Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          Q08IFT+jem48MgHRjpHP+/XPLK7bZTIb6WTEbq0yCQ8=
Subject key identifier:   9D:31:91:03:DC:C0:AF:51:72:05:65:E9:09:07:7D:D1:D1:F1:3E:E6
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       019849650A9361AB9B6D12417F285C07DDF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          068D
Signing time:             Sun 27 Jul 2025 01:00:15 +0000
Manifest this update:     Sun 27 Jul 2025 01:00:15 +0000
Manifest next update:     Mon 28 Jul 2025 01:00:15 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: MlOUlGeHVemtcqnBAVuRhgAzRJRJ0jr0v4yCMovjgtI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:65:0a:93:61:ab:9b:6d:12:41:7f:28:5c:07:dd:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Jul 27 01:00:15 2025 GMT
            Not After : Jul 28 01:00:15 2025 GMT
        Subject: CN=9d319103dcc0af51720565e909077dd1d1f13ee6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:0f:8d:cc:4d:9c:5e:00:6b:64:84:96:ad:45:
                    8f:7f:22:82:c0:62:30:73:95:40:4b:de:07:6d:ae:
                    7c:69:db:5c:f6:fd:3f:1c:93:1c:fb:09:cd:ad:f7:
                    33:4a:ec:2c:a9:aa:a0:b3:59:2a:b7:c2:6f:48:fe:
                    64:75:e1:2c:bb:91:23:78:2d:a4:aa:d4:b3:e2:3a:
                    c4:a0:2f:a7:b0:1f:7c:dd:0c:47:91:7e:9b:a4:13:
                    aa:dd:28:c3:22:85:6c:51:4c:18:90:de:81:13:28:
                    cf:85:0b:86:96:55:6b:1a:e6:eb:92:f1:c0:47:54:
                    8b:43:a0:3f:78:14:d9:27:aa:d8:5f:bf:b0:70:98:
                    10:59:62:df:99:2e:11:17:50:7b:09:93:20:d7:64:
                    b1:b6:07:01:7d:8a:8b:47:68:0c:be:a9:21:b4:91:
                    9f:f5:89:a7:9c:30:02:4e:99:a6:7d:81:33:1f:a4:
                    81:dc:e7:e0:11:74:04:10:43:88:c6:ff:a0:ef:57:
                    d8:0f:b1:81:5a:24:d4:0e:28:26:f8:2f:e1:1c:9b:
                    7b:c1:4c:a2:00:ea:cf:29:fc:64:cf:cc:23:52:0a:
                    6b:a9:3a:84:2d:0b:07:6b:d6:36:98:2d:91:ca:ec:
                    7a:b1:29:92:5d:b1:47:71:fe:45:5b:50:e1:c4:7e:
                    e0:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:31:91:03:DC:C0:AF:51:72:05:65:E9:09:07:7D:D1:D1:F1:3E:E6
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:ec:73:5d:70:b3:a3:f2:68:24:ed:52:71:62:61:9a:00:c1:
         1d:c0:34:ab:6f:a8:39:4e:c2:32:8e:56:5f:7a:d6:77:29:a9:
         05:bd:19:c2:db:20:96:2a:47:89:ef:be:26:8c:13:2e:55:d3:
         20:47:8e:c7:47:6e:04:5b:1d:1c:c6:47:ab:d7:c0:1a:7c:de:
         34:b9:7c:09:f8:1e:e5:32:3e:1b:5c:73:82:01:7b:e9:8a:05:
         1d:ef:aa:29:ba:ff:ad:d1:df:c9:30:c9:c5:41:93:84:6e:f0:
         d4:c5:4f:22:15:50:74:71:1f:b9:e3:37:a5:19:4a:4f:69:d3:
         ad:64:6e:76:40:bb:1a:1f:fd:dd:9c:8a:d6:96:ed:8a:16:83:
         c2:63:f8:97:9b:f4:d0:16:be:2d:96:0d:f2:94:d7:e4:86:a5:
         ae:22:c7:87:50:55:e6:5b:aa:7f:fa:f4:6f:67:5b:a6:5a:6a:
         48:3d:27:25:a8:bd:86:16:49:a1:16:83:9f:dc:50:1c:a5:c6:
         2d:52:a6:bd:ab:49:e1:82:72:45:02:d4:06:09:18:35:3c:79:
         87:b8:c5:27:eb:c9:da:14:4d:4c:65:bd:e8:29:31:d9:72:26:
         32:38:00:3f:0a:dd:94:9b:05:5a:f6:3b:c6:0c:8a:4d:9f:ff:
         da:e2:07:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZQqTYaubbRJBfyhcB932MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjUwNzI3MDEwMDE1WhcNMjUwNzI4MDEwMDE1WjAzMTEwLwYDVQQD
Eyg5ZDMxOTEwM2RjYzBhZjUxNzIwNTY1ZTkwOTA3N2RkMWQxZjEzZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3w+NzE2cXgBrZISWrUWPfyKCwGIw
c5VAS94Hba58adtc9v0/HJMc+wnNrfczSuwsqaqgs1kqt8JvSP5kdeEsu5EjeC2k
qtSz4jrEoC+nsB983QxHkX6bpBOq3SjDIoVsUUwYkN6BEyjPhQuGllVrGubrkvHA
R1SLQ6A/eBTZJ6rYX7+wcJgQWWLfmS4RF1B7CZMg12SxtgcBfYqLR2gMvqkhtJGf
9YmnnDACTpmmfYEzH6SB3OfgEXQEEEOIxv+g71fYD7GBWiTUDigm+C/hHJt7wUyi
AOrPKfxkz8wjUgprqTqELQsHa9Y2mC2Ryux6sSmSXbFHcf5FW1DhxH7g6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0xkQPcwK9RcgVl6QkHfdHR8T7mMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGuxzXXCz
o/JoJO1ScWJhmgDBHcA0q2+oOU7CMo5WX3rWdympBb0ZwtsglipHie++JowTLlXT
IEeOx0duBFsdHMZHq9fAGnzeNLl8Cfge5TI+G1xzggF76YoFHe+qKbr/rdHfyTDJ
xUGThG7w1MVPIhVQdHEfueM3pRlKT2nTrWRudkC7Gh/93ZyK1pbtihaDwmP4l5v0
0Ba+LZYN8pTX5IalriLHh1BV5luqf/r0b2dbplpqSD0nJai9hhZJoRaDn9xQHKXG
LVKmvatJ4YJyRQLUBgkYNTx5h7jFJ+vJ2hRNTGW96Ckx2XImMjgAPwrdlJsFWvY7
xgyKTZ//2uIHSA==
-----END CERTIFICATE-----