Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
File:                     DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft (raw, json)
Hash identifier:          sNiB/yUwTafS6n37JaCH0VecHZ9Z7V1YsFkIhUbFDZ4=
Subject key identifier:   F3:BC:AE:80:93:89:2D:F7:8C:CB:82:2F:EB:78:6B:4D:77:2D:A3:7F
Authority key identifier: 0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8
Certificate issuer:       /CN=0ddc509b4db35203ab616f4781f85dd5860443d8
Certificate serial:       019894B7CBA2509C924440E69C8F2AD57306
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
Manifest number:          1360
Signing time:             Sun 10 Aug 2025 16:02:09 +0000
Manifest this update:     Sun 10 Aug 2025 16:02:09 +0000
Manifest next update:     Mon 11 Aug 2025 16:02:09 +0000
Files and hashes:         1: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl (hash: TFGsP55RBO2WIckC7rUjVXLuhINJfY6SsyUc40Q4PIg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 16:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:94:b7:cb:a2:50:9c:92:44:40:e6:9c:8f:2a:d5:73:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ddc509b4db35203ab616f4781f85dd5860443d8
        Validity
            Not Before: Aug 10 16:02:09 2025 GMT
            Not After : Aug 11 16:02:09 2025 GMT
        Subject: CN=f3bcae8093892df78ccb822feb786b4d772da37f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:be:69:e2:a0:47:6e:b7:00:7a:93:df:e5:59:
                    26:f0:85:3e:64:d9:a1:2e:b5:cf:47:95:f0:11:e8:
                    25:20:04:32:99:ae:44:c9:c4:fa:92:c2:f2:64:ef:
                    92:81:61:82:43:a3:61:1b:80:71:3d:5a:ae:cd:54:
                    d0:de:14:f8:c1:3d:9b:20:ba:5d:82:d6:eb:a4:69:
                    ae:73:e2:2a:e5:c2:25:35:77:18:ca:36:f7:4d:a2:
                    25:26:73:03:2a:45:20:b9:6a:6a:9e:81:19:c8:f8:
                    2e:76:c2:4a:61:63:98:a3:11:ac:fe:05:dd:27:b0:
                    98:0f:e9:77:91:f2:c7:c1:83:2f:ab:83:70:4c:6d:
                    d2:d0:12:7c:6a:8e:ac:d7:05:c1:cf:cc:a4:b3:d5:
                    5f:c0:e8:d1:e5:17:96:58:3f:2c:47:d0:41:c5:0b:
                    1f:eb:f9:66:1e:74:86:d8:9c:58:3a:4e:02:af:41:
                    df:5f:5d:95:97:b7:3d:7a:77:6a:fe:6a:66:61:bd:
                    60:c4:8f:37:cb:03:e1:e0:0d:85:73:34:6c:f5:ae:
                    88:8d:b0:65:11:84:af:db:3b:50:3c:69:73:fa:15:
                    e1:26:56:6b:b4:60:6e:64:99:81:7a:a4:b5:f7:f2:
                    1c:12:88:48:8d:ad:d1:3b:d5:06:89:32:c0:be:16:
                    b1:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:BC:AE:80:93:89:2D:F7:8C:CB:82:2F:EB:78:6B:4D:77:2D:A3:7F
            X509v3 Authority Key Identifier:
                keyid:0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:59:cf:4e:87:b7:26:e4:1d:16:b7:0c:c0:63:17:f7:df:72:
         21:16:bb:54:ac:a3:e0:ae:82:60:f7:5d:8d:46:bc:8a:eb:d8:
         2b:21:22:94:f7:90:87:22:19:9a:18:76:a4:99:9d:59:e2:d1:
         63:ac:09:ae:8c:25:62:39:34:73:5f:92:6a:85:91:64:41:b1:
         87:67:85:80:40:7c:50:fc:c1:61:29:ad:3b:e8:e6:2d:66:4e:
         0f:7d:2b:b7:4c:66:43:fe:56:0c:64:91:8a:6f:f3:12:68:dc:
         13:41:34:92:ad:74:c5:ee:12:de:1b:0a:65:d7:e4:33:f5:2c:
         6d:2e:fa:ff:c8:c3:1b:2f:63:90:4d:eb:a6:87:53:d5:a8:78:
         da:45:cb:af:ca:5f:8e:59:0b:a9:e0:cd:14:f1:ab:0f:56:45:
         27:fa:bd:5b:7e:2a:47:41:0f:69:e8:bb:73:40:e7:3b:d9:9e:
         3a:e0:bf:f5:10:61:d0:06:43:39:96:73:2b:dc:79:43:0b:42:
         d4:47:5e:a3:a7:79:33:58:69:dd:66:6a:fb:10:25:71:e5:b5:
         84:d2:84:df:c5:74:41:3a:0e:9b:01:00:db:09:fa:d8:81:21:
         66:4d:61:07:03:e1:62:81:d9:99:a5:97:33:48:6c:63:19:a9:
         90:a2:79:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiUt8uiUJySREDmnI8q1XMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZGM1MDliNGRiMzUyMDNhYjYxNmY0NzgxZjg1ZGQ1ODYw
NDQzZDgwHhcNMjUwODEwMTYwMjA5WhcNMjUwODExMTYwMjA5WjAzMTEwLwYDVQQD
EyhmM2JjYWU4MDkzODkyZGY3OGNjYjgyMmZlYjc4NmI0ZDc3MmRhMzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr5p4qBHbrcAepPf5Vkm8IU+ZNmh
LrXPR5XwEeglIAQyma5EycT6ksLyZO+SgWGCQ6NhG4BxPVquzVTQ3hT4wT2bILpd
gtbrpGmuc+Iq5cIlNXcYyjb3TaIlJnMDKkUguWpqnoEZyPgudsJKYWOYoxGs/gXd
J7CYD+l3kfLHwYMvq4NwTG3S0BJ8ao6s1wXBz8yks9VfwOjR5ReWWD8sR9BBxQsf
6/lmHnSG2JxYOk4Cr0HfX12Vl7c9endq/mpmYb1gxI83ywPh4A2FczRs9a6IjbBl
EYSv2ztQPGlz+hXhJlZrtGBuZJmBeqS19/IcEohIja3RO9UGiTLAvhaxMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPO8roCTiS33jMuCL+t4a013LaN/MB8GA1UdIwQY
MBaAFA3cUJtNs1IDq2FvR4H4XdWGBEPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYt
ODdlNTc1N2I5N2UzLzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYtODdlNTc1N2I5N2Uz
LzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl1nPToe3
JuQdFrcMwGMX999yIRa7VKyj4K6CYPddjUa8iuvYKyEilPeQhyIZmhh2pJmdWeLR
Y6wJrowlYjk0c1+SaoWRZEGxh2eFgEB8UPzBYSmtO+jmLWZOD30rt0xmQ/5WDGSR
im/zEmjcE0E0kq10xe4S3hsKZdfkM/UsbS76/8jDGy9jkE3rpodT1ah42kXLr8pf
jlkLqeDNFPGrD1ZFJ/q9W34qR0EPaei7c0DnO9meOuC/9RBh0AZDOZZzK9x5QwtC
1Edeo6d5M1hp3WZq+xAlceW1hNKE38V0QToOmwEA2wn62IEhZk1hBwPhYoHZmaWX
M0hsYxmpkKJ5oQ==
-----END CERTIFICATE-----