Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          hSdbY4gDHt7WG+a+BSZ8KBx3gEScggEn1KlGJcQxpG8=
Subject key identifier:   AC:69:72:A8:35:37:3E:E2:2C:A6:92:CD:71:68:9B:14:66:22:34:8B
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       019A733816FEB5491F9BE353370545D5E657
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          03A6
Signing time:             Tue 11 Nov 2025 14:00:47 +0000
Manifest this update:     Tue 11 Nov 2025 14:00:47 +0000
Manifest next update:     Wed 12 Nov 2025 14:00:47 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: yPPrR/9BDf1Ra526zt3/ulhgHeCIi+9v9tZ+Thv44gM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:38:16:fe:b5:49:1f:9b:e3:53:37:05:45:d5:e6:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: Nov 11 14:00:47 2025 GMT
            Not After : Nov 12 14:00:47 2025 GMT
        Subject: CN=ac6972a835373ee22ca692cd71689b146622348b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ec:96:ad:08:c7:f6:da:4d:5f:3d:19:1a:dc:
                    19:68:d9:c9:15:fe:6a:92:90:6f:ed:1b:9c:50:c6:
                    5f:89:57:3f:41:ae:52:88:3f:5d:bc:22:b8:b6:e0:
                    f5:94:d2:39:72:86:c8:0f:a5:12:6e:0b:0f:76:71:
                    63:6d:9b:39:fe:46:62:11:99:16:ab:a5:f2:b4:6d:
                    1e:07:61:96:34:15:ac:fb:94:28:71:f5:c1:6c:53:
                    f0:fd:9d:d5:18:2d:fd:dd:34:f2:77:28:f7:e7:11:
                    da:89:38:5a:d0:90:df:20:65:2a:cb:cd:cf:fe:77:
                    d2:21:31:26:d9:40:c7:e6:a6:b2:85:12:13:4b:02:
                    0e:97:32:ea:83:20:89:ed:42:7f:e9:72:30:e9:a2:
                    c2:43:a3:df:b8:66:30:bc:e6:c5:db:68:57:84:17:
                    17:a4:39:35:79:e5:9f:6f:81:8a:89:ce:e7:f6:55:
                    26:49:76:8d:78:76:d7:40:c2:10:0c:44:a2:34:1b:
                    53:7e:ac:16:37:03:78:2c:41:a1:f3:32:eb:4f:84:
                    77:5e:62:b5:34:a1:44:7d:61:5c:ed:d1:6d:4c:63:
                    05:d3:1e:45:86:08:4b:5c:89:e8:e3:34:86:0d:bf:
                    86:32:82:c3:ae:8a:34:6f:14:33:ed:ab:6e:67:b2:
                    cf:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:69:72:A8:35:37:3E:E2:2C:A6:92:CD:71:68:9B:14:66:22:34:8B
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:cb:10:30:27:2f:dd:a5:e1:5c:a7:e3:fa:8a:89:ff:90:eb:
         12:d5:2a:aa:30:9c:fe:0a:87:f0:54:34:b8:6a:99:4a:ba:5e:
         57:ac:69:cf:f3:9d:b0:1d:a4:d5:e9:2d:41:96:8b:58:93:d4:
         e9:84:05:eb:df:23:2c:41:b3:2d:2d:ea:84:c1:87:c4:7d:64:
         7b:9d:6e:e2:d6:11:4f:6b:99:c0:37:17:53:c3:d1:ca:df:54:
         43:44:37:fe:3d:86:9b:7f:5b:7a:3e:f3:85:77:33:2b:2d:43:
         7c:b4:b7:90:08:68:ab:70:63:3f:8e:bd:31:24:94:1a:70:cf:
         17:64:6d:6d:28:77:75:5e:ef:6f:5f:62:73:01:1d:9c:9f:ef:
         5d:be:79:0a:94:d2:78:ba:51:e8:ec:0d:1d:e4:6d:d3:82:af:
         61:d1:1a:ed:49:5f:08:06:04:8e:02:db:d5:e2:c5:27:c1:a5:
         e6:ab:0a:ab:80:b8:ea:00:37:ce:22:07:9f:dd:2b:44:93:29:
         91:7b:21:38:ed:c8:d4:35:2f:23:82:77:82:a8:f3:e1:42:f8:
         f6:f1:38:c6:c2:83:95:d9:9d:a3:91:ce:ec:63:7a:62:46:fb:
         da:9c:64:b5:c9:08:4e:bd:64:e2:2e:e7:80:a2:18:05:3c:ef:
         42:6f:90:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOBb+tUkfm+NTNwVF1eZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjUxMTExMTQwMDQ3WhcNMjUxMTEyMTQwMDQ3WjAzMTEwLwYDVQQD
EyhhYzY5NzJhODM1MzczZWUyMmNhNjkyY2Q3MTY4OWIxNDY2MjIzNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+yWrQjH9tpNXz0ZGtwZaNnJFf5q
kpBv7RucUMZfiVc/Qa5SiD9dvCK4tuD1lNI5cobID6USbgsPdnFjbZs5/kZiEZkW
q6XytG0eB2GWNBWs+5QocfXBbFPw/Z3VGC393TTydyj35xHaiTha0JDfIGUqy83P
/nfSITEm2UDH5qayhRITSwIOlzLqgyCJ7UJ/6XIw6aLCQ6PfuGYwvObF22hXhBcX
pDk1eeWfb4GKic7n9lUmSXaNeHbXQMIQDESiNBtTfqwWNwN4LEGh8zLrT4R3XmK1
NKFEfWFc7dFtTGMF0x5FhghLXIno4zSGDb+GMoLDroo0bxQz7atuZ7LPNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxpcqg1Nz7iLKaSzXFomxRmIjSLMB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn8sQMCcv
3aXhXKfj+oqJ/5DrEtUqqjCc/gqH8FQ0uGqZSrpeV6xpz/OdsB2k1ektQZaLWJPU
6YQF698jLEGzLS3qhMGHxH1ke51u4tYRT2uZwDcXU8PRyt9UQ0Q3/j2Gm39bej7z
hXczKy1DfLS3kAhoq3BjP469MSSUGnDPF2RtbSh3dV7vb19icwEdnJ/vXb55CpTS
eLpR6OwNHeRt04KvYdEa7UlfCAYEjgLb1eLFJ8Gl5qsKq4C46gA3ziIHn90rRJMp
kXshOO3I1DUvI4J3gqjz4UL49vE4xsKDldmdo5HO7GN6Ykb72pxktckITr1k4i7n
gKIYBTzvQm+QrA==
-----END CERTIFICATE-----