Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          KB7a4Z2SyEavv9tFUTzPuUmPAPz4lUz0TZflSzg5Rlo=
Subject key identifier:   0D:5E:9E:95:C8:73:A8:5F:76:A5:69:43:CA:B5:B9:23:7C:5A:6B:0F
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       019A4F624AC4E7E733A626A9A82A9C927FE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          0637
Signing time:             Tue 04 Nov 2025 15:00:32 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:32 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:32 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: hQ2tY+Qn2dZE3NIDk7VhaoC+IsZyKv9mtNin+nPJliY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:4a:c4:e7:e7:33:a6:26:a9:a8:2a:9c:92:7f:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Nov  4 15:00:32 2025 GMT
            Not After : Nov  5 15:00:32 2025 GMT
        Subject: CN=0d5e9e95c873a85f76a56943cab5b9237c5a6b0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:64:68:a9:40:9b:b8:5e:7f:6b:a3:63:53:44:
                    29:bc:23:91:91:65:23:7f:0b:62:14:b7:af:34:0b:
                    b3:01:8c:aa:2c:14:fc:ec:b5:b3:98:9b:a2:2e:08:
                    72:fd:75:68:9f:94:c3:88:c2:21:8a:96:a6:97:33:
                    97:6a:49:5a:22:34:bf:15:4b:76:a4:29:56:6b:70:
                    b6:ff:0b:5d:1c:91:3b:c1:ca:f1:db:b3:68:f2:03:
                    95:e4:d6:1b:95:02:a9:9a:d0:95:19:4c:c2:a7:50:
                    f6:46:7a:00:17:f4:b0:07:25:5b:23:37:cf:45:e6:
                    81:55:ea:d1:d1:ee:78:25:3b:84:fd:27:6e:1e:4d:
                    e5:ec:c1:d4:92:02:57:01:e8:5f:3d:11:22:d2:87:
                    e4:2d:59:61:44:43:81:82:b5:c6:75:bc:44:7c:16:
                    8a:21:9f:8c:8f:b2:63:4f:cf:b5:ff:84:6a:78:af:
                    e1:81:38:c7:02:a0:d4:b5:d5:ad:fc:b0:77:37:76:
                    05:a2:7a:1f:4a:7b:6a:23:b4:61:f3:e4:25:50:ff:
                    43:b9:26:a9:19:58:7a:e7:fe:3f:aa:dd:db:60:1c:
                    ac:fc:b6:49:70:64:17:92:6e:fa:09:46:a2:1b:af:
                    c6:18:24:44:ea:3f:bc:c6:cf:e1:91:59:60:36:f2:
                    27:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:5E:9E:95:C8:73:A8:5F:76:A5:69:43:CA:B5:B9:23:7C:5A:6B:0F
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:48:ab:4e:94:67:cc:59:eb:b1:c6:e3:1c:bb:50:1d:c7:93:
         41:a5:4a:33:8a:7d:b6:19:14:15:f0:8e:2c:df:f5:31:9e:88:
         9d:8d:85:74:38:3f:19:1b:75:84:af:d8:32:34:1d:d0:ca:90:
         d3:49:71:38:6e:98:dc:49:51:4f:d1:9e:8d:33:a3:cb:7b:92:
         28:ac:a9:f5:c1:19:5f:5f:2b:cd:15:43:c6:9b:0d:93:92:8e:
         34:c1:16:3a:90:88:37:1b:ce:fd:da:1e:9c:12:2d:89:00:7b:
         a3:a9:61:98:3b:0b:ee:dd:59:a9:0a:d6:d5:02:2e:71:5f:58:
         f2:64:03:53:71:e9:e4:00:3b:d0:d6:99:18:77:22:96:47:6a:
         52:cb:1f:0f:75:2a:49:e9:cb:cd:20:a1:ac:ad:d6:cd:36:b5:
         00:bc:10:08:7c:33:80:a8:df:92:fa:3e:4d:4e:84:53:3f:5a:
         42:e8:da:94:70:f5:3d:fc:fa:25:b3:ae:a5:9e:c0:4a:26:88:
         9c:0c:1e:41:5c:03:16:69:4c:a1:36:d2:84:46:82:ba:64:f4:
         15:c8:a8:54:9f:d4:1b:84:80:7e:89:fa:53:65:b1:15:f9:85:
         0b:1e:58:e1:bf:d4:71:07:80:13:0a:bb:dc:b4:c0:05:18:86:
         30:60:20:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYkrE5+czpiapqCqckn/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjUxMTA0MTUwMDMyWhcNMjUxMTA1MTUwMDMyWjAzMTEwLwYDVQQD
EygwZDVlOWU5NWM4NzNhODVmNzZhNTY5NDNjYWI1YjkyMzdjNWE2YjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2RoqUCbuF5/a6NjU0QpvCORkWUj
fwtiFLevNAuzAYyqLBT87LWzmJuiLghy/XVon5TDiMIhipamlzOXaklaIjS/FUt2
pClWa3C2/wtdHJE7wcrx27No8gOV5NYblQKpmtCVGUzCp1D2RnoAF/SwByVbIzfP
ReaBVerR0e54JTuE/SduHk3l7MHUkgJXAehfPREi0ofkLVlhREOBgrXGdbxEfBaK
IZ+Mj7JjT8+1/4RqeK/hgTjHAqDUtdWt/LB3N3YFonofSntqI7Rh8+QlUP9DuSap
GVh65/4/qt3bYBys/LZJcGQXkm76CUaiG6/GGCRE6j+8xs/hkVlgNvIniQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1enpXIc6hfdqVpQ8q1uSN8WmsPMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtUirTpRn
zFnrscbjHLtQHceTQaVKM4p9thkUFfCOLN/1MZ6InY2FdDg/GRt1hK/YMjQd0MqQ
00lxOG6Y3ElRT9GejTOjy3uSKKyp9cEZX18rzRVDxpsNk5KONMEWOpCINxvO/doe
nBItiQB7o6lhmDsL7t1ZqQrW1QIucV9Y8mQDU3Hp5AA70NaZGHcilkdqUssfD3Uq
SenLzSChrK3WzTa1ALwQCHwzgKjfkvo+TU6EUz9aQujalHD1Pfz6JbOupZ7ASiaI
nAweQVwDFmlMoTbShEaCumT0FcioVJ/UG4SAfon6U2WxFfmFCx5Y4b/UcQeAEwq7
3LTABRiGMGAgqw==
-----END CERTIFICATE-----