Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
File:                     DAHrsNsEzE1pGCs47A30sIkiJ40.mft (raw, json)
Hash identifier:          e5b3YS8TShPCZbOCxYV6nEzmcIvfQMAES585odr061E=
Subject key identifier:   C5:CE:3D:BD:9D:1D:90:80:5E:38:9F:1C:09:63:0E:32:1A:F0:63:6C
Authority key identifier: 0C:01:EB:B0:DB:04:CC:4D:69:18:2B:38:EC:0D:F4:B0:89:22:27:8D
Certificate issuer:       /CN=0c01ebb0db04cc4d69182b38ec0df4b08922278d
Certificate serial:       019A71B8D09DDB48553B888DCC1FC85CA963
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 07:02:08 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:08 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:08 +0000
Files and hashes:         1: DAHrsNsEzE1pGCs47A30sIkiJ40.crl (hash: oq9XylVtwOaGN1Uoyn2rsZ9dhlLO4bT21thf1fD7eVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d0:9d:db:48:55:3b:88:8d:cc:1f:c8:5c:a9:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c01ebb0db04cc4d69182b38ec0df4b08922278d
        Validity
            Not Before: Nov 11 07:02:08 2025 GMT
            Not After : Nov 12 07:02:08 2025 GMT
        Subject: CN=c5ce3dbd9d1d90805e389f1c09630e321af0636c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:bd:93:8d:59:9e:5a:23:81:16:72:14:84:8d:
                    23:48:a0:06:33:b6:08:05:2f:10:69:70:6a:79:f4:
                    da:58:5e:49:c7:99:ba:e6:68:16:6b:82:bf:4f:dd:
                    02:da:53:b1:98:ff:0f:d8:e6:7d:39:49:67:10:2a:
                    f1:ca:16:2a:e5:08:da:fe:0b:a7:df:6e:27:4d:19:
                    51:53:e9:17:85:57:2b:91:d2:11:f7:29:7b:32:06:
                    16:73:b8:32:01:f8:df:1d:66:90:28:cb:07:ae:73:
                    24:63:1a:d8:4f:4a:40:ac:57:a0:b2:e1:05:cf:32:
                    9a:68:7a:b9:c9:ec:98:73:75:c8:db:d9:22:87:78:
                    15:33:6d:55:10:27:df:3a:7d:39:ed:78:01:65:f6:
                    10:87:b8:77:33:02:3c:07:26:5c:76:98:60:cd:76:
                    9c:d9:3e:78:e4:2a:81:99:98:1c:a3:a0:e9:29:77:
                    47:03:be:81:6f:43:47:4a:bc:3a:62:8f:ab:cf:bd:
                    35:14:fa:e2:1b:31:bd:ca:b9:ee:32:b7:b8:24:d8:
                    23:f2:82:dc:2c:48:a1:e1:76:50:e2:ea:e0:9c:56:
                    29:12:e1:a8:71:df:ad:e5:08:cc:43:18:aa:e1:d6:
                    72:2b:3c:61:33:07:7f:a1:38:fd:15:92:74:a8:82:
                    3c:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:CE:3D:BD:9D:1D:90:80:5E:38:9F:1C:09:63:0E:32:1A:F0:63:6C
            X509v3 Authority Key Identifier:
                keyid:0C:01:EB:B0:DB:04:CC:4D:69:18:2B:38:EC:0D:F4:B0:89:22:27:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:46:94:56:3d:04:58:d3:8d:26:ec:fa:38:1a:ee:82:4c:f1:
         7d:01:3e:b1:f7:c8:b9:e7:1b:e7:af:f4:6a:41:65:61:58:c3:
         80:89:e6:f5:88:66:b1:38:df:ff:4a:59:e1:ed:5a:25:97:04:
         49:b4:85:38:03:04:25:3e:1d:16:49:de:18:e6:1c:51:8d:e0:
         bb:5f:05:70:67:71:60:fc:da:f3:32:13:a8:09:5a:17:c2:2f:
         d2:1a:cf:9b:23:ed:2b:a7:7c:52:1b:54:e8:fd:1c:c6:9b:24:
         38:d3:6f:c6:2f:c9:29:08:03:bd:d4:5a:98:e6:8d:8f:e3:ca:
         4c:8a:0b:82:53:7f:4d:91:e5:db:ed:f2:09:ec:e8:5a:04:96:
         2a:44:90:14:a4:a3:7a:95:fc:3c:0a:e5:e5:70:b6:d8:d3:b6:
         e4:e6:a0:be:6a:9d:a2:4c:3d:61:c1:59:e3:4d:3d:41:50:a7:
         d4:66:eb:61:84:54:49:da:77:02:c5:24:7f:a2:fd:86:78:5e:
         a5:ff:11:79:93:8a:59:07:d4:f9:0a:ec:f4:f0:13:14:e8:1f:
         5c:11:73:99:b0:76:07:bf:b2:ff:ba:06:db:e2:a9:f5:8a:34:
         c3:52:35:40:21:5a:74:a7:9f:db:df:e7:8f:88:69:28:ab:cb:
         79:48:de:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNCd20hVO4iNzB/IXKljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDFlYmIwZGIwNGNjNGQ2OTE4MmIzOGVjMGRmNGIwODky
MjI3OGQwHhcNMjUxMTExMDcwMjA4WhcNMjUxMTEyMDcwMjA4WjAzMTEwLwYDVQQD
EyhjNWNlM2RiZDlkMWQ5MDgwNWUzODlmMWMwOTYzMGUzMjFhZjA2MzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb2TjVmeWiOBFnIUhI0jSKAGM7YI
BS8QaXBqefTaWF5Jx5m65mgWa4K/T90C2lOxmP8P2OZ9OUlnECrxyhYq5Qja/gun
324nTRlRU+kXhVcrkdIR9yl7MgYWc7gyAfjfHWaQKMsHrnMkYxrYT0pArFegsuEF
zzKaaHq5yeyYc3XI29kih3gVM21VECffOn057XgBZfYQh7h3MwI8ByZcdphgzXac
2T545CqBmZgco6DpKXdHA76Bb0NHSrw6Yo+rz701FPriGzG9yrnuMre4JNgj8oLc
LEih4XZQ4urgnFYpEuGocd+t5QjMQxiq4dZyKzxhMwd/oTj9FZJ0qII8cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXOPb2dHZCAXjifHAljDjIa8GNsMB8GA1UdIwQY
MBaAFAwB67DbBMxNaRgrOOwN9LCJIieNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lOTg2ODQtMzAyYy00YmE4LWFiN2Yt
YTEwMzg3NGU3YzRmLzEvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9lOTg2ODQtMzAyYy00YmE4LWFiN2YtYTEwMzg3NGU3YzRm
LzEvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAokaUVj0E
WNONJuz6OBrugkzxfQE+sffIuecb56/0akFlYVjDgInm9YhmsTjf/0pZ4e1aJZcE
SbSFOAMEJT4dFkneGOYcUY3gu18FcGdxYPza8zITqAlaF8Iv0hrPmyPtK6d8UhtU
6P0cxpskONNvxi/JKQgDvdRamOaNj+PKTIoLglN/TZHl2+3yCezoWgSWKkSQFKSj
epX8PArl5XC22NO25Oagvmqdokw9YcFZ4009QVCn1GbrYYRUSdp3AsUkf6L9hnhe
pf8ReZOKWQfU+Qrs9PATFOgfXBFzmbB2B7+y/7oG2+Kp9Yo0w1I1QCFadKef29/n
j4hpKKvLeUje5g==
-----END CERTIFICATE-----