Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
File:                     dtAtj564761YOO-TGIVJb8-vHGE.mft (raw, json)
Hash identifier:          qHTtRAw8LYEhhkpG+uhokZFwslwEN/RM/H+GNrF1isQ=
Subject key identifier:   81:BF:59:56:11:69:FF:9E:B3:33:C1:A8:18:47:BA:1B:4E:39:92:51
Authority key identifier: 76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61
Certificate issuer:       /CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
Certificate serial:       0198D66051177562AEE1DDF084E7D49D2212
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 10:01:33 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:33 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:33 +0000
Files and hashes:         1: dtAtj564761YOO-TGIVJb8-vHGE.crl (hash: WTTUrH2zLzkvRVxJ0EQpvJvC0r9pb+f9iiCB5lAl9nA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:51:17:75:62:ae:e1:dd:f0:84:e7:d4:9d:22:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
        Validity
            Not Before: Aug 23 10:01:33 2025 GMT
            Not After : Aug 24 10:01:33 2025 GMT
        Subject: CN=81bf59561169ff9eb333c1a81847ba1b4e399251
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:ed:ca:e6:63:27:b6:29:33:8a:e7:b9:67:4e:
                    44:5e:f9:4a:df:82:a2:04:29:02:22:98:cb:2b:6e:
                    ac:0f:e9:7d:41:16:94:8c:82:88:fd:43:ff:17:66:
                    fb:7a:11:8d:58:46:f9:c6:5a:80:22:a6:8d:4b:6e:
                    95:5a:28:48:b8:b9:62:e4:c0:15:d6:93:40:b3:40:
                    97:d5:35:df:bc:54:f0:d7:2b:0a:e4:07:ec:09:54:
                    d2:90:09:78:bf:bc:b4:0c:e7:0a:8e:e5:14:40:37:
                    98:c1:a9:3e:4e:9b:a0:64:75:d0:7f:bb:25:9e:22:
                    8d:ca:97:7c:38:34:9c:3e:68:90:48:41:a7:5c:fe:
                    11:92:b7:ec:d8:c4:72:58:99:9c:61:33:8b:3a:28:
                    e5:af:48:6e:e5:61:fb:1b:ef:a9:57:24:91:58:da:
                    e1:a4:76:23:65:0a:59:06:5b:89:28:f4:b4:c8:2f:
                    2c:55:01:14:be:04:57:08:c8:96:f6:97:07:45:15:
                    1e:16:80:d1:a1:16:e0:67:fe:c3:a2:8c:1a:31:76:
                    17:a2:d1:f9:1c:e8:fa:59:32:46:41:43:32:b8:0a:
                    55:98:dc:9f:61:f1:56:bb:16:00:6c:31:e1:1e:ee:
                    c6:a9:d5:53:a4:26:9e:46:5a:34:1a:92:cd:00:17:
                    ee:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:BF:59:56:11:69:FF:9E:B3:33:C1:A8:18:47:BA:1B:4E:39:92:51
            X509v3 Authority Key Identifier:
                keyid:76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:8d:e3:26:c4:b1:25:54:a9:03:ae:e0:a5:26:14:43:c4:62:
         a5:28:47:4e:54:59:90:91:61:56:7c:f3:ab:5d:ca:bb:f1:75:
         aa:a8:e9:be:15:85:87:6c:2c:59:e9:b0:ea:01:8d:a3:a7:f3:
         6a:b7:b2:2e:09:72:e5:22:35:d0:90:63:62:27:83:13:b0:28:
         de:54:87:c3:63:2b:94:a5:71:c6:0c:d9:96:80:5d:dd:b5:ad:
         98:2a:26:ef:08:1a:ec:d1:df:2b:4c:84:a1:ce:5a:a7:da:9e:
         4e:96:3a:72:f8:ba:65:14:41:fc:2d:32:16:cb:34:23:fe:c6:
         64:76:2b:f6:27:aa:4f:1e:e8:ed:d1:ae:1d:97:fc:0c:99:18:
         5a:a1:81:5e:88:04:ac:09:8f:d5:7c:cf:68:42:3e:bf:3f:37:
         52:9b:3d:61:1f:e8:8b:67:03:6e:b7:bf:36:92:2b:41:62:c7:
         93:0a:ef:d5:e3:6b:b5:4a:33:89:4d:11:ec:8b:de:08:16:e1:
         14:45:22:6c:e4:b6:63:2f:2c:d1:ff:7d:5c:32:cb:34:9e:35:
         27:85:82:c9:37:15:6d:72:8b:1f:db:33:5c:81:9b:3e:b4:63:
         fb:77:b7:65:cc:43:ef:a7:6d:35:ba:d7:42:44:b9:01:cb:f5:
         70:08:e7:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYFEXdWKu4d3whOfUnSISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDAyZDhmOWViOGVmYWQ1ODM4ZWY5MzE4ODU0OTZmY2Zh
ZjFjNjEwHhcNMjUwODIzMTAwMTMzWhcNMjUwODI0MTAwMTMzWjAzMTEwLwYDVQQD
Eyg4MWJmNTk1NjExNjlmZjllYjMzM2MxYTgxODQ3YmExYjRlMzk5MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9e3K5mMntikziue5Z05EXvlK34Ki
BCkCIpjLK26sD+l9QRaUjIKI/UP/F2b7ehGNWEb5xlqAIqaNS26VWihIuLli5MAV
1pNAs0CX1TXfvFTw1ysK5AfsCVTSkAl4v7y0DOcKjuUUQDeYwak+TpugZHXQf7sl
niKNypd8ODScPmiQSEGnXP4Rkrfs2MRyWJmcYTOLOijlr0hu5WH7G++pVySRWNrh
pHYjZQpZBluJKPS0yC8sVQEUvgRXCMiW9pcHRRUeFoDRoRbgZ/7DoowaMXYXotH5
HOj6WTJGQUMyuApVmNyfYfFWuxYAbDHhHu7GqdVTpCaeRlo0GpLNABfukQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIG/WVYRaf+eszPBqBhHuhtOOZJRMB8GA1UdIwQY
MBaAFHbQLY+euO+tWDjvkxiFSW/PrxxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2Yjgt
MDUxNjFmZjcxZDgwLzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2YjgtMDUxNjFmZjcxZDgw
LzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbo3jJsSx
JVSpA67gpSYUQ8RipShHTlRZkJFhVnzzq13Ku/F1qqjpvhWFh2wsWemw6gGNo6fz
areyLgly5SI10JBjYieDE7Ao3lSHw2MrlKVxxgzZloBd3bWtmCom7wga7NHfK0yE
oc5ap9qeTpY6cvi6ZRRB/C0yFss0I/7GZHYr9ieqTx7o7dGuHZf8DJkYWqGBXogE
rAmP1XzPaEI+vz83Ups9YR/oi2cDbre/NpIrQWLHkwrv1eNrtUoziU0R7IveCBbh
FEUibOS2Yy8s0f99XDLLNJ41J4WCyTcVbXKLH9szXIGbPrRj+3e3ZcxD76dtNbrX
QkS5Acv1cAjn7w==
-----END CERTIFICATE-----