Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
File:                     dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft (raw, json)
Hash identifier:          yY9QpkEC7UCbisUWMO6wyfH/HyGKg4Fq+mJJVRhruv4=
Subject key identifier:   21:C3:2A:E6:69:9E:AD:24:A3:0D:A3:69:86:D1:3C:ED:53:A3:DF:FD
Authority key identifier: 75:71:C8:92:99:9B:B4:56:4B:CE:48:0C:92:1B:6F:F1:72:05:EC:C6
Certificate issuer:       /CN=7571c892999bb4564bce480c921b6ff17205ecc6
Certificate serial:       019A7293E175DCACF8FA10163095EC4FF53A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
Manifest number:          06FE
Signing time:             Tue 11 Nov 2025 11:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:25 +0000
Files and hashes:         1: dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl (hash: lORGPG8ulgnGfUmtrGlTN26TGl8qBvHBz2bp4uJ1Rds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:e1:75:dc:ac:f8:fa:10:16:30:95:ec:4f:f5:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7571c892999bb4564bce480c921b6ff17205ecc6
        Validity
            Not Before: Nov 11 11:01:25 2025 GMT
            Not After : Nov 12 11:01:25 2025 GMT
        Subject: CN=21c32ae6699ead24a30da36986d13ced53a3dffd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:d1:89:1f:76:74:81:60:a0:16:df:5e:a6:1a:
                    6a:04:39:7a:bc:92:ae:04:3d:e8:f4:61:f3:b1:08:
                    55:e1:f9:c3:3b:df:ac:d3:34:18:69:54:38:d1:0e:
                    fc:06:e4:2e:61:57:a0:68:c2:92:0a:25:17:bf:ea:
                    f7:74:19:8e:5c:5d:70:5f:c4:1a:be:d5:bb:b0:9b:
                    cd:2b:4f:60:3c:ae:f0:11:13:db:ef:9d:8a:27:a1:
                    4c:9c:0a:f7:61:2d:ff:59:bb:37:35:4a:fa:02:0f:
                    5f:35:cb:03:cb:4f:1e:22:96:af:86:c2:2b:6b:67:
                    6f:95:5f:b4:62:07:0b:14:c5:bc:a0:7c:1a:93:d8:
                    91:7b:4a:b5:f1:17:d4:d1:98:8b:03:01:6a:9b:0f:
                    c4:37:9e:67:06:bb:4b:d0:6b:94:04:d7:dd:18:22:
                    e8:d9:30:5c:61:08:e6:17:21:9e:83:22:d5:2e:07:
                    6b:9b:cf:be:41:2c:77:e0:a0:a8:fe:ca:b6:c5:36:
                    84:38:89:44:f7:ce:e5:f4:c0:ac:13:e8:7f:b3:3f:
                    2c:5f:49:1d:46:0f:8c:59:3c:1d:36:84:1c:5e:88:
                    5e:3e:4c:4c:9a:b6:01:e5:a6:51:7f:d9:9e:be:8a:
                    df:d3:d5:b2:8f:aa:e5:2d:f4:35:5f:3c:c4:13:7b:
                    e7:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:C3:2A:E6:69:9E:AD:24:A3:0D:A3:69:86:D1:3C:ED:53:A3:DF:FD
            X509v3 Authority Key Identifier:
                keyid:75:71:C8:92:99:9B:B4:56:4B:CE:48:0C:92:1B:6F:F1:72:05:EC:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:7d:50:26:cf:3a:e3:49:f3:50:05:04:a0:05:ce:35:da:65:
         d6:0b:24:3a:c9:23:e6:4d:78:fd:21:6d:03:3d:1c:a0:e7:e8:
         2d:d8:ce:1e:10:4c:2c:aa:c6:ca:03:6f:3d:33:a4:e1:38:67:
         d5:9f:57:04:ac:c7:d7:d6:8b:c1:70:4b:84:69:cb:bc:52:a2:
         9a:7d:79:3c:41:1f:41:b5:d4:1f:79:f3:38:73:45:6d:0d:df:
         38:8c:72:b8:4f:90:94:97:6d:fd:e8:38:31:f5:9f:bf:21:c8:
         66:5b:2a:00:3d:b1:93:60:cd:db:63:ed:cd:1f:de:9e:29:fc:
         b0:6a:96:37:7c:26:38:c2:aa:d3:12:2f:8f:04:df:d9:a1:a2:
         6e:4f:6d:d9:b7:ce:90:46:df:bd:24:a6:fb:ca:81:ac:26:ca:
         21:99:84:30:5b:d0:6a:55:dd:72:47:b9:03:62:d2:57:30:85:
         4c:e5:c1:1d:07:25:3c:2c:28:bb:90:fe:04:d9:ae:9a:91:47:
         0c:3c:fe:51:09:b5:7e:b9:cc:bb:52:6d:bd:83:1d:ba:c0:21:
         4b:ca:f4:57:89:d4:81:f7:3f:fd:3c:8a:08:68:0e:4a:89:21:
         a3:93:53:4f:50:e2:c9:9e:57:64:d0:58:f3:9c:d7:75:90:0d:
         82:3b:60:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk+F13Kz4+hAWMJXsT/U6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzFjODkyOTk5YmI0NTY0YmNlNDgwYzkyMWI2ZmYxNzIw
NWVjYzYwHhcNMjUxMTExMTEwMTI1WhcNMjUxMTEyMTEwMTI1WjAzMTEwLwYDVQQD
EygyMWMzMmFlNjY5OWVhZDI0YTMwZGEzNjk4NmQxM2NlZDUzYTNkZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dGJH3Z0gWCgFt9ephpqBDl6vJKu
BD3o9GHzsQhV4fnDO9+s0zQYaVQ40Q78BuQuYVegaMKSCiUXv+r3dBmOXF1wX8Qa
vtW7sJvNK09gPK7wERPb752KJ6FMnAr3YS3/Wbs3NUr6Ag9fNcsDy08eIpavhsIr
a2dvlV+0YgcLFMW8oHwak9iRe0q18RfU0ZiLAwFqmw/EN55nBrtL0GuUBNfdGCLo
2TBcYQjmFyGegyLVLgdrm8++QSx34KCo/sq2xTaEOIlE987l9MCsE+h/sz8sX0kd
Rg+MWTwdNoQcXohePkxMmrYB5aZRf9mevorf09Wyj6rlLfQ1XzzEE3vn3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHDKuZpnq0kow2jaYbRPO1To9/9MB8GA1UdIwQY
MBaAFHVxyJKZm7RWS85IDJIbb/FyBezGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84MThhYzUtOTNkZC00MGZkLWJmNmYt
ZTA0ZjhmY2MyY2ExLzEvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84MThhYzUtOTNkZC00MGZkLWJmNmYtZTA0ZjhmY2MyY2Ex
LzEvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQn1QJs86
40nzUAUEoAXONdpl1gskOskj5k14/SFtAz0coOfoLdjOHhBMLKrGygNvPTOk4Thn
1Z9XBKzH19aLwXBLhGnLvFKimn15PEEfQbXUH3nzOHNFbQ3fOIxyuE+QlJdt/eg4
MfWfvyHIZlsqAD2xk2DN22PtzR/enin8sGqWN3wmOMKq0xIvjwTf2aGibk9t2bfO
kEbfvSSm+8qBrCbKIZmEMFvQalXdcke5A2LSVzCFTOXBHQclPCwou5D+BNmumpFH
DDz+UQm1frnMu1JtvYMdusAhS8r0V4nUgfc//TyKCGgOSokho5NTT1DiyZ5XZNBY
85zXdZANgjtgRQ==
-----END CERTIFICATE-----