Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
File:                     PbbHfudmfXoeivbnKly0P5_DSA4.mft (raw, json)
Hash identifier:          vIIDhCedriiCWMrN8V0PC609usMhaquyzBWHqZcdwag=
Subject key identifier:   0C:33:1E:BC:42:16:E6:07:92:7A:03:2A:AD:83:8D:7E:1B:0D:DD:F9
Authority key identifier: 3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E
Certificate issuer:       /CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
Certificate serial:       019923316857DC293264170911CE7F002E91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
Manifest number:          DC
Signing time:             Sun 07 Sep 2025 08:01:04 +0000
Manifest this update:     Sun 07 Sep 2025 08:01:04 +0000
Manifest next update:     Mon 08 Sep 2025 08:01:04 +0000
Files and hashes:         1: PbbHfudmfXoeivbnKly0P5_DSA4.crl (hash: RmIyS/rzcZIEXCfZ+ywvzhk7JnsFRZJW/nsHS9pKy6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:68:57:dc:29:32:64:17:09:11:ce:7f:00:2e:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
        Validity
            Not Before: Sep  7 08:01:04 2025 GMT
            Not After : Sep  8 08:01:04 2025 GMT
        Subject: CN=0c331ebc4216e607927a032aad838d7e1b0dddf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:33:12:26:d1:7e:39:7d:2d:5c:d6:f8:df:dc:
                    e1:77:18:ee:af:43:e1:67:53:b2:e7:54:01:3d:48:
                    17:e8:30:48:72:de:24:6c:84:10:e7:5f:75:1d:a1:
                    ab:be:ad:af:d7:10:0e:7a:b7:01:30:db:af:51:88:
                    b5:1f:59:52:7c:3b:77:5d:4a:d2:d8:27:97:7e:92:
                    8c:2b:03:05:00:1f:92:cc:6b:9e:5d:48:1d:cb:4b:
                    22:dd:e3:0f:58:64:88:5a:dd:09:0a:12:40:16:e7:
                    9b:5f:aa:4a:e6:81:e5:46:95:32:f9:35:55:d1:bd:
                    f7:f2:03:79:25:70:b4:0a:96:d4:a2:ef:8c:d6:f4:
                    99:e1:76:22:7e:c9:e5:0b:4c:11:cb:71:71:6e:89:
                    2a:3f:9c:bd:a2:80:5f:ba:68:c0:bd:71:0c:2e:ab:
                    12:6d:22:e6:db:18:c9:ec:e2:45:fc:0e:ed:fc:db:
                    2d:98:0c:dc:98:a2:2d:cd:bb:e5:8c:3d:f1:06:74:
                    32:c7:6f:31:1e:24:64:df:d5:7d:97:1a:ae:40:72:
                    0c:22:17:46:69:9d:fc:e0:75:83:d0:f5:16:6e:65:
                    07:03:33:46:2b:c4:c4:bf:d2:11:07:ae:1b:d6:1c:
                    bb:48:cd:94:ca:9a:33:20:fa:42:8b:89:b0:a5:5a:
                    d9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:33:1E:BC:42:16:E6:07:92:7A:03:2A:AD:83:8D:7E:1B:0D:DD:F9
            X509v3 Authority Key Identifier:
                keyid:3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:f5:ac:e0:ad:8b:78:24:07:d4:34:8c:32:c0:03:fc:22:e4:
         8d:e9:ee:4e:9e:76:f6:69:cd:60:a3:ce:30:87:7e:b9:b9:39:
         9e:8b:c3:a1:0b:f1:fb:d5:6d:d5:d2:39:75:2a:27:2a:a2:85:
         31:7a:7a:78:29:6a:ff:f0:64:33:8b:73:da:82:36:f3:03:7f:
         c2:1f:51:86:3e:dc:34:2b:55:24:67:e5:1f:40:b1:14:d4:17:
         b4:83:ef:a9:8b:c5:02:72:96:d9:53:10:42:90:91:2c:63:8e:
         6b:1b:41:3c:c8:3f:87:fc:54:01:f2:21:58:c1:ca:1c:53:23:
         85:4a:46:5b:97:04:04:6c:d7:34:fe:6d:c3:34:85:3d:ad:5b:
         ba:21:6b:d5:45:7a:ca:82:ef:62:fb:73:b4:3a:95:fc:9b:28:
         bb:e8:b0:02:58:7f:07:c1:1a:6f:7c:5c:e3:08:fd:90:f2:6f:
         db:a9:d0:dc:31:26:34:4e:77:80:f6:de:56:70:0e:75:28:b3:
         b6:d3:c5:4a:6e:05:33:74:b0:51:15:95:c6:21:a0:92:64:60:
         bb:82:b6:c9:59:ef:0e:02:d0:f8:ac:91:89:7f:a7:4d:b7:55:
         9f:ba:e6:17:94:b1:f5:40:a1:6d:db:4a:d5:c4:e2:28:a2:13:
         b1:d6:9a:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMWhX3CkyZBcJEc5/AC6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZjNzdlZTc2NjdkN2ExZThhZjZlNzJhNWNiNDNmOWZj
MzQ4MGUwHhcNMjUwOTA3MDgwMTA0WhcNMjUwOTA4MDgwMTA0WjAzMTEwLwYDVQQD
EygwYzMzMWViYzQyMTZlNjA3OTI3YTAzMmFhZDgzOGQ3ZTFiMGRkZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjMSJtF+OX0tXNb439zhdxjur0Ph
Z1Oy51QBPUgX6DBIct4kbIQQ5191HaGrvq2v1xAOercBMNuvUYi1H1lSfDt3XUrS
2CeXfpKMKwMFAB+SzGueXUgdy0si3eMPWGSIWt0JChJAFuebX6pK5oHlRpUy+TVV
0b338gN5JXC0CpbUou+M1vSZ4XYifsnlC0wRy3FxbokqP5y9ooBfumjAvXEMLqsS
bSLm2xjJ7OJF/A7t/NstmAzcmKItzbvljD3xBnQyx28xHiRk39V9lxquQHIMIhdG
aZ384HWD0PUWbmUHAzNGK8TEv9IRB64b1hy7SM2UypozIPpCi4mwpVrZKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwzHrxCFuYHknoDKq2DjX4bDd35MB8GA1UdIwQY
MBaAFD22x37nZn16Hor25ypctD+fw0gOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYt
ZGY2YmRhMzg5OTA1LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYtZGY2YmRhMzg5OTA1
LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABvWs4K2L
eCQH1DSMMsAD/CLkjenuTp529mnNYKPOMId+ubk5novDoQvx+9Vt1dI5dSonKqKF
MXp6eClq//BkM4tz2oI28wN/wh9Rhj7cNCtVJGflH0CxFNQXtIPvqYvFAnKW2VMQ
QpCRLGOOaxtBPMg/h/xUAfIhWMHKHFMjhUpGW5cEBGzXNP5twzSFPa1buiFr1UV6
yoLvYvtztDqV/Jsou+iwAlh/B8Eab3xc4wj9kPJv26nQ3DEmNE53gPbeVnAOdSiz
ttPFSm4FM3SwURWVxiGgkmRgu4K2yVnvDgLQ+KyRiX+nTbdVn7rmF5Sx9UChbdtK
1cTiKKITsdaaIw==
-----END CERTIFICATE-----