Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
File:                     rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft (raw, json)
Hash identifier:          dmxMOfywAcnQyf72yotCdlz1xQqGlD9tOwfyC0u2q68=
Subject key identifier:   A9:F3:E7:0D:B1:6A:21:B3:B2:75:68:10:34:4F:4E:C8:36:F4:FF:59
Authority key identifier: AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
Certificate issuer:       /CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Certificate serial:       019A71B8EB7140D149699818B258B151F83A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
Manifest number:          1729
Signing time:             Tue 11 Nov 2025 07:02:15 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:15 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:15 +0000
Files and hashes:         1: rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl (hash: rcIfC+LPH/2dw+I3i3TgFkYKovlA38IWZCE48KeJPB8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:eb:71:40:d1:49:69:98:18:b2:58:b1:51:f8:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
        Validity
            Not Before: Nov 11 07:02:15 2025 GMT
            Not After : Nov 12 07:02:15 2025 GMT
        Subject: CN=a9f3e70db16a21b3b2756810344f4ec836f4ff59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:66:f5:b3:e8:13:b7:af:82:73:8d:05:e9:30:
                    64:3b:d8:46:6d:8b:c1:6b:78:9f:5a:a1:8e:0c:f5:
                    15:5c:a6:c0:c6:19:11:9e:97:41:3b:c7:25:9f:e9:
                    e4:f2:be:1e:c2:18:43:27:09:e9:a4:28:23:a2:83:
                    06:9a:3d:22:93:25:6f:cd:dd:a4:fa:7d:c2:6b:88:
                    c9:71:18:b6:2c:3c:06:41:9f:f7:40:51:9a:d5:d7:
                    9e:b7:ed:e7:10:27:62:26:fc:dc:a9:e1:e0:fe:27:
                    6e:84:41:10:c6:0c:0e:b8:c2:ac:52:6a:a9:6b:37:
                    44:73:5d:89:8b:bc:88:62:ea:22:fc:b1:b1:2d:0d:
                    38:76:4f:a0:77:1c:7b:f0:52:ca:9d:fe:d0:81:db:
                    14:83:6d:3b:f6:98:23:5b:d9:5b:f1:4f:6f:57:e6:
                    99:39:82:27:89:99:21:d0:78:2f:0c:c7:09:de:e7:
                    42:ff:e3:fc:da:a1:bc:38:e0:b2:34:df:a0:82:ed:
                    80:db:5b:5b:8f:68:13:db:be:3a:fb:9c:e7:9e:09:
                    d3:4c:f6:7a:41:8e:0b:ae:b3:0a:fe:f1:c9:ad:43:
                    3e:9d:77:86:79:ad:2a:c1:24:d3:b2:6b:0c:0c:4c:
                    a2:c9:a2:0b:7b:b2:5a:d3:71:83:ad:94:f1:b4:14:
                    d5:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:F3:E7:0D:B1:6A:21:B3:B2:75:68:10:34:4F:4E:C8:36:F4:FF:59
            X509v3 Authority Key Identifier:
                keyid:AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:54:73:96:32:e6:7e:bb:ba:f6:16:f5:5f:33:d5:61:93:10:
         3a:c5:78:d0:81:71:97:4b:26:d6:93:c5:c1:48:1e:9c:85:c2:
         0a:e8:c3:f0:ec:ab:54:a0:04:20:c2:03:18:e4:db:0a:74:85:
         0d:02:38:85:67:87:bb:b7:db:b9:2d:58:da:28:ed:51:0b:ce:
         17:b5:ee:2e:26:47:3d:e9:4c:55:04:df:24:cc:5a:2e:58:a5:
         93:b1:7c:12:a7:c3:86:13:a8:bd:7c:ad:a6:63:52:14:d2:6d:
         0a:4d:fa:4a:72:8f:2c:22:96:68:47:5a:bf:b1:a1:53:c1:7f:
         38:50:1f:ec:06:72:70:f8:2f:b8:0b:e7:de:e8:55:0d:9f:a9:
         a5:c6:1c:5a:86:85:15:88:c8:dd:c1:b1:40:98:15:3f:ca:42:
         94:7b:8d:9e:4e:f6:5d:53:a8:d1:7d:5f:6e:a7:a3:ba:f6:5a:
         93:eb:d4:d3:a8:a0:14:a5:9c:73:f8:c0:26:f1:2e:56:17:ec:
         e3:f0:4c:28:31:2a:4a:64:f2:97:62:78:4c:0d:07:89:b4:69:
         ae:99:de:52:33:36:36:a6:24:bd:08:7e:f0:0f:0e:18:2d:dc:
         c2:c6:a7:14:d7:e7:26:bc:d5:b2:01:24:c1:d2:fa:97:9d:03:
         5d:db:e9:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOtxQNFJaZgYslixUfg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDkyMDc5OTRiYTljN2Q5MWVhN2U0NzlmZWZkMWI4MDk5
ZjYyY2UwHhcNMjUxMTExMDcwMjE1WhcNMjUxMTEyMDcwMjE1WjAzMTEwLwYDVQQD
EyhhOWYzZTcwZGIxNmEyMWIzYjI3NTY4MTAzNDRmNGVjODM2ZjRmZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWb1s+gTt6+Cc40F6TBkO9hGbYvB
a3ifWqGODPUVXKbAxhkRnpdBO8cln+nk8r4ewhhDJwnppCgjooMGmj0ikyVvzd2k
+n3Ca4jJcRi2LDwGQZ/3QFGa1deet+3nECdiJvzcqeHg/iduhEEQxgwOuMKsUmqp
azdEc12Ji7yIYuoi/LGxLQ04dk+gdxx78FLKnf7QgdsUg2079pgjW9lb8U9vV+aZ
OYIniZkh0HgvDMcJ3udC/+P82qG8OOCyNN+ggu2A21tbj2gT2746+5znngnTTPZ6
QY4LrrMK/vHJrUM+nXeGea0qwSTTsmsMDEyiyaILe7Ja03GDrZTxtBTV+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKnz5w2xaiGzsnVoEDRPTsg29P9ZMB8GA1UdIwQY
MBaAFK3ZIHmUupx9kep+R5/v0bgJn2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAt
ZTUyMTI1NzRmOWVjLzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAtZTUyMTI1NzRmOWVj
LzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaFRzljLm
fru69hb1XzPVYZMQOsV40IFxl0sm1pPFwUgenIXCCujD8OyrVKAEIMIDGOTbCnSF
DQI4hWeHu7fbuS1Y2ijtUQvOF7XuLiZHPelMVQTfJMxaLlilk7F8EqfDhhOovXyt
pmNSFNJtCk36SnKPLCKWaEdav7GhU8F/OFAf7AZycPgvuAvn3uhVDZ+ppcYcWoaF
FYjI3cGxQJgVP8pClHuNnk72XVOo0X1fbqejuvZak+vU06igFKWcc/jAJvEuVhfs
4/BMKDEqSmTyl2J4TA0HibRprpneUjM2NqYkvQh+8A8OGC3cwsanFNfnJrzVsgEk
wdL6l50DXdvpuA==
-----END CERTIFICATE-----