Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          ELSwBEXJO3DHM+AgLORZQc+vhsdTXVkJDNoHgutw2oE=
Subject key identifier:   84:62:08:50:BB:41:EB:33:78:10:20:01:C9:F4:75:C1:81:9F:65:9D
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019A71B9362C222FB243DEFD5002119C6722
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          12AE
Signing time:             Tue 11 Nov 2025 07:02:34 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:34 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:34 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: pmn1cshKC6mLpBvIEozKNGBQeEWlp3JGn6IFGt3gcCE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:36:2c:22:2f:b2:43:de:fd:50:02:11:9c:67:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Nov 11 07:02:34 2025 GMT
            Not After : Nov 12 07:02:34 2025 GMT
        Subject: CN=84620850bb41eb3378102001c9f475c1819f659d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:06:93:97:9d:59:fc:b8:43:a5:41:19:5e:bf:
                    0e:dc:d7:5c:85:c7:80:de:0c:11:da:da:73:66:c1:
                    8d:29:35:f8:d4:93:ad:ff:6b:8c:0f:c9:d6:25:4b:
                    5b:5b:0f:12:9e:51:69:c1:30:81:ce:11:d3:86:e4:
                    c8:5e:89:56:59:67:bb:07:fa:b9:1b:ca:0e:c5:78:
                    7e:ec:3c:8b:7c:67:4b:94:6b:03:6e:05:9b:84:50:
                    ef:54:96:27:6b:11:ea:1a:b8:12:97:a5:a2:46:58:
                    bf:45:59:4a:f2:d1:ed:d2:5e:c4:c5:ef:05:af:97:
                    08:83:5f:0e:e6:f1:fb:45:dd:7b:f9:1b:42:58:a7:
                    c5:0a:70:51:a3:5f:aa:75:31:43:f2:59:85:f4:63:
                    d4:6c:93:ff:37:44:d8:9c:10:47:85:b7:ec:3c:55:
                    75:48:b9:2b:8b:46:a4:5d:1d:7f:2f:ad:5e:54:2f:
                    d1:f0:41:be:04:19:83:d2:7f:ec:34:17:8f:e1:06:
                    1a:08:f9:be:f0:a2:c1:e5:d7:00:cd:41:13:99:7a:
                    a9:ba:01:d0:9b:dd:76:eb:af:a1:e0:1f:09:a7:0f:
                    59:8a:b1:13:eb:a3:46:0d:02:92:0c:cc:59:ab:2b:
                    48:d5:4d:af:be:7d:27:9c:13:7d:08:bc:f7:f8:c4:
                    d8:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:62:08:50:BB:41:EB:33:78:10:20:01:C9:F4:75:C1:81:9F:65:9D
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:25:1a:d5:7d:80:6d:f6:a0:37:d1:1e:bd:b4:ed:43:43:e2:
         45:55:db:5a:a9:51:1c:5a:ef:43:bc:02:01:e2:bc:f8:ed:4d:
         1f:c5:d8:1b:fc:16:1a:99:d0:49:e8:9f:51:5b:17:4e:1b:66:
         ec:71:d7:dc:32:97:20:e0:72:6e:ac:0a:a5:92:fc:e5:42:1f:
         57:d6:08:7a:ab:47:e4:53:a0:8f:d9:84:29:2c:c8:0c:f0:f2:
         70:b5:dd:2a:58:0f:2f:32:38:d3:13:55:2e:44:79:e5:9c:da:
         06:fd:ca:3c:35:d0:16:f4:36:58:f3:82:7c:c8:85:0e:59:12:
         39:41:3e:a6:72:ec:2d:3d:66:0d:45:db:71:8f:75:d2:05:93:
         f8:d6:97:18:37:b2:5b:51:2b:b5:06:ff:fa:ed:83:5c:e0:c1:
         76:4b:0b:28:4d:44:be:0d:e3:28:62:9c:9d:8f:ef:3f:94:8c:
         5a:cb:45:3f:fe:c5:3d:75:ac:51:d1:2e:9b:ff:6a:95:9c:41:
         0f:c0:0b:1a:f4:93:19:ae:e8:90:11:ba:b6:5a:55:d4:f5:e6:
         6c:65:e9:ad:57:b3:fc:29:33:2d:b6:04:ee:95:fb:76:2a:bd:
         95:a5:8a:c6:dd:ac:02:f2:4f:33:96:f7:cd:77:77:45:1f:e5:
         04:68:03:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuTYsIi+yQ979UAIRnGciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUxMTExMDcwMjM0WhcNMjUxMTEyMDcwMjM0WjAzMTEwLwYDVQQD
Eyg4NDYyMDg1MGJiNDFlYjMzNzgxMDIwMDFjOWY0NzVjMTgxOWY2NTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAaTl51Z/LhDpUEZXr8O3NdchceA
3gwR2tpzZsGNKTX41JOt/2uMD8nWJUtbWw8SnlFpwTCBzhHThuTIXolWWWe7B/q5
G8oOxXh+7DyLfGdLlGsDbgWbhFDvVJYnaxHqGrgSl6WiRli/RVlK8tHt0l7Exe8F
r5cIg18O5vH7Rd17+RtCWKfFCnBRo1+qdTFD8lmF9GPUbJP/N0TYnBBHhbfsPFV1
SLkri0akXR1/L61eVC/R8EG+BBmD0n/sNBeP4QYaCPm+8KLB5dcAzUETmXqpugHQ
m91266+h4B8Jpw9ZirET66NGDQKSDMxZqytI1U2vvn0nnBN9CLz3+MTYcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRiCFC7QeszeBAgAcn0dcGBn2WdMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATCUa1X2A
bfagN9EevbTtQ0PiRVXbWqlRHFrvQ7wCAeK8+O1NH8XYG/wWGpnQSeifUVsXThtm
7HHX3DKXIOBybqwKpZL85UIfV9YIeqtH5FOgj9mEKSzIDPDycLXdKlgPLzI40xNV
LkR55ZzaBv3KPDXQFvQ2WPOCfMiFDlkSOUE+pnLsLT1mDUXbcY910gWT+NaXGDey
W1ErtQb/+u2DXODBdksLKE1Evg3jKGKcnY/vP5SMWstFP/7FPXWsUdEum/9qlZxB
D8ALGvSTGa7okBG6tlpV1PXmbGXprVez/CkzLbYE7pX7diq9laWKxt2sAvJPM5b3
zXd3RR/lBGgDHA==
-----END CERTIFICATE-----