Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
File:                     Dkbx623dT_7-GDgAMCvmNs_pZTc.mft (raw, json)
Hash identifier:          aiiSvETaNYAi/uF0bDzstlq2u4/WiEJ5S2+JUtazO/E=
Subject key identifier:   65:05:72:35:F0:48:EE:32:7B:EA:6B:37:31:A3:D6:92:21:55:98:3A
Authority key identifier: 0E:46:F1:EB:6D:DD:4F:FE:FE:18:38:00:30:2B:E6:36:CF:E9:65:37
Certificate issuer:       /CN=0e46f1eb6ddd4ffefe183800302be636cfe96537
Certificate serial:       0199FBEABF818F91AFEAF2C0BBBA395DECDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:01:29 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:29 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:29 +0000
Files and hashes:         1: Dkbx623dT_7-GDgAMCvmNs_pZTc.crl (hash: NdVsEgP06rMY32viLCJGXm8k4SQpU37x48kEEUYYjjY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:bf:81:8f:91:af:ea:f2:c0:bb:ba:39:5d:ec:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e46f1eb6ddd4ffefe183800302be636cfe96537
        Validity
            Not Before: Oct 19 10:01:29 2025 GMT
            Not After : Oct 20 10:01:29 2025 GMT
        Subject: CN=65057235f048ee327bea6b3731a3d6922155983a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:fe:bf:9f:7f:bc:82:02:1d:12:58:f7:89:a4:
                    84:f1:8e:10:32:17:72:18:88:c2:d1:4d:92:ba:c6:
                    52:8d:a8:8e:88:c1:e6:2e:57:d2:90:38:1a:0a:2b:
                    37:c5:1a:a9:0f:21:36:e8:e0:41:76:26:b0:94:ce:
                    3b:5b:b8:a0:1b:10:d5:3b:46:79:01:68:8d:b7:9e:
                    b0:fa:09:0c:b8:93:d8:68:c8:a8:39:82:08:52:56:
                    0d:0e:45:78:96:05:93:7c:90:ff:d5:9a:e4:79:bd:
                    72:77:bb:1a:fe:38:f8:e2:cf:cc:b3:33:43:a3:2d:
                    2c:ac:00:60:ba:24:0c:f8:94:0d:bd:69:e9:6d:b9:
                    91:3a:79:5a:c0:81:a1:ee:93:11:3d:7f:79:c3:0a:
                    53:83:43:52:46:ea:48:ad:ef:86:2d:09:fb:67:e4:
                    45:9b:07:ec:f7:56:3f:b5:fb:5f:29:68:7a:16:48:
                    59:06:ed:3b:63:a1:c9:be:f1:c1:7a:93:2f:0d:0f:
                    7e:82:e8:96:61:ee:4f:4a:c5:fb:7b:84:62:76:db:
                    91:6a:12:0d:ff:16:8c:99:21:2c:d3:7e:1a:15:1c:
                    cb:c7:d5:ee:fe:3b:e4:d7:bd:9d:ee:fb:ed:7c:2f:
                    53:2c:9c:5b:12:ad:2f:8a:4a:ab:9d:85:46:06:86:
                    f7:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:05:72:35:F0:48:EE:32:7B:EA:6B:37:31:A3:D6:92:21:55:98:3A
            X509v3 Authority Key Identifier:
