Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
File:                     dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft (raw, json)
Hash identifier:          357vrwQ6moNnQaHqyfSxznbTVREulPu6tlyDExUQxeo=
Subject key identifier:   DC:C9:AA:DF:A3:14:03:31:30:2E:09:DF:23:2F:40:A5:95:80:19:EA
Authority key identifier: 74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94
Certificate issuer:       /CN=7422f985cb34a03c7c5581642c6d6eb432c83e94
Certificate serial:       019A51511D3EC9C54E6FF508AF32B9237F09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
Manifest number:          0EE5
Signing time:             Wed 05 Nov 2025 00:01:01 +0000
Manifest this update:     Wed 05 Nov 2025 00:01:01 +0000
Manifest next update:     Thu 06 Nov 2025 00:01:01 +0000
Files and hashes:         1: dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl (hash: L0Y+aPN2do6iTbBtO/gkawUbxR0JXF+vUtZ/B/X4A3w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:51:1d:3e:c9:c5:4e:6f:f5:08:af:32:b9:23:7f:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7422f985cb34a03c7c5581642c6d6eb432c83e94
        Validity
            Not Before: Nov  5 00:01:01 2025 GMT
            Not After : Nov  6 00:01:01 2025 GMT
        Subject: CN=dcc9aadfa3140331302e09df232f40a5958019ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:44:14:56:cf:24:0b:ee:fd:bc:7f:b4:f5:
                    d1:c6:83:84:74:7c:0f:d2:f1:01:cd:05:dd:b0:d5:
                    c7:22:e2:a5:d5:39:c8:99:f8:07:d6:2f:00:f3:33:
                    64:28:c1:95:b2:21:7e:73:28:2a:8e:b8:1e:c8:b0:
                    3a:a8:2b:3b:78:d6:b4:9f:10:4a:c2:2d:31:55:ee:
                    f0:c8:da:1b:69:6e:ac:56:82:2e:e4:77:d9:04:64:
                    43:1b:68:b4:07:83:e7:e5:3b:6b:28:fc:a2:8b:57:
                    a3:2a:cc:49:6c:f6:45:fa:5b:43:d4:27:75:c0:75:
                    06:5d:fc:fc:c8:ac:ad:6f:a7:e9:93:2a:40:26:26:
                    6e:f9:21:67:32:16:8a:6a:1f:d2:41:f3:89:da:77:
                    91:8d:e9:9e:b2:5e:bf:cd:31:86:37:c1:d5:00:53:
                    81:db:92:c6:6b:34:9a:70:18:2c:c1:dc:5e:47:bc:
                    1d:0b:f2:c2:15:d7:a3:2d:58:56:f8:45:76:fc:41:
                    75:bb:81:61:ac:91:a0:08:56:42:9d:ae:f1:d5:4a:
                    75:50:1d:09:e5:fc:9b:83:e6:38:27:4b:ea:13:96:
                    1f:41:be:e3:15:06:f5:9c:31:fc:f9:63:68:b7:0e:
                    39:29:31:e6:69:d5:a4:5f:c3:f8:06:bb:c6:4d:22:
                    59:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:C9:AA:DF:A3:14:03:31:30:2E:09:DF:23:2F:40:A5:95:80:19:EA
            X509v3 Authority Key Identifier:
                keyid:74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:19:1d:b7:61:4a:9a:b5:4d:ce:39:17:67:60:63:d3:82:d8:
         d3:dd:82:e3:7c:c3:70:42:08:0d:9e:f9:74:44:b0:a7:88:f2:
         d9:de:f0:49:84:8f:5c:c6:92:d1:05:84:24:57:6a:8a:98:39:
         02:63:e4:3a:16:5c:da:74:5f:a0:4d:b1:20:ce:7f:8a:de:5f:
         07:5d:db:fc:65:ea:53:17:cd:f2:88:ed:ce:8c:2d:f2:06:4b:
         b5:56:a5:20:66:f3:74:49:b5:1c:bd:10:f5:a0:31:0c:d6:4d:
         05:7a:bf:92:19:14:ef:ce:8f:f8:4b:74:27:43:b0:65:80:e3:
         a4:3f:47:f4:2f:01:72:e3:5c:d3:28:a2:c4:cb:2a:fd:da:59:
         b2:b5:2e:85:c8:68:72:f4:c6:c4:21:fd:92:0e:ad:05:a3:31:
         d8:53:6b:11:d8:d1:b0:4b:f0:2c:33:a7:46:c3:10:59:33:37:
         4d:31:3b:d1:70:b4:5b:b7:48:61:dd:3f:16:96:83:d6:7a:60:
         92:67:0f:fa:c0:37:2e:1f:c0:6d:1b:ad:9e:d5:1f:c9:c8:8e:
         7e:28:7d:da:fb:81:95:67:ef:56:2b:e7:08:a4:97:f8:4c:8b:
         bf:a6:f6:85:95:db:a1:92:4d:a7:72:3c:eb:cf:78:bc:12:18:
         b8:18:bc:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUR0+ycVOb/UIrzK5I38JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjJmOTg1Y2IzNGEwM2M3YzU1ODE2NDJjNmQ2ZWI0MzJj
ODNlOTQwHhcNMjUxMTA1MDAwMTAxWhcNMjUxMTA2MDAwMTAxWjAzMTEwLwYDVQQD
EyhkY2M5YWFkZmEzMTQwMzMxMzAyZTA5ZGYyMzJmNDBhNTk1ODAxOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/1EFFbPJAvu/bx/tPXRxoOEdHwP
0vEBzQXdsNXHIuKl1TnImfgH1i8A8zNkKMGVsiF+cygqjrgeyLA6qCs7eNa0nxBK
wi0xVe7wyNobaW6sVoIu5HfZBGRDG2i0B4Pn5TtrKPyii1ejKsxJbPZF+ltD1Cd1
wHUGXfz8yKytb6fpkypAJiZu+SFnMhaKah/SQfOJ2neRjemesl6/zTGGN8HVAFOB
25LGazSacBgswdxeR7wdC/LCFdejLVhW+EV2/EF1u4FhrJGgCFZCna7x1Up1UB0J
5fybg+Y4J0vqE5YfQb7jFQb1nDH8+WNotw45KTHmadWkX8P4BrvGTSJZMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzJqt+jFAMxMC4J3yMvQKWVgBnqMB8GA1UdIwQY
MBaAFHQi+YXLNKA8fFWBZCxtbrQyyD6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmIt
NTE0MWZhMzkwODBhLzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmItNTE0MWZhMzkwODBh
LzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtRkdt2FK
mrVNzjkXZ2Bj04LY092C43zDcEIIDZ75dESwp4jy2d7wSYSPXMaS0QWEJFdqipg5
AmPkOhZc2nRfoE2xIM5/it5fB13b/GXqUxfN8ojtzowt8gZLtValIGbzdEm1HL0Q
9aAxDNZNBXq/khkU786P+Et0J0OwZYDjpD9H9C8BcuNc0yiixMsq/dpZsrUuhcho
cvTGxCH9kg6tBaMx2FNrEdjRsEvwLDOnRsMQWTM3TTE70XC0W7dIYd0/FpaD1npg
kmcP+sA3Lh/AbRutntUfyciOfih92vuBlWfvVivnCKSX+EyLv6b2hZXboZJNp3I8
6894vBIYuBi8Yg==
-----END CERTIFICATE-----