Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          kJPyFhXrxzd9ntgQMISangLTcABvno7TauXGJczzqqE=
Subject key identifier:   68:96:1A:4B:82:4D:7F:00:7F:54:B1:31:7F:84:5E:65:B5:79:22:EB
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       019A4EF5F15D7EC4EFEA823FD8960102B564
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          0799
Signing time:             Tue 04 Nov 2025 13:02:12 +0000
Manifest this update:     Tue 04 Nov 2025 13:02:12 +0000
Manifest next update:     Wed 05 Nov 2025 13:02:12 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: nxx/r6srAETYpcYeLqcveeUczj9Iu0TinXywsdVCl8c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:f1:5d:7e:c4:ef:ea:82:3f:d8:96:01:02:b5:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Nov  4 13:02:12 2025 GMT
            Not After : Nov  5 13:02:12 2025 GMT
        Subject: CN=68961a4b824d7f007f54b1317f845e65b57922eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:bc:53:b0:7a:7a:df:24:39:80:5c:7b:52:d7:
                    04:09:8a:22:b5:37:8a:0b:53:95:db:dc:fa:20:cf:
                    46:aa:63:4b:1c:44:c5:db:35:0f:88:89:82:c4:ef:
                    8d:90:86:93:b0:ba:43:9b:90:4e:9a:60:09:e6:34:
                    70:d5:50:a9:49:f8:c7:8f:ce:3e:5b:fa:47:88:53:
                    f6:86:4e:62:d4:55:8f:23:21:ee:0c:3b:86:41:d9:
                    b3:74:0a:5e:eb:43:ec:07:f0:d0:b0:77:bc:11:21:
                    75:25:67:34:06:f9:5a:7a:ee:7a:72:87:56:97:e4:
                    e8:00:43:47:9e:7e:fe:b3:41:e7:f9:7b:e2:e6:11:
                    ab:6a:e1:69:f3:42:29:25:81:7c:fe:02:b4:42:76:
                    e6:50:e0:ef:f4:d6:fd:6e:28:e2:10:c3:60:c2:26:
                    0f:fb:34:47:d5:ae:3d:61:b7:10:a9:be:9e:a5:3d:
                    62:71:d6:ce:b5:e6:13:a6:48:ed:8f:cb:3a:6c:63:
                    ed:e2:1a:ef:30:50:8e:29:b9:29:0e:14:73:fb:20:
                    01:07:ef:da:aa:a3:12:88:4b:a0:db:d4:60:9b:a2:
                    6d:45:f3:8e:6f:b1:d5:61:b6:bc:76:06:3d:f2:f5:
                    3c:39:05:f1:fa:3b:72:0d:29:fb:d8:7e:4b:a2:28:
                    6f:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:96:1A:4B:82:4D:7F:00:7F:54:B1:31:7F:84:5E:65:B5:79:22:EB
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:be:15:04:83:72:00:5c:bd:42:cf:15:b5:e5:e4:46:dc:27:
         c1:1e:4b:58:a6:96:d1:fc:bd:04:5f:74:5a:2f:f3:d2:be:ee:
         86:7e:ae:6d:0c:20:7e:41:b7:7e:4a:a1:1c:fc:56:00:e6:a2:
         67:dd:8f:20:c3:71:78:47:7e:5c:c4:c7:84:07:8c:01:1b:df:
         d0:62:31:67:33:33:db:5f:45:a8:68:8a:a5:61:6b:bc:50:4a:
         8e:87:b7:af:31:3b:0c:97:45:be:89:33:65:71:3e:df:b6:18:
         63:19:71:66:e1:85:9f:55:8b:99:d5:31:38:cc:d2:cf:69:c1:
         6c:4d:b8:de:96:39:c2:ea:4a:ad:ab:13:13:ac:ad:bb:09:73:
         6d:73:0a:a0:a2:3f:73:3f:3b:f5:d7:99:76:25:26:05:25:87:
         ac:97:cf:b7:74:fe:24:5b:e4:2b:a5:ef:08:7b:b0:53:3a:e7:
         05:69:21:5c:ad:c9:f6:5a:17:39:e0:59:4c:50:a6:04:48:89:
         b9:74:3a:39:28:1a:ba:ef:3d:02:7f:f2:0d:4f:77:aa:eb:2c:
         28:3f:c8:cc:95:d2:71:4e:e0:f4:f0:72:bd:da:94:38:60:16:
         3b:da:14:8b:42:6f:77:3e:05:e7:5e:5c:c4:10:c9:e4:cf:fc:
         9d:49:b8:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9fFdfsTv6oI/2JYBArVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjUxMTA0MTMwMjEyWhcNMjUxMTA1MTMwMjEyWjAzMTEwLwYDVQQD
Eyg2ODk2MWE0YjgyNGQ3ZjAwN2Y1NGIxMzE3Zjg0NWU2NWI1NzkyMmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27xTsHp63yQ5gFx7UtcECYoitTeK
C1OV29z6IM9GqmNLHETF2zUPiImCxO+NkIaTsLpDm5BOmmAJ5jRw1VCpSfjHj84+
W/pHiFP2hk5i1FWPIyHuDDuGQdmzdApe60PsB/DQsHe8ESF1JWc0Bvlaeu56codW
l+ToAENHnn7+s0Hn+Xvi5hGrauFp80IpJYF8/gK0QnbmUODv9Nb9bijiEMNgwiYP
+zRH1a49YbcQqb6epT1icdbOteYTpkjtj8s6bGPt4hrvMFCOKbkpDhRz+yABB+/a
qqMSiEug29Rgm6JtRfOOb7HVYba8dgY98vU8OQXx+jtyDSn72H5LoihvIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiWGkuCTX8Af1SxMX+EXmW1eSLrMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXL4VBINy
AFy9Qs8VteXkRtwnwR5LWKaW0fy9BF90Wi/z0r7uhn6ubQwgfkG3fkqhHPxWAOai
Z92PIMNxeEd+XMTHhAeMARvf0GIxZzMz219FqGiKpWFrvFBKjoe3rzE7DJdFvokz
ZXE+37YYYxlxZuGFn1WLmdUxOMzSz2nBbE243pY5wupKrasTE6ytuwlzbXMKoKI/
cz879deZdiUmBSWHrJfPt3T+JFvkK6XvCHuwUzrnBWkhXK3J9loXOeBZTFCmBEiJ
uXQ6OSgauu89An/yDU93qussKD/IzJXScU7g9PByvdqUOGAWO9oUi0Jvdz4F515c
xBDJ5M/8nUm4dw==
-----END CERTIFICATE-----