Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
File:                     DdgdNYjH4QqJmw0EgVZubZSNrdA.mft (raw, json)
Hash identifier:          W4KnIAGW663o26vP7mLwUoFhzCLt0rdgr5rN30gAcfA=
Subject key identifier:   DA:18:F0:6C:CD:B9:EB:B2:45:8D:AE:A6:F9:5D:BB:5B:B1:8D:4B:A1
Authority key identifier: 0D:D8:1D:35:88:C7:E1:0A:89:9B:0D:04:81:56:6E:6D:94:8D:AD:D0
Certificate issuer:       /CN=0dd81d3588c7e10a899b0d0481566e6d948dadd0
Certificate serial:       0199FB457D8D4B955C203BB5164ACD435931
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 07:00:59 +0000
Manifest this update:     Sun 19 Oct 2025 07:00:59 +0000
Manifest next update:     Mon 20 Oct 2025 07:00:59 +0000
Files and hashes:         1: DdgdNYjH4QqJmw0EgVZubZSNrdA.crl (hash: 1mgENx9JRu1yZ9IAoe5t15bEog5Eyiw1dzVW2IwRIKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:7d:8d:4b:95:5c:20:3b:b5:16:4a:cd:43:59:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dd81d3588c7e10a899b0d0481566e6d948dadd0
        Validity
            Not Before: Oct 19 07:00:59 2025 GMT
            Not After : Oct 20 07:00:59 2025 GMT
        Subject: CN=da18f06ccdb9ebb2458daea6f95dbb5bb18d4ba1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:a7:08:49:aa:42:0a:f1:bb:6d:c5:47:dc:b1:
                    c1:8c:ec:a1:25:5b:d5:ea:f9:c2:e4:89:f8:b1:20:
                    6d:59:ae:59:c2:bd:b1:3e:8e:9b:93:d2:69:e4:d4:
                    35:93:0e:50:c4:ea:5c:49:60:7e:76:c7:8d:a2:3d:
                    14:b6:f7:a9:f0:c4:27:14:c4:f4:76:68:8b:6f:fa:
                    b0:02:76:9d:ee:9c:60:00:56:3a:ed:06:04:62:7b:
                    56:c6:99:b7:61:e1:a9:ea:da:a3:e3:4d:37:ab:3b:
                    ab:7d:49:7c:ee:75:a4:fc:b9:e9:ac:33:c9:30:6a:
                    b8:57:e3:2e:72:18:d4:b8:7a:7a:a1:96:11:40:eb:
                    0c:fc:af:5b:39:ac:a4:af:cf:f0:13:09:8d:97:6a:
                    c7:23:7c:cd:3e:82:09:11:4d:7c:dc:c4:2e:c8:5c:
                    e4:fa:fc:1d:8a:4c:3e:1b:6a:01:4d:c3:9a:b1:4b:
                    ca:88:0d:b7:8a:61:76:5f:0b:29:67:27:68:8a:23:
                    fa:35:da:0f:ef:69:18:da:10:46:40:4f:5c:a3:3f:
                    d2:3e:0f:2e:29:08:41:15:12:78:54:aa:06:74:d0:
                    9e:fc:4f:86:54:5b:74:89:5c:94:a9:85:ae:b0:e6:
                    d8:bc:0f:64:71:25:38:0f:64:a9:b3:7a:12:d0:29:
                    8a:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:18:F0:6C:CD:B9:EB:B2:45:8D:AE:A6:F9:5D:BB:5B:B1:8D:4B:A1
            X509v3 Authority Key Identifier:
                keyid:0D:D8:1D:35:88:C7:E1:0A:89:9B:0D:04:81:56:6E:6D:94:8D:AD:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:f3:f1:63:e9:39:bf:7d:c9:08:c6:1e:2d:a2:13:da:38:17:
         aa:13:1d:e1:83:87:f2:27:89:32:35:a2:7c:1a:dd:5b:8c:f0:
         21:82:8e:3b:a7:7f:93:99:84:3b:35:92:88:a4:98:37:b4:05:
         2a:b1:99:97:df:4a:8e:54:81:5c:97:cc:78:b4:75:fa:f2:87:
         4f:83:32:b6:d0:7b:58:2d:e7:97:ba:1a:82:a2:79:2d:ab:7d:
         c4:61:7c:d8:c0:f9:00:00:e2:13:91:ea:a8:01:c3:c4:0f:12:
         62:c7:1b:fd:78:d9:b6:3f:b5:3b:a2:af:50:66:25:a6:e2:c0:
         8a:57:60:c9:73:af:fb:e3:1d:92:03:88:17:30:2b:16:da:2a:
         70:4f:32:1c:2a:be:0e:bf:f8:13:5a:ed:3a:6b:67:1b:2e:e4:
         a3:cb:49:20:00:87:0b:1f:99:e7:54:8c:0b:5a:e2:7c:fe:e7:
         6d:1f:b4:0c:7f:cb:40:1c:5b:91:ce:7b:8b:7c:25:56:72:70:
         95:39:91:cf:37:4d:0b:1a:01:bd:23:73:41:73:81:ca:22:5d:
         cc:13:63:ed:f0:67:b0:43:1a:48:2e:55:1e:df:fd:5c:87:8e:
         27:bd:d2:9a:76:34:6c:0a:f5:ae:08:b5:bb:93:d4:bc:2b:08:
         6e:54:78:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RX2NS5VcIDu1FkrNQ1kxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDgxZDM1ODhjN2UxMGE4OTliMGQwNDgxNTY2ZTZkOTQ4
ZGFkZDAwHhcNMjUxMDE5MDcwMDU5WhcNMjUxMDIwMDcwMDU5WjAzMTEwLwYDVQQD
EyhkYTE4ZjA2Y2NkYjllYmIyNDU4ZGFlYTZmOTVkYmI1YmIxOGQ0YmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqacISapCCvG7bcVH3LHBjOyhJVvV
6vnC5In4sSBtWa5Zwr2xPo6bk9Jp5NQ1kw5QxOpcSWB+dseNoj0Utvep8MQnFMT0
dmiLb/qwAnad7pxgAFY67QYEYntWxpm3YeGp6tqj4003qzurfUl87nWk/LnprDPJ
MGq4V+MuchjUuHp6oZYRQOsM/K9bOaykr8/wEwmNl2rHI3zNPoIJEU183MQuyFzk
+vwdikw+G2oBTcOasUvKiA23imF2XwspZydoiiP6NdoP72kY2hBGQE9coz/SPg8u
KQhBFRJ4VKoGdNCe/E+GVFt0iVyUqYWusObYvA9kcSU4D2Sps3oS0CmKVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNoY8GzNueuyRY2upvldu1uxjUuhMB8GA1UdIwQY
MBaAFA3YHTWIx+EKiZsNBIFWbm2Uja3QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lODZmNWYtMTE1ZS00ZTkyLWFjMzkt
Yzc2YjhkYjVhZDE0LzEvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lODZmNWYtMTE1ZS00ZTkyLWFjMzktYzc2YjhkYjVhZDE0
LzEvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAefPxY+k5
v33JCMYeLaIT2jgXqhMd4YOH8ieJMjWifBrdW4zwIYKOO6d/k5mEOzWSiKSYN7QF
KrGZl99KjlSBXJfMeLR1+vKHT4MyttB7WC3nl7oagqJ5Lat9xGF82MD5AADiE5Hq
qAHDxA8SYscb/XjZtj+1O6KvUGYlpuLAildgyXOv++MdkgOIFzArFtoqcE8yHCq+
Dr/4E1rtOmtnGy7ko8tJIACHCx+Z51SMC1rifP7nbR+0DH/LQBxbkc57i3wlVnJw
lTmRzzdNCxoBvSNzQXOByiJdzBNj7fBnsEMaSC5VHt/9XIeOJ73SmnY0bAr1rgi1
u5PUvCsIblR4NQ==
-----END CERTIFICATE-----