Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          rTn4ggy9dS5DNBHq7WZLMiW3pZbpxAO+UW9QmWD4ePo=
Subject key identifier:   9F:0B:26:E3:F3:35:09:D4:75:1C:8F:D3:C7:F7:AC:AB:59:3B:38:6C
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       019A71B8A895E23044087E3D8B62F6716B02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          16AD
Signing time:             Tue 11 Nov 2025 07:01:58 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:58 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:58 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: XteY+NdcYy4zClu7e79r4BZqRVb47e8o5yLZ6fvTRsE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:a8:95:e2:30:44:08:7e:3d:8b:62:f6:71:6b:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Nov 11 07:01:58 2025 GMT
            Not After : Nov 12 07:01:58 2025 GMT
        Subject: CN=9f0b26e3f33509d4751c8fd3c7f7acab593b386c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:2b:c2:a3:fb:86:f4:76:b9:a2:60:48:f7:2e:
                    99:7e:2a:02:1a:40:e6:b7:4e:cc:ca:9d:db:ea:2a:
                    45:90:a0:39:ae:c5:7a:98:06:85:01:d1:5d:93:38:
                    ab:e8:7a:c8:74:4d:f6:ac:92:a7:bd:35:cf:cf:af:
                    57:d2:c1:51:46:33:da:60:31:2f:f4:68:40:14:71:
                    19:fb:6c:27:91:e9:e8:0e:d7:dc:ee:97:b7:f7:dd:
                    d2:91:27:9e:e8:e4:e4:c9:ac:11:2c:3c:90:dc:04:
                    e1:80:c1:c7:83:a6:64:42:99:29:64:5e:97:92:7b:
                    e8:36:fc:a0:15:ab:3c:67:4b:d3:58:90:eb:67:b0:
                    fe:81:f0:d9:34:a7:87:8d:47:52:f0:0a:55:aa:30:
                    ac:51:ee:9c:32:d2:53:e0:45:7b:46:35:d7:ce:9b:
                    74:58:0c:53:ee:3e:15:87:84:22:a1:bc:f3:24:52:
                    2c:93:df:de:41:48:6e:14:9e:98:68:ae:24:9b:85:
                    b0:fd:5c:d4:bc:57:90:17:75:4d:9d:24:f6:bb:60:
                    24:04:65:57:d1:2f:cb:f1:12:ee:b3:a6:44:e8:01:
                    b2:83:ff:7d:85:7b:3e:9e:8a:71:e6:0d:11:4c:54:
                    4f:7c:c0:5c:d5:c5:3b:36:96:f8:92:ae:40:ba:2e:
                    ad:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:0B:26:E3:F3:35:09:D4:75:1C:8F:D3:C7:F7:AC:AB:59:3B:38:6C
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:f0:8a:eb:2f:e0:d9:fc:82:b9:13:c8:28:c0:84:67:d7:2d:
         4a:6d:f8:0d:ad:46:1f:e7:32:3b:ca:50:3d:09:75:49:61:20:
         68:96:40:09:9d:99:20:ff:fc:42:18:a3:22:6f:1e:bb:1f:ee:
         7a:63:a9:cc:3f:b5:eb:a8:a9:00:d1:e2:01:df:6c:55:71:96:
         6d:d9:33:d8:f3:7f:43:3c:08:64:0d:d1:d3:4f:25:b3:f9:50:
         3f:67:a5:e0:49:9b:23:ea:16:35:b3:d8:c9:3a:73:bf:53:b3:
         a0:97:9a:c8:6c:28:25:8a:20:e4:76:f0:98:44:aa:09:dd:12:
         27:a2:13:db:2c:ab:6d:1f:a0:0a:26:7d:32:ac:30:83:ae:11:
         f8:5e:09:4a:22:6d:6d:57:20:5e:30:08:e8:60:a9:f7:9e:62:
         8b:6a:f0:ec:7d:66:ee:0a:77:a1:da:55:2b:b8:1f:27:29:af:
         07:b1:88:fd:85:cd:19:ef:cb:ef:0c:7d:05:4c:48:a8:db:c3:
         87:d6:7c:65:23:23:32:8b:fb:e6:93:f6:3e:11:58:c5:cf:b4:
         32:61:3b:58:e2:57:06:68:89:ff:f9:ec:e0:38:16:88:e8:8f:
         9e:52:4c:7d:e6:ce:27:6b:56:1d:c1:35:92:67:f0:62:dc:4f:
         71:20:ae:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKiV4jBECH49i2L2cWsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjUxMTExMDcwMTU4WhcNMjUxMTEyMDcwMTU4WjAzMTEwLwYDVQQD
Eyg5ZjBiMjZlM2YzMzUwOWQ0NzUxYzhmZDNjN2Y3YWNhYjU5M2IzODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CvCo/uG9Ha5omBI9y6ZfioCGkDm
t07Myp3b6ipFkKA5rsV6mAaFAdFdkzir6HrIdE32rJKnvTXPz69X0sFRRjPaYDEv
9GhAFHEZ+2wnkenoDtfc7pe3993SkSee6OTkyawRLDyQ3AThgMHHg6ZkQpkpZF6X
knvoNvygFas8Z0vTWJDrZ7D+gfDZNKeHjUdS8ApVqjCsUe6cMtJT4EV7RjXXzpt0
WAxT7j4Vh4QiobzzJFIsk9/eQUhuFJ6YaK4km4Ww/VzUvFeQF3VNnST2u2AkBGVX
0S/L8RLus6ZE6AGyg/99hXs+nopx5g0RTFRPfMBc1cU7Npb4kq5Aui6t+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8LJuPzNQnUdRyP08f3rKtZOzhsMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYvCK6y/g
2fyCuRPIKMCEZ9ctSm34Da1GH+cyO8pQPQl1SWEgaJZACZ2ZIP/8QhijIm8eux/u
emOpzD+166ipANHiAd9sVXGWbdkz2PN/QzwIZA3R008ls/lQP2el4EmbI+oWNbPY
yTpzv1OzoJeayGwoJYog5HbwmESqCd0SJ6IT2yyrbR+gCiZ9Mqwwg64R+F4JSiJt
bVcgXjAI6GCp955ii2rw7H1m7gp3odpVK7gfJymvB7GI/YXNGe/L7wx9BUxIqNvD
h9Z8ZSMjMov75pP2PhFYxc+0MmE7WOJXBmiJ//ns4DgWiOiPnlJMfebOJ2tWHcE1
kmfwYtxPcSCu2w==
-----END CERTIFICATE-----