Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
File:                     DXtk3YGIxSbrXrReqB6mqK-cWek.mft (raw, json)
Hash identifier:          iE5JfxCDt96trGyMNj0OP0fO9MMRE8VVFRT9ZLWOPGA=
Subject key identifier:   88:0C:E2:28:6D:BC:64:FF:83:7B:E3:C9:95:51:10:11:C1:5A:1E:9A
Authority key identifier: 0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9
Certificate issuer:       /CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
Certificate serial:       019A7225816FB5D57BBDC0F78735B96E49CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
Manifest number:          03A5
Signing time:             Tue 11 Nov 2025 09:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:51 +0000
Files and hashes:         1: DXtk3YGIxSbrXrReqB6mqK-cWek.crl (hash: 1YE7GTBlOVTo0CibauUJJLS9OlwAZ/6mcKJ1XpNOMzQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:81:6f:b5:d5:7b:bd:c0:f7:87:35:b9:6e:49:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9
        Validity
            Not Before: Nov 11 09:00:51 2025 GMT
            Not After : Nov 12 09:00:51 2025 GMT
        Subject: CN=880ce2286dbc64ff837be3c995511011c15a1e9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:c9:57:b4:ba:8c:c7:f6:e7:8e:28:1c:66:92:
                    6d:e5:39:4f:5e:9c:54:cb:3d:68:1f:31:13:c9:fd:
                    5b:10:00:7c:67:62:71:a3:10:f3:44:51:ae:bb:38:
                    6c:15:a0:32:e6:4c:15:4c:c7:d1:73:e6:40:cd:ab:
                    4d:9d:dc:39:cc:6a:a9:3a:39:71:73:1c:a4:2a:a2:
                    de:91:9b:8b:8c:55:57:ff:85:67:99:99:fe:c1:4c:
                    6e:cb:7b:57:72:7f:06:1b:70:05:08:3e:63:fb:5e:
                    11:3a:6b:72:33:7c:40:d8:f9:8e:7c:70:a8:e3:7f:
                    7e:d2:49:15:8a:51:56:14:19:2a:69:7e:bf:22:ae:
                    37:a1:d8:2d:50:3a:45:53:5b:5a:6f:ad:21:56:f0:
                    81:d9:9c:4c:f5:f9:7b:3b:1f:61:47:1e:29:19:e7:
                    15:f9:d0:3d:d6:02:d0:0b:72:1e:8b:9e:09:96:d1:
                    b2:ec:3b:b1:31:46:8c:e4:19:4a:b6:03:34:12:a2:
                    d9:d8:42:55:ad:8f:25:e5:52:80:f5:a7:04:9b:02:
                    85:15:ef:24:43:83:1e:1b:8c:96:65:31:91:f5:64:
                    a8:06:53:58:b9:d1:9f:fc:c0:67:df:7f:1b:ff:b7:
                    3e:a7:62:15:f4:a3:54:68:93:99:89:df:03:a9:dd:
                    4e:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:0C:E2:28:6D:BC:64:FF:83:7B:E3:C9:95:51:10:11:C1:5A:1E:9A
            X509v3 Authority Key Identifier:
                keyid:0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:56:a6:a4:4a:64:ab:75:b1:89:4a:9f:dd:4a:72:4a:28:75:
         8c:a1:27:98:e6:cf:cf:c4:f0:2c:72:4a:0a:79:43:b4:5a:81:
         23:b3:b1:6e:4a:4f:e6:66:a9:23:30:5a:75:3e:ab:c2:de:7d:
         99:de:f8:a3:1e:a5:c0:a2:84:08:ae:04:21:8f:d1:77:db:9d:
         1e:0c:c7:7e:76:37:b7:4f:47:bc:32:01:f1:9e:50:09:05:bd:
         fa:48:04:92:6f:a4:5a:10:37:04:50:08:d6:51:72:d9:b4:54:
         c1:ec:99:2b:54:1b:50:98:14:be:5a:7a:01:4d:8a:72:83:99:
         47:64:8f:0e:fc:d9:0f:c2:ae:a0:9f:e8:e3:ec:ae:78:55:64:
         36:09:65:97:6a:4e:f5:64:ac:ae:11:67:c7:89:22:db:50:71:
         9d:ac:07:3c:f7:22:b5:9d:3b:4c:23:fd:e3:59:78:3d:8d:55:
         22:e8:6b:b8:d8:65:a4:e9:d1:30:b3:6b:ee:27:6f:8e:b5:1c:
         d3:e1:cf:48:a0:cb:f0:29:5a:3d:39:c2:dc:f7:b6:59:10:35:
         f6:e0:45:f9:fd:7f:5d:8e:fa:ce:11:39:b9:dd:d9:fa:b6:ed:
         63:2d:e1:4a:8b:ae:b7:7e:0c:27:5f:9a:5a:9c:6e:9f:de:57:
         ce:56:be:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYFvtdV7vcD3hzW5bknOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkN2I2NGRkODE4OGM1MjZlYjVlYjQ1ZWE4MWVhNmE4YWY5
YzU5ZTkwHhcNMjUxMTExMDkwMDUxWhcNMjUxMTEyMDkwMDUxWjAzMTEwLwYDVQQD
Eyg4ODBjZTIyODZkYmM2NGZmODM3YmUzYzk5NTUxMTAxMWMxNWExZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApslXtLqMx/bnjigcZpJt5TlPXpxU
yz1oHzETyf1bEAB8Z2JxoxDzRFGuuzhsFaAy5kwVTMfRc+ZAzatNndw5zGqpOjlx
cxykKqLekZuLjFVX/4VnmZn+wUxuy3tXcn8GG3AFCD5j+14ROmtyM3xA2PmOfHCo
439+0kkVilFWFBkqaX6/Iq43odgtUDpFU1tab60hVvCB2ZxM9fl7Ox9hRx4pGecV
+dA91gLQC3Iei54JltGy7DuxMUaM5BlKtgM0EqLZ2EJVrY8l5VKA9acEmwKFFe8k
Q4MeG4yWZTGR9WSoBlNYudGf/MBn338b/7c+p2IV9KNUaJOZid8Dqd1ObwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgM4ihtvGT/g3vjyZVREBHBWh6aMB8GA1UdIwQY
MBaAFA17ZN2BiMUm6160XqgepqivnFnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgt
MzNkMzEyOTNmMGUxLzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgtMzNkMzEyOTNmMGUx
LzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALVampEpk
q3WxiUqf3UpySih1jKEnmObPz8TwLHJKCnlDtFqBI7OxbkpP5mapIzBadT6rwt59
md74ox6lwKKECK4EIY/Rd9udHgzHfnY3t09HvDIB8Z5QCQW9+kgEkm+kWhA3BFAI
1lFy2bRUweyZK1QbUJgUvlp6AU2KcoOZR2SPDvzZD8KuoJ/o4+yueFVkNglll2pO
9WSsrhFnx4ki21BxnawHPPcitZ07TCP941l4PY1VIuhruNhlpOnRMLNr7idvjrUc
0+HPSKDL8ClaPTnC3Pe2WRA19uBF+f1/XY76zhE5ud3Z+rbtYy3hSouut34MJ1+a
Wpxun95Xzla+1A==
-----END CERTIFICATE-----