Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft
File:                     DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft (raw, json)
Hash identifier:          ZaonaVBqh0QpbNBYZB0C17PXX2rdlaIR9XZqZYY82JA=
Subject key identifier:   FD:23:69:46:F4:A5:92:13:01:6D:42:8D:CA:9C:44:0B:F0:5C:FE:A9
Authority key identifier: 0E:56:C9:E5:8D:96:AF:1E:41:30:D7:22:42:21:19:2B:2C:13:2A:5C
Certificate issuer:       /CN=0e56c9e58d96af1e4130d7224221192b2c132a5c
Certificate serial:       0199FFC830C49A6EAF4D9AB73495389135B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft
Manifest number:          1675
Signing time:             Mon 20 Oct 2025 04:02:13 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:13 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:13 +0000
Files and hashes:         1: DlbJ5Y2Wrx5BMNciQiEZKywTKlw.crl (hash: s+R/Cgs2D8hWmqd8cWys8V4DJ4OQHFp4dM03193S7aM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:30:c4:9a:6e:af:4d:9a:b7:34:95:38:91:35:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e56c9e58d96af1e4130d7224221192b2c132a5c
        Validity
            Not Before: Oct 20 04:02:13 2025 GMT
            Not After : Oct 21 04:02:13 2025 GMT
        Subject: CN=fd236946f4a59213016d428dca9c440bf05cfea9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d0:0b:a0:74:4e:bb:1e:94:6a:97:08:92:29:
                    65:69:61:ad:de:7e:08:58:f6:8a:c5:4d:85:67:07:
                    0c:f2:8f:23:0e:ab:65:61:89:eb:10:55:b5:31:42:
                    f5:c5:7c:76:11:83:bb:8a:bb:0f:af:96:d1:01:55:
                    08:ec:33:06:00:1c:98:54:12:cd:6c:3a:c2:b1:f6:
                    ab:d9:29:87:11:7d:4d:c9:02:5f:87:c5:31:c1:ae:
                    41:84:e8:4b:1d:6d:1c:cf:9c:74:80:09:ae:bd:8d:
                    0c:dd:00:dd:e4:30:ca:f7:c1:c4:f0:de:94:7e:10:
                    bc:4a:96:c3:83:4c:a3:e0:29:6b:48:f4:09:48:f6:
                    92:89:09:57:37:fd:77:4b:0e:1c:ce:c5:61:66:28:
                    a6:ea:9f:f5:21:d3:f8:2a:3f:69:0f:97:22:83:c2:
                    ae:84:c6:bb:ce:52:49:c3:1e:d1:3e:fe:f4:88:ed:
                    ba:1d:bd:d1:0a:46:2c:16:c2:a2:34:b0:80:d2:db:
                    e3:d6:27:3f:80:95:32:ce:64:18:a4:38:f1:f3:6d:
                    ef:05:6a:62:f7:ed:57:18:6f:c4:1c:6d:da:41:a2:
                    11:08:a0:18:a4:77:4f:98:61:88:64:6f:ab:e8:1e:
                    66:41:a6:fe:d3:8a:25:c0:a3:85:8a:6d:56:89:69:
                    9a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:23:69:46:F4:A5:92:13:01:6D:42:8D:CA:9C:44:0B:F0:5C:FE:A9
            X509v3 Authority Key Identifier:
                keyid:0E:56:C9:E5:8D:96:AF:1E:41:30:D7:22:42:21:19:2B:2C:13:2A:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4c8208-ba30-4716-a6c8-84f3524626bd/1/DlbJ5Y2Wrx5BMNciQiEZKywTKlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:92:dd:48:f7:78:6e:a8:68:78:4f:a9:92:f9:03:a5:57:7e:
         51:87:15:90:30:b4:1e:d3:50:c2:31:ca:06:c7:fe:87:0e:f2:
         06:0b:68:84:bb:6f:b3:9d:3f:b7:74:37:f2:95:58:28:46:a4:
         f4:c8:0a:f3:50:a0:b7:22:c2:fc:f9:83:98:ae:fa:9b:db:da:
         46:1c:e0:72:ef:1a:8a:15:2b:6a:2d:68:a0:bf:01:f5:39:18:
         74:b9:ca:9b:c5:f3:15:64:0f:6b:1e:68:a4:a9:26:e4:1c:4e:
         d6:d5:3e:78:fc:70:e6:a1:d6:6f:1b:5d:f4:cd:0e:5a:9d:7b:
         d9:0b:76:c9:e4:76:34:bb:57:db:3c:07:00:96:6f:9c:dd:74:
         5e:1e:67:c1:49:a4:29:bb:59:b6:89:b4:27:7b:dd:e0:08:42:
         2f:13:25:49:90:77:ef:90:84:13:34:87:c5:58:7c:e8:d7:54:
         b3:96:4d:e5:c8:cf:05:b9:ea:bf:97:c4:72:f2:45:3b:ac:64:
         0f:8a:1b:8c:e7:0e:e7:a9:ac:52:4b:12:86:e9:c6:f8:13:79:
         49:43:28:b9:cc:a3:bf:c7:73:ec:83:46:2a:55:38:f1:8c:3f:
         13:1b:7e:de:ae:86:26:66:f8:c7:b1:dc:ad:2a:8e:dc:1a:e5:
         da:1b:94:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yDDEmm6vTZq3NJU4kTWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNTZjOWU1OGQ5NmFmMWU0MTMwZDcyMjQyMjExOTJiMmMx
MzJhNWMwHhcNMjUxMDIwMDQwMjEzWhcNMjUxMDIxMDQwMjEzWjAzMTEwLwYDVQQD
EyhmZDIzNjk0NmY0YTU5MjEzMDE2ZDQyOGRjYTljNDQwYmYwNWNmZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtALoHROux6UapcIkillaWGt3n4I
WPaKxU2FZwcM8o8jDqtlYYnrEFW1MUL1xXx2EYO7irsPr5bRAVUI7DMGAByYVBLN
bDrCsfar2SmHEX1NyQJfh8Uxwa5BhOhLHW0cz5x0gAmuvY0M3QDd5DDK98HE8N6U
fhC8SpbDg0yj4ClrSPQJSPaSiQlXN/13Sw4czsVhZiim6p/1IdP4Kj9pD5cig8Ku
hMa7zlJJwx7RPv70iO26Hb3RCkYsFsKiNLCA0tvj1ic/gJUyzmQYpDjx823vBWpi
9+1XGG/EHG3aQaIRCKAYpHdPmGGIZG+r6B5mQab+04olwKOFim1WiWmaKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0jaUb0pZITAW1CjcqcRAvwXP6pMB8GA1UdIwQY
MBaAFA5WyeWNlq8eQTDXIkIhGSssEypcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGxiSjVZMldyeDVCTU5jaVFpRVpLeXdUS2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80YzgyMDgtYmEzMC00NzE2LWE2Yzgt
ODRmMzUyNDYyNmJkLzEvRGxiSjVZMldyeDVCTU5jaVFpRVpLeXdUS2x3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80YzgyMDgtYmEzMC00NzE2LWE2YzgtODRmMzUyNDYyNmJk
LzEvRGxiSjVZMldyeDVCTU5jaVFpRVpLeXdUS2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApJLdSPd4
bqhoeE+pkvkDpVd+UYcVkDC0HtNQwjHKBsf+hw7yBgtohLtvs50/t3Q38pVYKEak
9MgK81CgtyLC/PmDmK76m9vaRhzgcu8aihUrai1ooL8B9TkYdLnKm8XzFWQPax5o
pKkm5BxO1tU+ePxw5qHWbxtd9M0OWp172Qt2yeR2NLtX2zwHAJZvnN10Xh5nwUmk
KbtZtom0J3vd4AhCLxMlSZB375CEEzSHxVh86NdUs5ZN5cjPBbnqv5fEcvJFO6xk
D4objOcO56msUksShunG+BN5SUMoucyjv8dz7INGKlU48Yw/Ext+3q6GJmb4x7Hc
rSqO3Brl2huUhQ==
-----END CERTIFICATE-----