identifier:
                keyid:74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e4:8e:21:a2:be:ae:50:f8:fd:75:33:55:e1:50:0a:dc:bd:47:
         fc:56:ed:fa:5d:af:d2:09:84:3d:33:c3:16:16:2c:19:39:a3:
         d4:68:4a:82:8a:34:1f:da:68:24:73:04:0e:00:e0:28:73:67:
         d1:e3:1b:5d:55:b3:5a:99:61:a1:e2:ae:24:d0:bb:a7:43:18:
         db:ca:a9:c9:04:d4:f9:05:e3:49:cb:7f:d7:b5:fe:b2:c1:5d:
         47:9f:7c:25:be:d7:ea:f2:98:fc:e3:45:d0:d3:e7:fb:61:80:
         c4:d3:2c:0f:db:a3:7c:c5:94:02:8d:c4:d6:00:e8:e1:69:2a:
         c0:51:d8:19:de:2a:e0:9f:ec:e8:7c:86:6b:c8:b6:a3:47:d8:
         35:f7:e1:07:90:29:5f:9a:dd:10:2e:7d:ca:8a:b8:14:dd:c5:
         6e:22:b5:06:f6:75:c7:b6:38:ce:5f:32:cb:58:80:95:92:29:
         5d:20:42:ce:f2:c4:8c:2e:d0:eb:1b:12:47:47:ca:88:f0:67:
         a5:d5:e4:0c:26:91:cb:1c:00:9b:91:d1:c4:b1:2b:63:b4:66:
         ac:02:59:ae:b2:cd:54:d7:a5:d7:44:a6:4a:50:97:c1:1f:7b:
         f8:9b:9f:18:bf:52:26:fb:12:b7:e8:eb:b7:81:8c:58:08:a4:
         3f:44:a0:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76uj/KcfJHZYXtVu01PjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjMwZjE2NDg1YjRmOTMzODVmOTRhOGVjNzEwMGFkNDhj
NWZjNTAwHhcNMjUxMDE5MTAwMTQwWhcNMjUxMDIwMTAwMTQwWjAzMTEwLwYDVQQD
Eyg2ODY0N2I2NDExZDNkNWJiODJmMTA0OTY5MWNmZTcyYWU1NGQ2MjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonZhDKDCnJ19oVWiL2A8RBiEinKG
cIysxExTb6zNL7FQZK4mAFCvI/IBRgWQTDRLsS/25BB839eJaYNPggLbkI7UdsTQ
e+B0fN5cmhrk9l6pa9nPifLiWjPrpjGtVfe5Xv8RqQUIwAJcLuCfK8orKtOczgtm
7YOsG1e7GSnDrFlWay+0ORidGBS9WL1NY+9PCjbI8U3bHuGnwenLw6fQIzJVXKt4
VMamg7i/IwkyQ5SzZTj9odMwI/ngDNsgzoiMRtQs7ZXC2nPQY9SpLt8rGbKzI0cq
kqnCThqiitoRhYZ0+u5l3E8DjPPmMwXEqbvMRH6HQXKbazpZaWm/q8+rzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhke2QR09W7gvEElpHP5yrlTWJCMB8GA1UdIwQY
MBaAFHRjDxZIW0+TOF+UqOxxAK1IxfxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2It
M2RhNDE1YWMwZGMwLzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2ItM2RhNDE1YWMwZGMw
LzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5I4hor6u
UPj9dTNV4VAK3L1H/Fbt+l2v0gmEPTPDFhYsGTmj1GhKgoo0H9poJHMEDgDgKHNn
0eMbXVWzWplhoeKuJNC7p0MY28qpyQTU+QXjSct/17X+ssFdR598Jb7X6vKY/ONF
0NPn+2GAxNMsD9ujfMWUAo3E1gDo4WkqwFHYGd4q4J/s6HyGa8i2o0fYNffhB5Ap
X5rdEC59yoq4FN3FbiK1BvZ1x7Y4zl8yy1iAlZIpXSBCzvLEjC7Q6xsSR0fKiPBn
pdXkDCaRyxwAm5HRxLErY7RmrAJZrrLNVNel10SmSlCXwR97+JufGL9SJvsSt+jr
t4GMWAikP0SgUg==
-----END CERTIFICATE-----