Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
File:                     Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft (raw, json)
Hash identifier:          XPhH/usK+/KSL3hoykrVdHkeBcs1e46p1c8RTVE6fj0=
Subject key identifier:   C3:C4:D4:01:7A:A3:4B:E8:E0:82:45:DB:DC:9B:C0:D3:CC:79:B5:8B
Authority key identifier: 0E:29:A4:82:DE:0D:56:74:6C:30:45:26:9F:99:20:52:04:F9:54:84
Certificate issuer:       /CN=0e29a482de0d56746c3045269f99205204f95484
Certificate serial:       019A73A71DB80F2E0D88853562BA4E4EFED6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
Manifest number:          12C6
Signing time:             Tue 11 Nov 2025 16:02:03 +0000
Manifest this update:     Tue 11 Nov 2025 16:02:03 +0000
Manifest next update:     Wed 12 Nov 2025 16:02:03 +0000
Files and hashes:         1: Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl (hash: DMRsLSUk7wgAHhso7HEzgY1xMWR2asQtW95SEsCfDbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a7:1d:b8:0f:2e:0d:88:85:35:62:ba:4e:4e:fe:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e29a482de0d56746c3045269f99205204f95484
        Validity
            Not Before: Nov 11 16:02:03 2025 GMT
            Not After : Nov 12 16:02:03 2025 GMT
        Subject: CN=c3c4d4017aa34be8e08245dbdc9bc0d3cc79b58b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:45:62:5e:16:30:0c:26:45:ed:ee:4d:0d:d2:
                    4e:ba:a3:6e:3a:f6:8b:ae:a8:a9:85:e3:29:88:7f:
                    fa:fd:69:4a:0f:68:32:22:38:f5:92:ed:ab:3b:d6:
                    57:d8:c0:db:ae:06:f5:a5:71:7b:cf:b6:67:39:24:
                    52:bf:a9:03:f2:b9:e6:af:56:b5:d9:3a:65:f0:c6:
                    e1:66:fc:90:c9:96:ee:16:e9:42:6a:31:17:7f:5f:
                    66:f0:bc:dc:49:b5:46:63:c5:e2:2b:84:0c:5f:ad:
                    19:e9:fc:3d:34:3f:9a:f5:b7:9f:a5:e2:87:fb:e2:
                    f1:8d:4d:8a:7c:3f:cc:75:c4:f2:fe:5c:52:17:51:
                    69:fd:bd:e6:76:66:76:07:33:10:b1:d4:76:91:e1:
                    ea:28:9f:64:ba:31:3a:12:0f:1c:6f:cb:54:8d:c4:
                    3e:12:0d:96:89:a0:06:93:d8:03:4e:ab:4b:bc:16:
                    df:af:15:68:00:2f:9e:9a:26:43:db:a4:db:54:43:
                    25:bf:7d:39:68:e6:d7:f7:75:ef:d1:3f:bb:b6:a5:
                    87:ef:2a:69:87:7d:39:fe:2d:89:c5:af:01:fe:5e:
                    ba:14:3d:22:d2:b4:93:ac:60:56:f8:3f:ac:00:27:
                    c7:45:c2:cf:94:e0:ee:1f:dc:cc:64:07:79:07:8e:
                    a6:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:C4:D4:01:7A:A3:4B:E8:E0:82:45:DB:DC:9B:C0:D3:CC:79:B5:8B
