Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
File:                     PDetizomkODPRy2ybo_isWgBkiQ.mft (raw, json)
Hash identifier:          g3dq3iVTIzbXwLNBmTVSYmiqXIaeTcg5iqLgCkdofnU=
Subject key identifier:   2D:B6:4B:06:BE:9C:27:E5:07:4F:9E:AD:46:01:73:26:81:4E:A0:F0
Authority key identifier: 3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24
Certificate issuer:       /CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
Certificate serial:       019A7225BFFFD47FD6DFE7D663BCDCBFA511
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
Manifest number:          1540
Signing time:             Tue 11 Nov 2025 09:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:07 +0000
Files and hashes:         1: PDetizomkODPRy2ybo_isWgBkiQ.crl (hash: b0+rXLQQNHS7vM76psXuZ7ws/mjJSZDagBBvj2GLFuk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:bf:ff:d4:7f:d6:df:e7:d6:63:bc:dc:bf:a5:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
        Validity
            Not Before: Nov 11 09:01:07 2025 GMT
            Not After : Nov 12 09:01:07 2025 GMT
        Subject: CN=2db64b06be9c27e5074f9ead46017326814ea0f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:e7:34:85:d2:50:49:34:99:be:54:41:93:0d:
                    c0:36:e6:cd:58:d5:42:6d:57:d8:c2:74:5a:cb:01:
                    ae:d8:29:09:53:09:4f:5c:bf:e1:1b:02:63:7b:d5:
                    4c:a4:c1:e0:af:bb:f1:ad:87:bb:69:29:a0:81:a3:
                    11:d2:08:73:71:be:c7:34:69:c8:e2:20:99:7f:dd:
                    26:2b:5d:8c:57:59:6a:7d:68:47:da:9e:8a:9d:62:
                    39:63:dc:84:fc:57:f8:94:e0:16:2a:5d:7f:b2:1b:
                    8e:11:df:5e:80:e7:46:df:c8:fb:65:f0:04:41:e8:
                    d9:f7:a5:9c:ca:8a:ce:13:68:5f:c7:ce:9a:c8:ec:
                    77:37:1a:6f:ec:ec:51:12:7e:25:85:8b:7e:fe:ba:
                    eb:66:fb:05:03:a9:71:77:5d:ff:f2:3d:72:ad:9a:
                    54:d5:2f:48:27:aa:2e:55:c0:41:c1:48:58:3a:78:
                    9a:86:2e:73:1b:b9:59:75:4a:f4:ae:e5:aa:4c:a7:
                    90:77:ce:a4:13:fa:ea:f6:b8:c8:52:8a:5f:18:e4:
                    5a:4f:f3:49:b7:9d:1a:12:40:98:a2:c5:cd:8f:07:
                    8b:8e:83:a7:84:73:0c:99:6e:65:4a:18:c5:d4:6d:
                    11:50:ad:cf:d5:14:a6:de:42:28:79:76:f4:bd:7f:
                    ec:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:B6:4B:06:BE:9C:27:E5:07:4F:9E:AD:46:01:73:26:81:4E:A0:F0
            X509v3 Authority Key Identifier:
                keyid:3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:9b:b1:d6:ce:24:cd:c9:48:99:70:66:21:d7:f6:69:27:0a:
         4e:f9:cb:dd:0a:5e:83:50:13:22:89:b8:e0:6d:8f:4e:74:29:
         dc:16:58:62:f6:02:7e:d9:98:fe:eb:b5:b7:7f:f7:3a:4b:08:
         f0:d7:b7:f4:e8:e1:0f:3d:44:d4:26:60:03:b8:35:f8:5c:f7:
         cd:fe:00:5c:d5:35:51:de:17:fe:d0:80:7d:fb:75:a8:3a:c7:
         7e:18:21:6e:8c:1a:57:6d:f2:c8:8a:f9:af:2d:c6:14:ad:14:
         59:b9:17:61:ba:56:76:4b:9f:d7:24:aa:4f:b9:69:5a:d6:b5:
         78:67:29:66:57:c9:cd:8f:45:9e:49:0a:c1:7b:c6:c7:69:b3:
         18:72:39:04:5b:5b:14:8a:3e:c5:3b:2a:e5:29:4d:8f:02:29:
         a6:06:6f:0f:b3:ac:11:b3:5a:40:de:99:a5:4d:48:51:08:3b:
         73:8c:77:f1:34:62:07:4e:2b:b2:c6:bc:46:6a:0d:5e:25:4e:
         72:c6:be:3c:0c:8e:ad:54:21:3e:ea:7a:46:bc:f1:63:38:75:
         3f:62:f6:f1:99:c1:7b:ab:05:e5:da:d5:6d:9d:91:ad:65:16:
         f5:8e:9a:4b:a2:61:2e:9a:48:3b:6a:45:0e:22:56:34:81:3d:
         6e:7e:49:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJb//1H/W3+fWY7zcv6URMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzdhZDhiM2EyNjkwZTBjZjQ3MmRiMjZlOGZlMmIxNjgw
MTkyMjQwHhcNMjUxMTExMDkwMTA3WhcNMjUxMTEyMDkwMTA3WjAzMTEwLwYDVQQD
EygyZGI2NGIwNmJlOWMyN2U1MDc0ZjllYWQ0NjAxNzMyNjgxNGVhMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Oc0hdJQSTSZvlRBkw3ANubNWNVC
bVfYwnRaywGu2CkJUwlPXL/hGwJje9VMpMHgr7vxrYe7aSmggaMR0ghzcb7HNGnI
4iCZf90mK12MV1lqfWhH2p6KnWI5Y9yE/Ff4lOAWKl1/shuOEd9egOdG38j7ZfAE
QejZ96WcyorOE2hfx86ayOx3Nxpv7OxREn4lhYt+/rrrZvsFA6lxd13/8j1yrZpU
1S9IJ6ouVcBBwUhYOniahi5zG7lZdUr0ruWqTKeQd86kE/rq9rjIUopfGORaT/NJ
t50aEkCYosXNjweLjoOnhHMMmW5lShjF1G0RUK3P1RSm3kIoeXb0vX/sfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC22Swa+nCflB0+erUYBcyaBTqDwMB8GA1UdIwQY
MBaAFDw3rYs6JpDgz0ctsm6P4rFoAZIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2Njct
MmUyYjU2YjQxNWMxLzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2NjctMmUyYjU2YjQxNWMx
LzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO5ux1s4k
zclImXBmIdf2aScKTvnL3Qpeg1ATIom44G2PTnQp3BZYYvYCftmY/uu1t3/3OksI
8Ne39OjhDz1E1CZgA7g1+Fz3zf4AXNU1Ud4X/tCAfft1qDrHfhghbowaV23yyIr5
ry3GFK0UWbkXYbpWdkuf1ySqT7lpWta1eGcpZlfJzY9FnkkKwXvGx2mzGHI5BFtb
FIo+xTsq5SlNjwIppgZvD7OsEbNaQN6ZpU1IUQg7c4x38TRiB04rssa8RmoNXiVO
csa+PAyOrVQhPup6RrzxYzh1P2L28ZnBe6sF5drVbZ2RrWUW9Y6aS6JhLppIO2pF
DiJWNIE9bn5JAw==
-----END CERTIFICATE-----