Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          2+TXzli2Q7k06G9aGpWfjS46T/Kmms+cplxefUzLpz0=
Subject key identifier:   DA:97:73:A7:8D:9A:EE:66:28:B0:CB:DE:31:DB:48:98:8D:1A:66:7E
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       0199FC58EB262E0D7C569C4431418E434F0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0D8C
Signing time:             Sun 19 Oct 2025 12:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:49 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: d/GwIKhPHvkXgmm+wspjC1mXQDh+oBYuRbmSGKNs+x8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:eb:26:2e:0d:7c:56:9c:44:31:41:8e:43:4f:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Oct 19 12:01:49 2025 GMT
            Not After : Oct 20 12:01:49 2025 GMT
        Subject: CN=da9773a78d9aee6628b0cbde31db48988d1a667e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:83:4c:9d:6d:5d:ed:28:b5:08:81:47:ab:f7:
                    7b:72:73:6b:7e:5c:7c:3a:6c:16:84:59:4c:fb:c0:
                    da:dc:1f:2b:44:06:96:a8:a1:87:ad:8d:b9:82:eb:
                    9d:d6:cf:98:5b:fd:c2:8e:e4:70:15:44:b7:c1:11:
                    5f:63:7b:24:97:86:a4:09:1e:37:09:ee:18:37:77:
                    9f:0f:84:49:e8:af:80:dd:3e:64:a6:c1:a8:8e:64:
                    e1:12:34:9a:79:28:d0:a5:d1:e8:95:85:57:6f:58:
                    5a:d5:0a:ad:b3:0e:87:cb:59:a1:8b:e7:24:b6:de:
                    e8:d5:5b:d0:a8:21:15:c7:27:68:a5:e8:af:ca:82:
                    db:13:55:f3:91:17:ea:99:e8:da:74:40:e0:18:b2:
                    d3:2e:9b:09:9f:7c:07:0b:8f:69:03:bb:62:ec:15:
                    5f:0e:82:61:59:41:6e:23:91:db:61:b9:4c:c4:d7:
                    5e:d8:48:f0:8d:ba:07:d5:68:c1:91:ae:51:cb:43:
                    18:ae:c3:b2:83:2f:5f:02:c9:28:a9:19:82:4c:07:
                    a7:8d:c6:3e:a8:f3:23:80:12:28:6d:6f:f1:9b:32:
                    e0:dd:6d:77:3e:a8:e4:77:15:a7:a1:96:f4:e6:65:
                    78:4b:ae:58:f7:ac:84:92:97:38:a4:f3:51:43:7f:
                    3d:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:97:73:A7:8D:9A:EE:66:28:B0:CB:DE:31:DB:48:98:8D:1A:66:7E
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:53:66:90:27:fa:4a:0a:c1:b0:1a:46:a9:7f:34:cf:b7:78:
         78:62:49:66:4c:fd:40:b7:44:1d:13:8d:cd:f4:fc:2d:99:f6:
         5b:f9:08:3e:1e:b7:a0:d8:e5:57:85:11:ea:19:95:38:43:dc:
         b1:26:ee:ab:13:2a:c2:17:53:9d:93:e3:6c:7b:59:90:54:04:
         ae:bf:7a:e9:8c:1a:78:d6:16:a6:d1:c5:d8:90:a7:10:42:4c:
         71:57:97:95:3c:ef:61:d7:03:a2:b7:90:81:2f:a5:dc:cc:a8:
         2d:9b:4e:d0:6b:9a:b2:25:43:7e:cd:87:53:b0:26:ca:6a:a5:
         76:59:d4:63:d8:6f:00:26:a7:08:82:25:27:30:e2:40:a4:a7:
         c3:67:98:36:46:da:3f:6a:9f:6d:bc:13:8e:73:20:05:d7:5c:
         81:f4:57:e9:f5:76:87:1d:60:5d:c5:f8:80:78:55:8e:ea:1d:
         bd:75:9c:fa:5d:53:b9:40:19:8e:a3:f9:a0:fe:40:82:e3:71:
         89:9a:17:e3:df:65:83:f6:f6:98:12:b6:de:d5:c9:ce:a9:0d:
         da:75:da:61:c5:b5:70:26:8c:ea:c0:18:47:59:a1:33:08:39:
         3a:b6:0c:c1:42:7b:3e:ea:ac:6f:ad:69:ae:c1:70:3f:7c:ea:
         f2:79:c6:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WOsmLg18VpxEMUGOQ08LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUxMDE5MTIwMTQ5WhcNMjUxMDIwMTIwMTQ5WjAzMTEwLwYDVQQD
EyhkYTk3NzNhNzhkOWFlZTY2MjhiMGNiZGUzMWRiNDg5ODhkMWE2NjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4NMnW1d7Si1CIFHq/d7cnNrflx8
OmwWhFlM+8Da3B8rRAaWqKGHrY25guud1s+YW/3CjuRwFUS3wRFfY3skl4akCR43
Ce4YN3efD4RJ6K+A3T5kpsGojmThEjSaeSjQpdHolYVXb1ha1Qqtsw6Hy1mhi+ck
tt7o1VvQqCEVxydopeivyoLbE1XzkRfqmejadEDgGLLTLpsJn3wHC49pA7ti7BVf
DoJhWUFuI5HbYblMxNde2EjwjboH1WjBka5Ry0MYrsOygy9fAskoqRmCTAenjcY+
qPMjgBIobW/xmzLg3W13PqjkdxWnoZb05mV4S65Y96yEkpc4pPNRQ3895QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqXc6eNmu5mKLDL3jHbSJiNGmZ+MB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT1NmkCf6
SgrBsBpGqX80z7d4eGJJZkz9QLdEHRONzfT8LZn2W/kIPh63oNjlV4UR6hmVOEPc
sSbuqxMqwhdTnZPjbHtZkFQErr966YwaeNYWptHF2JCnEEJMcVeXlTzvYdcDoreQ
gS+l3MyoLZtO0GuasiVDfs2HU7AmymqldlnUY9hvACanCIIlJzDiQKSnw2eYNkba
P2qfbbwTjnMgBddcgfRX6fV2hx1gXcX4gHhVjuodvXWc+l1TuUAZjqP5oP5AguNx
iZoX499lg/b2mBK23tXJzqkN2nXaYcW1cCaM6sAYR1mhMwg5OrYMwUJ7Puqsb61p
rsFwP3zq8nnGkA==
-----END CERTIFICATE-----