Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
File:                     dt0D59chnX68HyMPcGMtyRNvNBM.mft (raw, json)
Hash identifier:          mjm0Vbi2yBhnhZfo3/77CNaDBlFbrdw0fzlkxZKiHhE=
Subject key identifier:   7F:25:1B:04:04:9D:3A:81:36:A6:DF:4B:B9:54:B3:21:51:A5:5B:2C
Authority key identifier: 76:DD:03:E7:D7:21:9D:7E:BC:1F:23:0F:70:63:2D:C9:13:6F:34:13
Certificate issuer:       /CN=76dd03e7d7219d7ebc1f230f70632dc9136f3413
Certificate serial:       019A725CE04E9236CA62F194E3D9536691DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
Manifest number:          062B
Signing time:             Tue 11 Nov 2025 10:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:20 +0000
Files and hashes:         1: dt0D59chnX68HyMPcGMtyRNvNBM.crl (hash: fLzSdhqWlOoOZlt9NxX7TmKFcplmlIYc6zElmrIho8s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:e0:4e:92:36:ca:62:f1:94:e3:d9:53:66:91:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76dd03e7d7219d7ebc1f230f70632dc9136f3413
        Validity
            Not Before: Nov 11 10:01:20 2025 GMT
            Not After : Nov 12 10:01:20 2025 GMT
        Subject: CN=7f251b04049d3a8136a6df4bb954b32151a55b2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:50:80:93:68:f6:19:ef:ea:02:68:7d:cc:b5:
                    64:56:59:cc:4e:89:51:4e:87:b4:80:49:0f:f7:e7:
                    19:04:b3:00:d8:a3:35:6b:4c:c2:1a:77:bc:56:a8:
                    f1:a8:4f:2c:15:56:69:f7:16:13:ad:3f:10:80:54:
                    fa:93:a8:c4:0c:ec:ab:45:e7:e0:2b:ab:01:cd:47:
                    cd:aa:61:58:c7:bc:4f:57:46:3b:c3:61:2c:0e:f5:
                    55:cc:de:79:50:31:0f:71:4c:74:32:33:20:24:c1:
                    cf:d7:67:09:97:38:7c:72:e7:96:26:87:c7:c5:34:
                    34:41:23:e2:65:e7:98:4a:3b:2f:27:ac:47:e4:2c:
                    8f:3e:a7:15:0b:b5:28:b3:8c:17:5c:6d:71:99:9a:
                    8e:81:b0:1f:46:5d:c9:0c:0c:77:80:fe:56:2c:b8:
                    f7:5a:22:b6:b9:9b:49:3c:89:b0:ab:01:cd:a7:76:
                    6f:3a:5a:bc:e8:02:c6:8c:9f:43:61:16:f7:75:67:
                    2e:da:9f:96:fd:a8:9d:b9:af:60:16:51:8a:a9:33:
                    be:74:81:d4:e1:dd:2c:ba:46:a8:19:a2:95:ab:ee:
                    db:be:94:f0:d7:06:e6:24:47:68:50:61:7f:12:cd:
                    8e:bd:06:45:72:46:9e:b2:14:d2:a3:45:2b:69:82:
                    69:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:25:1B:04:04:9D:3A:81:36:A6:DF:4B:B9:54:B3:21:51:A5:5B:2C
            X509v3 Authority Key Identifier:
