Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          lyUY/jZxKIPSoMZ+3rqXP2EYgnjIFahVWSoBQj0LJSU=
Subject key identifier:   25:89:0E:D2:0E:19:0E:58:24:EE:58:E1:5D:91:16:EB:75:79:2A:BF
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       019A4E863ED6580D2661B3563AC43BA463F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          0393
Signing time:             Tue 04 Nov 2025 11:00:12 +0000
Manifest this update:     Tue 04 Nov 2025 11:00:12 +0000
Manifest next update:     Wed 05 Nov 2025 11:00:12 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: BNLUqcHd22K91jLNpzlKCNW1pzrd26qMlk9DwREVLkE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:86:3e:d6:58:0d:26:61:b3:56:3a:c4:3b:a4:63:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: Nov  4 11:00:12 2025 GMT
            Not After : Nov  5 11:00:12 2025 GMT
        Subject: CN=25890ed20e190e5824ee58e15d9116eb75792abf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:46:e1:75:78:cc:2f:99:b9:f1:88:78:0a:33:
                    f6:b8:34:5d:42:06:0e:3d:9c:4a:02:97:84:e7:d6:
                    97:38:96:6f:cb:e7:e8:9b:85:89:46:bb:4c:80:51:
                    31:79:d6:8a:dc:76:49:b4:05:98:81:42:eb:7b:80:
                    fc:1a:c3:bf:6f:35:0c:70:75:34:21:10:d0:2d:98:
                    8e:09:bf:17:12:25:6b:a8:7d:ee:9b:ea:cd:40:b5:
                    13:b7:6d:1a:bb:33:d7:d9:38:19:c0:ee:af:8c:02:
                    eb:a8:14:87:ed:bb:f7:12:a2:0c:21:44:86:74:b5:
                    8c:17:3f:03:e7:18:75:fe:9d:83:9f:f0:49:b6:02:
                    97:5a:72:4b:80:f4:98:ca:44:bb:8d:ef:8a:d9:40:
                    6e:23:a1:68:d1:5e:6c:13:92:76:3e:95:ea:b7:e8:
                    06:21:8a:f2:53:49:f4:cc:1b:97:ef:0e:d9:5f:12:
                    5f:a3:ab:68:81:10:f0:c8:2d:98:c9:a3:cc:be:2d:
                    6a:d9:91:04:84:f3:a4:23:0b:e8:6f:5a:3f:fe:0d:
                    20:23:1d:64:a7:7c:03:a9:d3:ba:77:4d:14:88:ce:
                    2f:bd:25:45:a3:e1:3a:16:c0:13:62:2c:6c:c1:d8:
                    03:f4:7c:d0:28:b8:9c:0c:47:18:66:56:52:7a:bd:
                    6b:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:89:0E:D2:0E:19:0E:58:24:EE:58:E1:5D:91:16:EB:75:79:2A:BF
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:92:15:50:75:77:cd:da:a7:26:6a:4c:06:7f:a7:66:7b:de:
         e7:58:a0:e9:3d:36:de:ef:ac:50:70:ad:73:d4:33:25:be:c7:
         64:fd:87:16:21:67:40:3a:06:75:4e:76:4a:45:27:78:05:07:
         5c:bd:bb:c2:c3:42:ae:81:89:1c:a8:55:9a:a5:bf:ac:85:62:
         2c:4f:87:39:d7:ce:35:e2:14:53:b7:8c:7f:90:eb:53:bf:24:
         69:6e:b4:89:ab:a3:cb:15:e9:ed:7a:16:6a:44:18:ef:cf:c6:
         01:07:1d:23:a7:08:86:b1:00:bb:86:ec:db:ba:1a:b2:f1:0d:
         d5:50:8a:02:b4:74:7a:d7:ae:23:f6:e3:5e:15:ee:5f:a1:31:
         28:de:e2:84:0a:84:e5:91:77:ac:14:37:7a:56:0f:19:e3:98:
         73:e1:8e:79:85:95:72:be:0a:f7:51:23:bb:ed:de:b3:c9:1f:
         76:ad:25:ab:e0:87:6b:eb:33:fb:40:60:41:96:7b:61:96:fd:
         ec:3f:9b:c4:2a:a2:a2:c2:d6:f5:ab:9f:df:e3:06:ca:6e:d6:
         32:26:f7:a0:89:51:52:be:8a:24:83:90:9d:31:6c:74:e6:ad:
         b4:59:0e:7a:83:f1:d8:05:23:74:db:c9:84:2c:b5:76:69:55:
         3c:a0:72:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhj7WWA0mYbNWOsQ7pGPyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjUxMTA0MTEwMDEyWhcNMjUxMTA1MTEwMDEyWjAzMTEwLwYDVQQD
EygyNTg5MGVkMjBlMTkwZTU4MjRlZTU4ZTE1ZDkxMTZlYjc1NzkyYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkbhdXjML5m58Yh4CjP2uDRdQgYO
PZxKApeE59aXOJZvy+fom4WJRrtMgFExedaK3HZJtAWYgULre4D8GsO/bzUMcHU0
IRDQLZiOCb8XEiVrqH3um+rNQLUTt20auzPX2TgZwO6vjALrqBSH7bv3EqIMIUSG
dLWMFz8D5xh1/p2Dn/BJtgKXWnJLgPSYykS7je+K2UBuI6Fo0V5sE5J2PpXqt+gG
IYryU0n0zBuX7w7ZXxJfo6togRDwyC2YyaPMvi1q2ZEEhPOkIwvob1o//g0gIx1k
p3wDqdO6d00UiM4vvSVFo+E6FsATYixswdgD9HzQKLicDEcYZlZSer1ryQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWJDtIOGQ5YJO5Y4V2RFut1eSq/MB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaZIVUHV3
zdqnJmpMBn+nZnve51ig6T023u+sUHCtc9QzJb7HZP2HFiFnQDoGdU52SkUneAUH
XL27wsNCroGJHKhVmqW/rIViLE+HOdfONeIUU7eMf5DrU78kaW60iaujyxXp7XoW
akQY78/GAQcdI6cIhrEAu4bs27oasvEN1VCKArR0eteuI/bjXhXuX6ExKN7ihAqE
5ZF3rBQ3elYPGeOYc+GOeYWVcr4K91Eju+3es8kfdq0lq+CHa+sz+0BgQZZ7YZb9
7D+bxCqiosLW9auf3+MGym7WMib3oIlRUr6KJIOQnTFsdOattFkOeoPx2AUjdNvJ
hCy1dmlVPKByUw==
-----END CERTIFICATE-----