Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          qwwJ2O8kkNGtkntuYRE793HPWs+lyvmEOe/BEgG4aCU=
Subject key identifier:   FE:C7:BF:26:9A:2A:84:7F:E9:21:1A:54:26:4F:27:91:4A:30:41:B2
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       019849662D5EEFE75EFEC5054645207C9D58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          158F
Signing time:             Sun 27 Jul 2025 01:01:29 +0000
Manifest this update:     Sun 27 Jul 2025 01:01:29 +0000
Manifest next update:     Mon 28 Jul 2025 01:01:29 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: +REg3fqcyAjPjgFOfdTJdPIfPmQF2cyW1U0V4A/0wnc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 01:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:66:2d:5e:ef:e7:5e:fe:c5:05:46:45:20:7c:9d:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Jul 27 01:01:29 2025 GMT
            Not After : Jul 28 01:01:29 2025 GMT
        Subject: CN=fec7bf269a2a847fe9211a54264f27914a3041b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:28:33:83:b5:33:5d:70:81:67:15:38:20:11:
                    58:c9:9a:3c:9d:6b:87:cd:b7:ac:d9:f2:7f:75:98:
                    6d:a6:ce:9a:72:63:32:7e:be:18:9f:a8:4a:59:15:
                    86:35:72:d1:e9:2b:50:3d:30:84:77:a1:96:bc:63:
                    b1:23:b0:70:f5:ec:6c:e9:95:e8:d2:85:e8:da:e3:
                    17:99:a1:37:d9:40:f4:80:86:b0:c7:f0:cb:a7:98:
                    e4:67:69:cd:f5:71:e8:66:f8:ba:29:e3:1c:35:14:
                    91:92:e1:9b:e4:98:a5:9b:7d:13:96:35:cb:a9:ab:
                    5e:6a:b2:5d:33:ee:d2:6d:04:6f:3d:02:9a:0b:51:
                    53:9b:5e:80:88:18:ed:da:ca:a8:78:7b:e8:cc:5b:
                    5b:87:f1:bb:79:85:b2:b9:79:04:60:0a:51:cf:95:
                    45:ab:ca:2a:2e:d9:b9:84:a7:73:83:72:1a:8f:07:
                    f1:f8:b7:7b:bf:1d:85:b6:15:2b:08:49:6d:7d:17:
                    0c:f7:55:35:a2:2f:3f:26:8e:83:d8:9b:7d:2e:85:
                    dc:24:3e:22:6d:e7:76:fe:f9:d4:86:2b:63:d2:f5:
                    27:c4:ca:db:3d:39:f0:e7:b8:33:68:0c:b0:f9:72:
                    7d:d6:dd:cd:2b:0b:8e:d4:a9:42:40:d2:fa:b2:c6:
                    25:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:C7:BF:26:9A:2A:84:7F:E9:21:1A:54:26:4F:27:91:4A:30:41:B2
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:e4:17:1d:a4:11:98:3b:dc:c7:43:4f:98:f0:05:a3:6e:6a:
         90:65:73:66:73:e3:5b:2b:62:da:9e:e5:b8:65:71:d3:b2:2f:
         39:7c:cb:f9:af:48:ce:5b:77:06:e1:a9:e4:d1:3c:85:53:6a:
         9b:2d:b1:22:8a:e8:a3:08:68:58:99:a1:c7:81:f3:ce:d7:0f:
         c2:90:09:b0:22:82:46:71:9f:77:4b:90:0b:9e:92:21:06:98:
         d7:8a:ab:83:c5:cc:fb:74:7d:d2:95:c4:e7:54:f9:03:90:d5:
         5b:72:3a:47:62:b5:73:5a:f6:8d:ad:22:7c:6a:95:fe:b9:9a:
         97:27:ef:f6:86:ac:f5:3e:9a:a9:53:a5:b3:8e:90:2e:bf:03:
         6f:56:ef:82:35:98:c2:bd:37:4a:16:f2:45:92:a7:f4:36:97:
         8d:2b:ab:d7:b9:0b:ce:81:09:99:e0:58:42:e9:45:fc:19:51:
         36:49:49:46:f9:ec:99:28:9a:d0:f0:4c:0b:b7:c5:d9:bc:1e:
         ab:74:ad:ee:96:85:b5:27:90:51:3c:dc:3c:3a:08:91:d4:bb:
         e1:ed:02:e2:11:21:73:53:02:e1:74:73:41:19:97:2d:a5:2a:
         7e:e3:46:e8:dd:a4:93:d1:19:c6:34:14:17:2f:34:eb:09:10:
         77:13:15:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZi1e7+de/sUFRkUgfJ1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjUwNzI3MDEwMTI5WhcNMjUwNzI4MDEwMTI5WjAzMTEwLwYDVQQD
EyhmZWM3YmYyNjlhMmE4NDdmZTkyMTFhNTQyNjRmMjc5MTRhMzA0MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSgzg7UzXXCBZxU4IBFYyZo8nWuH
zbes2fJ/dZhtps6acmMyfr4Yn6hKWRWGNXLR6StQPTCEd6GWvGOxI7Bw9exs6ZXo
0oXo2uMXmaE32UD0gIawx/DLp5jkZ2nN9XHoZvi6KeMcNRSRkuGb5Jilm30TljXL
qatearJdM+7SbQRvPQKaC1FTm16AiBjt2sqoeHvozFtbh/G7eYWyuXkEYApRz5VF
q8oqLtm5hKdzg3Iajwfx+Ld7vx2FthUrCEltfRcM91U1oi8/Jo6D2Jt9LoXcJD4i
bed2/vnUhitj0vUnxMrbPTnw57gzaAyw+XJ91t3NKwuO1KlCQNL6ssYlVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7HvyaaKoR/6SEaVCZPJ5FKMEGyMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmeQXHaQR
mDvcx0NPmPAFo25qkGVzZnPjWyti2p7luGVx07IvOXzL+a9Izlt3BuGp5NE8hVNq
my2xIoroowhoWJmhx4HzztcPwpAJsCKCRnGfd0uQC56SIQaY14qrg8XM+3R90pXE
51T5A5DVW3I6R2K1c1r2ja0ifGqV/rmalyfv9oas9T6aqVOls46QLr8Db1bvgjWY
wr03ShbyRZKn9DaXjSur17kLzoEJmeBYQulF/BlRNklJRvnsmSia0PBMC7fF2bwe
q3St7paFtSeQUTzcPDoIkdS74e0C4hEhc1MC4XRzQRmXLaUqfuNG6N2kk9EZxjQU
Fy806wkQdxMVUQ==
-----END CERTIFICATE-----