                keyid:76:DD:03:E7:D7:21:9D:7E:BC:1F:23:0F:70:63:2D:C9:13:6F:34:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dt0D59chnX68HyMPcGMtyRNvNBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1426a1-b553-4da5-a6d9-ac0102793c5a/1/dt0D59chnX68HyMPcGMtyRNvNBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:b4:3a:f5:e2:92:54:2b:11:ec:79:ef:49:50:50:00:a0:12:
         66:6c:18:a0:f3:23:65:c4:ab:fd:96:94:e1:a1:31:7a:9b:9b:
         eb:8b:0a:c0:d8:f9:b0:73:cf:a2:3e:09:fc:02:27:52:71:b5:
         be:a9:ed:5e:9a:4f:13:62:73:49:d0:e7:b1:7a:e2:c0:7a:a9:
         65:74:fb:3a:a2:bc:c0:55:6b:82:5e:e3:ea:30:ca:b4:bc:cb:
         13:62:68:90:e9:b7:14:09:4f:ba:ba:99:64:52:da:0b:d4:75:
         c5:f8:34:87:ca:8d:44:74:40:71:07:0e:65:6b:2f:b3:b0:8c:
         bc:0d:bd:11:38:66:d9:3a:18:31:cf:77:78:7e:e5:83:30:2b:
         8c:9d:af:05:3e:01:26:21:c6:d0:e0:d0:ba:fa:a3:fe:03:ba:
         0d:5e:a3:7c:1b:ba:e1:12:d9:57:f2:e6:46:dd:d2:7d:53:9b:
         cc:5c:eb:50:89:b1:83:81:e4:59:78:96:d0:b6:0b:d0:26:a5:
         c7:01:8c:3f:88:26:b5:7f:11:ad:f4:b2:91:cd:c3:55:db:95:
         1c:27:a5:15:1e:b5:98:f7:9f:9a:0a:6a:c7:05:37:05:dc:31:
         12:86:da:11:bd:4a:e4:e7:77:57:0c:5b:5a:d7:81:4a:fc:f4:
         c9:ce:49:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXOBOkjbKYvGU49lTZpHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZGQwM2U3ZDcyMTlkN2ViYzFmMjMwZjcwNjMyZGM5MTM2
ZjM0MTMwHhcNMjUxMTExMTAwMTIwWhcNMjUxMTEyMTAwMTIwWjAzMTEwLwYDVQQD
Eyg3ZjI1MWIwNDA0OWQzYTgxMzZhNmRmNGJiOTU0YjMyMTUxYTU1YjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlCAk2j2Ge/qAmh9zLVkVlnMTolR
Toe0gEkP9+cZBLMA2KM1a0zCGne8VqjxqE8sFVZp9xYTrT8QgFT6k6jEDOyrRefg
K6sBzUfNqmFYx7xPV0Y7w2EsDvVVzN55UDEPcUx0MjMgJMHP12cJlzh8cueWJofH
xTQ0QSPiZeeYSjsvJ6xH5CyPPqcVC7Uos4wXXG1xmZqOgbAfRl3JDAx3gP5WLLj3
WiK2uZtJPImwqwHNp3ZvOlq86ALGjJ9DYRb3dWcu2p+W/aidua9gFlGKqTO+dIHU
4d0sukaoGaKVq+7bvpTw1wbmJEdoUGF/Es2OvQZFckaeshTSo0UraYJppQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8lGwQEnTqBNqbfS7lUsyFRpVssMB8GA1UdIwQY
MBaAFHbdA+fXIZ1+vB8jD3BjLckTbzQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8xNDI2YTEtYjU1My00ZGE1LWE2ZDkt
YWMwMTAyNzkzYzVhLzEvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8xNDI2YTEtYjU1My00ZGE1LWE2ZDktYWMwMTAyNzkzYzVh
LzEvZHQwRDU5Y2huWDY4SHlNUGNHTXR5Uk52TkJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjbQ69eKS
VCsR7HnvSVBQAKASZmwYoPMjZcSr/ZaU4aExepub64sKwNj5sHPPoj4J/AInUnG1
vqntXppPE2JzSdDnsXriwHqpZXT7OqK8wFVrgl7j6jDKtLzLE2JokOm3FAlPurqZ
ZFLaC9R1xfg0h8qNRHRAcQcOZWsvs7CMvA29EThm2ToYMc93eH7lgzArjJ2vBT4B
JiHG0ODQuvqj/gO6DV6jfBu64RLZV/LmRt3SfVObzFzrUImxg4HkWXiW0LYL0Cal
xwGMP4gmtX8RrfSykc3DVduVHCelFR61mPefmgpqxwU3BdwxEobaEb1K5Od3Vwxb
WteBSvz0yc5JYQ==
-----END CERTIFICATE-----