Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
File:                     dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft (raw, json)
Hash identifier:          sJsDKT2BzsxK88kACnkgEFufd/oeCxX/QrGD4GNcUKI=
Subject key identifier:   02:3F:8B:0A:91:2E:B6:A7:BC:36:8C:7C:C5:70:2D:7B:EE:CA:F0:42
Authority key identifier: 74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94
Certificate issuer:       /CN=7422f985cb34a03c7c5581642c6d6eb432c83e94
Certificate serial:       0198933601A4F27B154C63CF3500D4F9A42A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
Manifest number:          0DFE
Signing time:             Sun 10 Aug 2025 09:00:46 +0000
Manifest this update:     Sun 10 Aug 2025 09:00:46 +0000
Manifest next update:     Mon 11 Aug 2025 09:00:46 +0000
Files and hashes:         1: dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl (hash: QJ9B62nIK7HkHoj12xSph/J0qqzKLoAsIkWDswpFPtY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:36:01:a4:f2:7b:15:4c:63:cf:35:00:d4:f9:a4:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7422f985cb34a03c7c5581642c6d6eb432c83e94
        Validity
            Not Before: Aug 10 09:00:46 2025 GMT
            Not After : Aug 11 09:00:46 2025 GMT
        Subject: CN=023f8b0a912eb6a7bc368c7cc5702d7beecaf042
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ba:c9:34:a6:f6:49:5c:d0:e0:63:58:93:0d:
                    cf:d8:8e:66:f8:dd:de:75:4c:84:e4:1d:57:a1:06:
                    64:85:96:76:9c:07:05:8d:81:ab:95:86:76:d6:09:
                    99:59:ec:c4:9b:55:d7:08:f2:d6:45:59:63:20:9c:
                    de:d8:e0:91:cd:6d:3b:08:e1:37:f6:93:62:1f:c1:
                    ad:56:f3:3e:47:45:5b:df:ed:a2:5b:76:d3:f6:8f:
                    05:ce:65:bd:df:0f:9e:3f:29:37:07:d5:43:70:64:
                    79:96:4a:7c:92:f8:23:4d:25:df:e9:39:eb:5f:76:
                    ba:95:d9:aa:b5:c3:3e:07:df:ca:8e:47:76:ee:1b:
                    b0:f5:ed:f7:79:f2:00:aa:c4:62:b1:c9:96:62:7d:
                    0f:62:bf:0b:15:c8:77:3c:e7:15:58:cb:59:8d:4d:
                    63:af:e3:f7:0a:bd:59:e8:67:20:8b:12:be:72:26:
                    25:d4:8c:09:e2:c9:7f:dc:86:38:05:d4:17:4f:01:
                    24:e9:c7:83:8d:b3:e8:9c:fe:bf:cb:ca:b1:d3:26:
                    3d:49:f5:b7:f2:4c:7b:09:3b:81:c6:f1:63:4d:e0:
                    e9:af:7f:47:e8:b1:06:1a:f3:9d:7b:1b:20:79:6c:
                    b4:6a:be:85:92:d3:c8:ed:5c:37:8f:7a:0a:19:e1:
                    a2:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:3F:8B:0A:91:2E:B6:A7:BC:36:8C:7C:C5:70:2D:7B:EE:CA:F0:42
            X509v3 Authority Key Identifier:
                keyid:74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:c0:30:3b:88:96:bd:e6:8b:f5:1e:4e:ab:0e:98:2f:67:2d:
         09:b9:05:ba:71:cf:a5:1c:d3:47:12:27:d0:83:34:3e:1c:dc:
         8f:1a:b2:e5:69:50:2f:60:48:bd:0f:7a:67:36:5c:bd:b8:11:
         28:10:18:da:f9:77:51:f2:44:87:3d:8e:60:ed:e6:79:e4:ac:
         f0:c6:cd:7a:0d:c5:11:e3:f6:fb:65:e2:3d:5f:fc:99:cc:2b:
         29:ab:be:cd:1c:3e:4d:fc:65:48:52:2a:f0:11:2b:d0:34:36:
         63:5a:a3:93:23:6d:2b:60:de:a3:ae:42:75:dc:cc:64:57:03:
         59:96:bb:47:a8:05:a6:2b:8c:f0:14:41:85:85:c3:0b:ea:fb:
         90:17:fb:0a:97:b1:b2:be:13:5d:67:dc:74:ff:6c:b8:82:df:
         e0:11:7e:3d:dc:11:e9:cc:96:81:70:1f:39:13:03:61:4d:07:
         17:2e:7f:ef:bc:56:a4:5f:5a:d0:ca:b7:93:13:c9:20:01:f4:
         77:e9:9b:eb:98:7a:94:30:9d:6c:41:db:ff:93:0f:14:85:e6:
         c1:e2:46:b9:2e:ab:a7:22:14:fb:50:98:59:c2:aa:d4:9a:9e:
         70:c1:0b:1e:ae:0a:0d:dd:2a:af:81:9a:b6:03:cd:27:a2:1a:
         8d:74:e8:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTNgGk8nsVTGPPNQDU+aQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjJmOTg1Y2IzNGEwM2M3YzU1ODE2NDJjNmQ2ZWI0MzJj
ODNlOTQwHhcNMjUwODEwMDkwMDQ2WhcNMjUwODExMDkwMDQ2WjAzMTEwLwYDVQQD
EygwMjNmOGIwYTkxMmViNmE3YmMzNjhjN2NjNTcwMmQ3YmVlY2FmMDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLrJNKb2SVzQ4GNYkw3P2I5m+N3e
dUyE5B1XoQZkhZZ2nAcFjYGrlYZ21gmZWezEm1XXCPLWRVljIJze2OCRzW07COE3
9pNiH8GtVvM+R0Vb3+2iW3bT9o8FzmW93w+ePyk3B9VDcGR5lkp8kvgjTSXf6Tnr
X3a6ldmqtcM+B9/Kjkd27huw9e33efIAqsRiscmWYn0PYr8LFch3POcVWMtZjU1j
r+P3Cr1Z6GcgixK+ciYl1IwJ4sl/3IY4BdQXTwEk6ceDjbPonP6/y8qx0yY9SfW3
8kx7CTuBxvFjTeDpr39H6LEGGvOdexsgeWy0ar6FktPI7Vw3j3oKGeGiUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAI/iwqRLranvDaMfMVwLXvuyvBCMB8GA1UdIwQY
MBaAFHQi+YXLNKA8fFWBZCxtbrQyyD6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmIt
NTE0MWZhMzkwODBhLzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmItNTE0MWZhMzkwODBh
LzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoMAwO4iW
veaL9R5Oqw6YL2ctCbkFunHPpRzTRxIn0IM0Phzcjxqy5WlQL2BIvQ96ZzZcvbgR
KBAY2vl3UfJEhz2OYO3meeSs8MbNeg3FEeP2+2XiPV/8mcwrKau+zRw+TfxlSFIq
8BEr0DQ2Y1qjkyNtK2Deo65CddzMZFcDWZa7R6gFpiuM8BRBhYXDC+r7kBf7Cpex
sr4TXWfcdP9suILf4BF+PdwR6cyWgXAfORMDYU0HFy5/77xWpF9a0Mq3kxPJIAH0
d+mb65h6lDCdbEHb/5MPFIXmweJGuS6rpyIU+1CYWcKq1JqecMELHq4KDd0qr4Ga
tgPNJ6IajXTo2Q==
-----END CERTIFICATE-----