Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
File:                     PbbHfudmfXoeivbnKly0P5_DSA4.mft (raw, json)
Hash identifier:          niKrKa8/E4EcIEoWXU5gJj4zMHS6WCl2R4oG1UZY7XA=
Subject key identifier:   F1:27:7C:B3:36:02:24:21:B7:13:56:2B:F2:EF:EE:B5:DC:D0:DC:10
Authority key identifier: 3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E
Certificate issuer:       /CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
Certificate serial:       019A7149A2833FDFB8FF4404224717CE8D3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
Manifest number:          0189
Signing time:             Tue 11 Nov 2025 05:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 05:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 05:00:42 +0000
Files and hashes:         1: PbbHfudmfXoeivbnKly0P5_DSA4.crl (hash: fOKgwpxydmfDGHlAS9kQUdepReLh+LtcCpur2XOEBAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:a2:83:3f:df:b8:ff:44:04:22:47:17:ce:8d:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
        Validity
            Not Before: Nov 11 05:00:42 2025 GMT
            Not After : Nov 12 05:00:42 2025 GMT
        Subject: CN=f1277cb336022421b713562bf2efeeb5dcd0dc10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9c:5f:e0:e4:dc:81:e5:52:98:04:e0:ae:50:
                    08:80:1f:ff:28:3c:32:9d:38:ea:9a:1a:dc:e4:02:
                    eb:4b:e6:8b:80:f1:d4:c3:27:b9:a1:9a:f7:f1:80:
                    85:e3:42:d5:74:ba:1d:be:14:59:59:3d:9f:37:a3:
                    65:9e:8a:7a:cc:48:fb:48:0b:5e:90:59:e5:20:8c:
                    f8:96:63:b0:00:50:dd:f8:5d:cf:a0:98:8d:95:38:
                    78:ea:6b:4b:b1:04:b3:7c:0e:5b:0c:78:09:3e:d4:
                    68:58:f5:0a:e9:5d:0a:61:03:88:f7:f8:be:ce:e6:
                    fd:96:01:d0:a2:db:54:29:65:49:0d:07:dd:38:35:
                    af:4c:7f:0c:57:0d:45:65:95:d2:4b:30:d0:d6:f7:
                    e5:51:c2:ee:90:3e:62:2b:5e:4a:f4:8e:59:8a:10:
                    ad:e4:ed:76:76:9a:66:77:a3:64:13:0e:ec:41:58:
                    03:72:9a:7a:e1:b2:6e:7e:3f:a9:53:da:ac:c8:46:
                    92:3f:c8:5b:c4:8e:d3:88:9e:e4:43:04:9d:4a:81:
                    df:7e:a9:e0:cc:78:3f:53:44:d5:7a:27:30:78:7e:
                    7a:ba:6a:bd:8d:d6:a4:9b:42:8b:05:40:4c:0e:f3:
                    5b:af:43:f7:ff:bd:d1:c8:76:17:10:a5:e5:0b:d3:
                    9c:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:27:7C:B3:36:02:24:21:B7:13:56:2B:F2:EF:EE:B5:DC:D0:DC:10
            X509v3 Authority Key Identifier:
                keyid:3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:17:0e:85:2b:e6:7e:fa:97:a5:73:79:6b:e4:19:88:8c:a6:
         b0:9e:68:b2:0a:0b:00:ce:7b:0d:58:7b:92:39:ba:27:e4:c7:
         19:06:bd:9d:43:50:d3:2e:c3:2b:45:c5:7e:6a:84:ac:19:52:
         10:a3:50:f1:29:92:c2:8c:37:2f:ea:2f:db:fb:3b:03:aa:e4:
         e8:e8:d9:53:6d:c5:d9:0f:8f:e8:0e:02:9a:40:66:2b:9f:f5:
         e0:db:1f:65:35:42:d8:c2:90:2e:4d:6b:53:4e:de:13:7c:3f:
         8b:fa:4b:59:93:a1:11:48:c0:be:83:d7:7a:26:2c:a4:be:0d:
         3e:c6:99:dd:1a:96:56:ca:4e:fe:2d:81:d2:bb:1b:f2:d2:06:
         97:59:cf:da:0d:11:44:95:3d:6f:dc:b1:13:0a:2c:a7:c9:37:
         3a:37:14:93:61:46:93:27:d8:8b:e4:f9:68:f9:0f:74:df:f1:
         b0:86:3f:19:10:b7:72:77:81:23:a9:6e:cf:56:f7:9d:b1:a8:
         36:38:36:c0:46:29:2a:28:6e:6b:81:97:93:d9:a5:b7:4d:1c:
         e7:fb:74:74:5f:0f:2e:ef:67:f1:86:02:e9:86:ad:c1:dd:90:
         c2:77:69:a0:7e:e3:01:d8:84:ac:e1:19:18:ad:97:69:5b:1d:
         c6:10:0d:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSaKDP9+4/0QEIkcXzo0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZjNzdlZTc2NjdkN2ExZThhZjZlNzJhNWNiNDNmOWZj
MzQ4MGUwHhcNMjUxMTExMDUwMDQyWhcNMjUxMTEyMDUwMDQyWjAzMTEwLwYDVQQD
EyhmMTI3N2NiMzM2MDIyNDIxYjcxMzU2MmJmMmVmZWViNWRjZDBkYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZxf4OTcgeVSmATgrlAIgB//KDwy
nTjqmhrc5ALrS+aLgPHUwye5oZr38YCF40LVdLodvhRZWT2fN6Nlnop6zEj7SAte
kFnlIIz4lmOwAFDd+F3PoJiNlTh46mtLsQSzfA5bDHgJPtRoWPUK6V0KYQOI9/i+
zub9lgHQottUKWVJDQfdODWvTH8MVw1FZZXSSzDQ1vflUcLukD5iK15K9I5ZihCt
5O12dppmd6NkEw7sQVgDcpp64bJufj+pU9qsyEaSP8hbxI7TiJ7kQwSdSoHffqng
zHg/U0TVeicweH56umq9jdakm0KLBUBMDvNbr0P3/73RyHYXEKXlC9OcBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPEnfLM2AiQhtxNWK/Lv7rXc0NwQMB8GA1UdIwQY
MBaAFD22x37nZn16Hor25ypctD+fw0gOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYt
ZGY2YmRhMzg5OTA1LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYtZGY2YmRhMzg5OTA1
LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKxcOhSvm
fvqXpXN5a+QZiIymsJ5osgoLAM57DVh7kjm6J+THGQa9nUNQ0y7DK0XFfmqErBlS
EKNQ8SmSwow3L+ov2/s7A6rk6OjZU23F2Q+P6A4CmkBmK5/14NsfZTVC2MKQLk1r
U07eE3w/i/pLWZOhEUjAvoPXeiYspL4NPsaZ3RqWVspO/i2B0rsb8tIGl1nP2g0R
RJU9b9yxEwosp8k3OjcUk2FGkyfYi+T5aPkPdN/xsIY/GRC3cneBI6luz1b3nbGo
Njg2wEYpKihua4GXk9mlt00c5/t0dF8PLu9n8YYC6Yatwd2QwndpoH7jAdiErOEZ
GK2XaVsdxhANGw==
-----END CERTIFICATE-----