Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
File:                     dtQhWmJUV7wFMhkciAP3xkt_kGU.mft (raw, json)
Hash identifier:          WvQXRFdvLbu+IVVF/frwU22nA9OJPY8r6YrGsN4b0qo=
Subject key identifier:   74:0B:86:76:64:5B:10:7A:A1:A4:AA:8B:12:D2:C4:BB:E9:01:5F:86
Authority key identifier: 76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65
Certificate issuer:       /CN=76d4215a625457bc0532191c8803f7c64b7f9065
Certificate serial:       0199FCFD4DCA25B5D17D4B00164607D59648
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
Manifest number:          04B9
Signing time:             Sun 19 Oct 2025 15:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:22 +0000
Files and hashes:         1: dtQhWmJUV7wFMhkciAP3xkt_kGU.crl (hash: DZGRVkRWUC7n8xCzpgTcdcBsf9WWlmGtDw7i3cfy4eg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:4d:ca:25:b5:d1:7d:4b:00:16:46:07:d5:96:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d4215a625457bc0532191c8803f7c64b7f9065
        Validity
            Not Before: Oct 19 15:01:22 2025 GMT
            Not After : Oct 20 15:01:22 2025 GMT
        Subject: CN=740b8676645b107aa1a4aa8b12d2c4bbe9015f86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:1f:84:fd:21:c7:6f:b5:60:b7:63:f7:ff:45:
                    8b:e1:d7:ae:77:ab:51:01:f5:f8:f0:cd:ed:62:d1:
                    c0:03:ad:c1:6a:13:99:d6:55:b4:94:e3:3d:7d:2d:
                    bd:ac:ce:2d:e0:68:3e:65:fa:7c:ee:a3:38:e5:23:
                    e7:15:8a:09:b0:a2:c8:f5:d2:8d:50:28:4b:c5:0b:
                    07:7b:eb:22:c6:17:fc:5d:a2:ce:d5:6d:c4:20:78:
                    5c:3f:c5:f5:5e:50:57:5b:aa:b5:43:7a:2f:60:7a:
                    d8:e8:a8:7e:e8:11:42:ed:e2:1d:c8:b9:94:76:fb:
                    9c:43:bd:7a:b8:85:50:e2:04:cd:d9:24:2a:19:b4:
                    95:9b:88:73:b4:ce:39:8d:df:4f:e0:84:eb:f7:33:
                    6e:1a:80:a4:68:bf:8a:6c:9b:bd:f2:28:84:c6:fb:
                    95:f9:16:66:3f:d1:4a:bf:99:3d:61:5c:73:ce:88:
                    ed:a5:72:ed:d4:82:79:ef:89:71:19:b1:72:2b:d5:
                    45:1e:32:5d:79:84:b1:bf:1f:c4:a0:9d:00:ee:d8:
                    38:54:d7:6a:c3:23:a9:58:83:48:34:f6:3d:63:2e:
                    bd:90:a6:37:0a:c1:9d:e4:b6:b6:b5:d6:b2:a0:d4:
                    2e:21:25:f9:3d:dd:db:5e:63:42:72:39:62:14:ef:
                    5e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:0B:86:76:64:5B:10:7A:A1:A4:AA:8B:12:D2:C4:BB:E9:01:5F:86
            X509v3 Authority Key Identifier:
                keyid:76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:84:76:2f:ff:e4:0e:ca:6e:2c:1e:18:3a:d2:69:98:fa:d5:
         c9:e4:2e:19:1a:29:e4:8f:07:03:f9:44:f3:ca:64:92:ec:0f:
         ab:ba:db:d7:0d:83:45:62:f4:f6:d5:74:75:c0:6c:c8:f2:88:
         98:78:c6:24:15:2c:a7:20:1a:b6:24:c1:d9:7d:d3:ea:47:0a:
         9d:7a:63:21:88:5c:7b:c2:f5:cc:93:3e:54:7c:52:56:0c:44:
         c1:84:0e:31:9f:cc:b2:b8:37:5f:18:bd:09:93:14:1a:d0:fc:
         0e:09:a5:c0:04:28:37:33:05:e8:e7:c6:ef:ff:3b:22:f6:f0:
         47:4a:7e:76:14:76:e8:f7:49:39:06:80:75:56:26:22:c2:09:
         1d:46:37:02:c9:e0:84:b3:99:f6:bc:e6:4b:d1:d0:e5:fe:0d:
         9e:90:ed:4f:3b:c3:6c:06:b0:a9:08:bd:9e:22:11:bc:ad:df:
         cd:95:b1:4e:30:21:6e:ab:61:b9:23:63:71:10:a5:d1:4b:b8:
         de:e5:ff:56:b9:94:d3:54:7c:84:dc:df:d5:89:7b:98:6f:b9:
         ee:82:0e:90:db:e5:87:3e:6d:6e:32:10:56:fb:07:e1:e4:ab:
         38:62:97:8a:80:ac:ad:9d:21:f4:80:9a:d1:0e:d5:d7:9c:a5:
         2e:fa:e7:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/U3KJbXRfUsAFkYH1ZZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDQyMTVhNjI1NDU3YmMwNTMyMTkxYzg4MDNmN2M2NGI3
ZjkwNjUwHhcNMjUxMDE5MTUwMTIyWhcNMjUxMDIwMTUwMTIyWjAzMTEwLwYDVQQD
Eyg3NDBiODY3NjY0NWIxMDdhYTFhNGFhOGIxMmQyYzRiYmU5MDE1Zjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux+E/SHHb7Vgt2P3/0WL4deud6tR
AfX48M3tYtHAA63BahOZ1lW0lOM9fS29rM4t4Gg+Zfp87qM45SPnFYoJsKLI9dKN
UChLxQsHe+sixhf8XaLO1W3EIHhcP8X1XlBXW6q1Q3ovYHrY6Kh+6BFC7eIdyLmU
dvucQ716uIVQ4gTN2SQqGbSVm4hztM45jd9P4ITr9zNuGoCkaL+KbJu98iiExvuV
+RZmP9FKv5k9YVxzzojtpXLt1IJ574lxGbFyK9VFHjJdeYSxvx/EoJ0A7tg4VNdq
wyOpWININPY9Yy69kKY3CsGd5La2tdayoNQuISX5Pd3bXmNCcjliFO9eoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQLhnZkWxB6oaSqixLSxLvpAV+GMB8GA1UdIwQY
MBaAFHbUIVpiVFe8BTIZHIgD98ZLf5BlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTkt
Zjg4ZDdlYzNhNTI2LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTktZjg4ZDdlYzNhNTI2
LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhIR2L//k
DspuLB4YOtJpmPrVyeQuGRop5I8HA/lE88pkkuwPq7rb1w2DRWL09tV0dcBsyPKI
mHjGJBUspyAatiTB2X3T6kcKnXpjIYhce8L1zJM+VHxSVgxEwYQOMZ/Msrg3Xxi9
CZMUGtD8DgmlwAQoNzMF6OfG7/87IvbwR0p+dhR26PdJOQaAdVYmIsIJHUY3Asng
hLOZ9rzmS9HQ5f4NnpDtTzvDbAawqQi9niIRvK3fzZWxTjAhbqthuSNjcRCl0Uu4
3uX/VrmU01R8hNzf1Yl7mG+57oIOkNvlhz5tbjIQVvsH4eSrOGKXioCsrZ0h9ICa
0Q7V15ylLvrnUw==
-----END CERTIFICATE-----