Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
File:                     dUI-b2St_Fh6CPgawqySYOsu1hU.mft (raw, json)
Hash identifier:          JRALTRiYYU279ETEEOR+hiraRYsaqNLrWwSOqlzJMvQ=
Subject key identifier:   79:2C:B9:D5:41:53:F0:14:49:FC:5A:04:0F:98:07:62:5F:08:7B:1F
Authority key identifier: 75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15
Certificate issuer:       /CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
Certificate serial:       019A71B8E16EDB36D5CA60A742D7D08A84F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
Manifest number:          0D90
Signing time:             Tue 11 Nov 2025 07:02:12 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:12 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:12 +0000
Files and hashes:         1: dUI-b2St_Fh6CPgawqySYOsu1hU.crl (hash: hQ/COT0DxKeKSwWSIHN7Br4q87ANjQmlJaRa7Y9or90=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:e1:6e:db:36:d5:ca:60:a7:42:d7:d0:8a:84:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
        Validity
            Not Before: Nov 11 07:02:12 2025 GMT
            Not After : Nov 12 07:02:12 2025 GMT
        Subject: CN=792cb9d54153f01449fc5a040f9807625f087b1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5a:c8:07:4c:78:ba:aa:b5:d5:2b:c1:b3:58:
                    64:5f:55:2b:6c:9c:72:6c:9a:0d:43:e5:8f:53:1a:
                    1e:d3:0b:5e:7e:6a:97:48:89:03:04:22:2b:66:d1:
                    f5:24:07:89:8e:19:fc:4d:19:ab:82:c8:e2:a6:6e:
                    a1:51:64:68:30:54:0e:01:f5:90:a1:70:3a:8a:2c:
                    50:d5:42:f5:85:3e:07:90:18:92:af:9b:93:42:18:
                    f1:9d:39:8d:3f:8f:3b:27:56:07:dd:85:ae:1c:b9:
                    8c:1e:cc:c8:48:dc:7a:f5:1c:2e:ec:ea:fd:9e:f5:
                    a1:96:15:58:51:15:c6:a5:ca:25:51:b9:e9:f7:a9:
                    03:bc:41:be:c9:57:04:72:7d:c4:a5:e1:1f:b5:4b:
                    88:8c:ea:62:14:eb:0e:9d:80:db:75:f4:a8:cc:b6:
                    5c:b1:02:ef:d8:95:ee:1d:39:39:75:5c:66:1a:92:
                    fa:b2:b7:8f:e8:f3:6e:d8:8e:b9:a7:6f:c0:9b:12:
                    3c:21:03:11:14:e7:a6:e3:3a:29:40:fe:5b:9b:61:
                    89:ec:6d:3d:ba:ba:b8:3b:9e:fd:4a:6d:36:a6:39:
                    3d:95:42:7d:f1:7e:ea:6d:2b:5b:0f:07:42:fd:d4:
                    05:64:f1:ab:8f:44:9f:d2:b0:33:d8:c5:ee:0e:ae:
                    b5:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:2C:B9:D5:41:53:F0:14:49:FC:5A:04:0F:98:07:62:5F:08:7B:1F
            X509v3 Authority Key Identifier:
                keyid:75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:7e:5d:54:c2:5a:58:23:e7:b6:b2:65:f2:f2:f3:a2:94:3a:
         50:28:c2:6c:c0:94:31:1e:13:52:dd:1b:e5:34:23:f5:a5:1d:
         47:a7:5a:77:07:02:15:c2:39:30:4a:41:21:c1:43:13:87:0f:
         08:13:3c:76:af:76:c0:dd:85:3c:d8:a8:aa:29:33:05:70:a6:
         ea:02:db:7d:a5:48:ba:f6:73:e6:ec:b0:48:ba:58:11:46:05:
         75:94:10:67:39:82:6d:4d:6f:5d:94:4c:7c:95:1f:e0:97:7c:
         10:6e:bf:44:2a:4f:91:4e:0d:97:87:2c:c3:23:60:85:92:4c:
         a1:4e:4d:ce:15:4b:e5:bb:07:a4:5d:15:a3:cb:61:8e:04:21:
         71:58:ba:08:3a:99:82:46:2f:27:83:f8:be:15:2d:97:2d:1a:
         fd:e7:fd:73:93:c9:08:8e:35:c6:73:5f:c4:76:94:ba:5f:c2:
         f6:39:f1:d8:b9:70:d0:5e:5b:70:ca:d4:12:73:0c:85:2e:75:
         95:49:3c:60:c0:eb:9a:04:76:0a:13:10:16:a1:a1:d7:a5:4f:
         fd:72:6c:88:5f:f2:62:1a:93:4d:fc:e7:6a:fe:86:62:af:2d:
         53:62:32:10:e6:be:c4:b2:69:76:f0:f2:0a:a2:34:5c:a0:40:
         5a:14:ad:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOFu2zbVymCnQtfQioT2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NDIzZTZmNjRhZGZjNTg3YTA4ZjgxYWMyYWM5MjYwZWIy
ZWQ2MTUwHhcNMjUxMTExMDcwMjEyWhcNMjUxMTEyMDcwMjEyWjAzMTEwLwYDVQQD
Eyg3OTJjYjlkNTQxNTNmMDE0NDlmYzVhMDQwZjk4MDc2MjVmMDg3YjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslrIB0x4uqq11SvBs1hkX1UrbJxy
bJoNQ+WPUxoe0wtefmqXSIkDBCIrZtH1JAeJjhn8TRmrgsjipm6hUWRoMFQOAfWQ
oXA6iixQ1UL1hT4HkBiSr5uTQhjxnTmNP487J1YH3YWuHLmMHszISNx69Rwu7Or9
nvWhlhVYURXGpcolUbnp96kDvEG+yVcEcn3EpeEftUuIjOpiFOsOnYDbdfSozLZc
sQLv2JXuHTk5dVxmGpL6sreP6PNu2I65p2/AmxI8IQMRFOem4zopQP5bm2GJ7G09
urq4O579Sm02pjk9lUJ98X7qbStbDwdC/dQFZPGrj0Sf0rAz2MXuDq61fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHksudVBU/AUSfxaBA+YB2JfCHsfMB8GA1UdIwQY
MBaAFHVCPm9krfxYegj4GsKskmDrLtYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYt
MjliNGY5MmFjOGZkLzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYtMjliNGY5MmFjOGZk
LzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnn5dVMJa
WCPntrJl8vLzopQ6UCjCbMCUMR4TUt0b5TQj9aUdR6dadwcCFcI5MEpBIcFDE4cP
CBM8dq92wN2FPNioqikzBXCm6gLbfaVIuvZz5uywSLpYEUYFdZQQZzmCbU1vXZRM
fJUf4Jd8EG6/RCpPkU4Nl4cswyNghZJMoU5NzhVL5bsHpF0Vo8thjgQhcVi6CDqZ
gkYvJ4P4vhUtly0a/ef9c5PJCI41xnNfxHaUul/C9jnx2Llw0F5bcMrUEnMMhS51
lUk8YMDrmgR2ChMQFqGh16VP/XJsiF/yYhqTTfznav6GYq8tU2IyEOa+xLJpdvDy
CqI0XKBAWhSthA==
-----END CERTIFICATE-----