                keyid:0E:46:F1:EB:6D:DD:4F:FE:FE:18:38:00:30:2B:E6:36:CF:E9:65:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:24:30:7f:25:11:ec:f8:04:24:28:84:f4:7f:19:5f:53:5c:
         d4:ca:77:a7:dc:20:d3:4a:2b:b2:9d:e1:5f:61:97:cb:e0:26:
         b4:bd:b8:ad:a3:04:dd:94:18:83:50:68:f8:93:71:ec:9e:8d:
         f5:b1:6c:c1:c2:20:17:59:49:8f:b5:b5:d0:ec:ee:5f:76:34:
         bb:7a:28:2c:ee:db:bc:3c:c3:f2:30:8f:75:a5:e9:7f:e7:66:
         f8:30:0c:1d:80:a8:94:7a:ab:70:63:bc:52:14:70:9f:a8:ce:
         e4:4e:5d:59:ab:e8:09:9f:bd:a0:dc:42:d8:80:fc:fb:12:66:
         b2:a2:af:ff:03:52:5c:b8:0f:12:1d:72:8a:f8:49:27:78:71:
         5f:c8:e2:fb:3d:7c:e8:f0:e3:42:a5:0e:fc:70:b7:80:70:d1:
         5d:62:68:1d:70:1b:39:82:24:3b:1a:4b:50:43:82:d4:2b:ab:
         49:11:14:f0:a4:3b:ad:78:a3:8e:01:ba:34:65:7e:58:4f:ca:
         ae:09:e4:c7:c6:1e:63:e4:f8:13:71:8a:a9:82:6c:53:bf:d3:
         b3:10:9c:12:b5:87:5f:02:4f:a7:40:83:18:42:16:a7:9c:45:
         9f:48:cc:81:b2:0d:80:97:d0:09:2b:4b:f3:97:8a:77:a5:de:
         98:bd:aa:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76r+Bj5Gv6vLAu7o5XezaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDZmMWViNmRkZDRmZmVmZTE4MzgwMDMwMmJlNjM2Y2Zl
OTY1MzcwHhcNMjUxMDE5MTAwMTI5WhcNMjUxMDIwMTAwMTI5WjAzMTEwLwYDVQQD
Eyg2NTA1NzIzNWYwNDhlZTMyN2JlYTZiMzczMWEzZDY5MjIxNTU5ODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP6/n3+8ggIdElj3iaSE8Y4QMhdy
GIjC0U2SusZSjaiOiMHmLlfSkDgaCis3xRqpDyE26OBBdiawlM47W7igGxDVO0Z5
AWiNt56w+gkMuJPYaMioOYIIUlYNDkV4lgWTfJD/1Zrkeb1yd7sa/jj44s/MszND
oy0srABguiQM+JQNvWnpbbmROnlawIGh7pMRPX95wwpTg0NSRupIre+GLQn7Z+RF
mwfs91Y/tftfKWh6FkhZBu07Y6HJvvHBepMvDQ9+guiWYe5PSsX7e4RidtuRahIN
/xaMmSEs034aFRzLx9Xu/jvk172d7vvtfC9TLJxbEq0vikqrnYVGBob39QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGUFcjXwSO4ye+prNzGj1pIhVZg6MB8GA1UdIwQY
MBaAFA5G8ett3U/+/hg4ADAr5jbP6WU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81NThhZmUtNDlmZS00MzhlLWJkMzct
ZjRmY2VkMzViMzUyLzEvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81NThhZmUtNDlmZS00MzhlLWJkMzctZjRmY2VkMzViMzUy
LzEvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATyQwfyUR
7PgEJCiE9H8ZX1Nc1Mp3p9wg00orsp3hX2GXy+AmtL24raME3ZQYg1Bo+JNx7J6N
9bFswcIgF1lJj7W10OzuX3Y0u3ooLO7bvDzD8jCPdaXpf+dm+DAMHYColHqrcGO8
UhRwn6jO5E5dWavoCZ+9oNxC2ID8+xJmsqKv/wNSXLgPEh1yivhJJ3hxX8ji+z18
6PDjQqUO/HC3gHDRXWJoHXAbOYIkOxpLUEOC1CurSREU8KQ7rXijjgG6NGV+WE/K
rgnkx8YeY+T4E3GKqYJsU7/TsxCcErWHXwJPp0CDGEIWp5xFn0jMgbINgJfQCStL
85eKd6XemL2q9w==
-----END CERTIFICATE-----