            X509v3 Authority Key Identifier:
                keyid:0E:29:A4:82:DE:0D:56:74:6C:30:45:26:9F:99:20:52:04:F9:54:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:96:7e:12:2f:86:97:46:cb:8d:e3:7f:1c:67:0f:bf:c3:9c:
         27:ae:d5:04:e4:01:40:f6:b1:fc:b1:8e:3d:78:c9:57:68:c4:
         01:e6:5e:7f:18:24:f8:bd:49:53:ab:c1:8e:c6:2d:12:ef:83:
         d6:07:e8:b0:4d:cf:48:a8:71:8e:75:68:60:5c:f4:20:ad:b0:
         70:43:7d:6c:60:76:c6:7d:a8:65:14:34:7a:17:3f:1c:c4:f7:
         80:1a:3d:82:27:c7:d8:f2:6d:df:14:20:de:89:2d:26:8a:30:
         a9:86:a0:0a:11:e1:3f:ed:1d:41:80:0d:36:aa:d4:cc:9c:12:
         f9:b3:f7:61:31:62:1f:79:ca:f5:03:e0:d0:4b:ab:04:cb:3c:
         d6:d4:45:be:94:62:35:80:dd:bf:21:0d:e6:02:23:b8:6e:57:
         c0:78:08:6b:55:37:79:3a:84:f9:af:37:6a:a2:5a:3d:8f:7c:
         ec:1c:30:d5:4f:ef:f3:b0:8b:b0:fb:cd:a7:9e:dc:69:11:0c:
         a3:2b:5b:13:3e:16:67:dc:a7:85:0d:d6:f5:f2:86:55:7f:7c:
         52:ff:0a:64:2f:b9:c2:d6:83:2b:16:89:af:52:c7:8c:46:9c:
         4c:b2:75:10:cf:b6:b5:d1:cf:5b:c6:59:43:bf:07:f3:68:2c:
         7a:1b:5a:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpx24Dy4NiIU1YrpOTv7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjlhNDgyZGUwZDU2NzQ2YzMwNDUyNjlmOTkyMDUyMDRm
OTU0ODQwHhcNMjUxMTExMTYwMjAzWhcNMjUxMTEyMTYwMjAzWjAzMTEwLwYDVQQD
EyhjM2M0ZDQwMTdhYTM0YmU4ZTA4MjQ1ZGJkYzliYzBkM2NjNzliNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykViXhYwDCZF7e5NDdJOuqNuOvaL
rqipheMpiH/6/WlKD2gyIjj1ku2rO9ZX2MDbrgb1pXF7z7ZnOSRSv6kD8rnmr1a1
2Tpl8MbhZvyQyZbuFulCajEXf19m8LzcSbVGY8XiK4QMX60Z6fw9ND+a9befpeKH
++LxjU2KfD/MdcTy/lxSF1Fp/b3mdmZ2BzMQsdR2keHqKJ9kujE6Eg8cb8tUjcQ+
Eg2WiaAGk9gDTqtLvBbfrxVoAC+emiZD26TbVEMlv305aObX93Xv0T+7tqWH7ypp
h305/i2Jxa8B/l66FD0i0rSTrGBW+D+sACfHRcLPlODuH9zMZAd5B46m0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPE1AF6o0vo4IJF29ybwNPMebWLMB8GA1UdIwQY
MBaAFA4ppILeDVZ0bDBFJp+ZIFIE+VSEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xNGEyNzMtOGI3NS00NzZjLWI5ZTMt
OGJiZDkzOTQwZWVmLzEvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xNGEyNzMtOGI3NS00NzZjLWI5ZTMtOGJiZDkzOTQwZWVm
LzEvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhpZ+Ei+G
l0bLjeN/HGcPv8OcJ67VBOQBQPax/LGOPXjJV2jEAeZefxgk+L1JU6vBjsYtEu+D
1gfosE3PSKhxjnVoYFz0IK2wcEN9bGB2xn2oZRQ0ehc/HMT3gBo9gifH2PJt3xQg
3oktJoowqYagChHhP+0dQYANNqrUzJwS+bP3YTFiH3nK9QPg0EurBMs81tRFvpRi
NYDdvyEN5gIjuG5XwHgIa1U3eTqE+a83aqJaPY987Bww1U/v87CLsPvNp57caREM
oytbEz4WZ9ynhQ3W9fKGVX98Uv8KZC+5wtaDKxaJr1LHjEacTLJ1EM+2tdHPW8ZZ
Q78H82gsehta6Q==
-----END CERTIFICATE-----