Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          C8bE3NbAjPRALlwGc9j/l+hBKloPLfuT+KKpRcbaddY=
Subject key identifier:   D0:53:4F:FF:2E:CF:9E:1D:92:7E:F4:3F:0B:A5:21:23:A3:EE:EE:C4
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019873E1F6641A417868D8CE9DC6E97DADC5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          11A6
Signing time:             Mon 04 Aug 2025 07:00:45 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:45 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:45 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: dGvmMLGLt/7DIHS0zLMyKWL3IkIvpjzUWke8nBIPjZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e1:f6:64:1a:41:78:68:d8:ce:9d:c6:e9:7d:ad:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Aug  4 07:00:45 2025 GMT
            Not After : Aug  5 07:00:45 2025 GMT
        Subject: CN=d0534fff2ecf9e1d927ef43f0ba52123a3eeeec4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:df:41:df:18:86:51:aa:4f:a8:c9:a6:ff:07:
                    d2:62:53:b7:b1:5d:46:27:51:c5:e0:90:e0:e0:80:
                    29:28:6f:aa:cd:38:5c:3f:fb:22:ec:43:11:b5:58:
                    4c:5c:76:e5:4d:87:7e:01:7c:3d:c0:94:a2:61:f2:
                    94:f7:93:82:d0:87:10:a9:e4:cd:b6:95:d7:71:b4:
                    1e:7a:de:4c:78:1d:07:bf:8f:2a:e1:ba:5f:f0:5a:
                    11:29:17:7b:c3:fb:c1:6b:b0:2a:ac:2e:e4:2d:2b:
                    69:05:fd:7c:30:35:52:c4:68:76:e9:5e:26:ad:43:
                    84:f0:a7:e6:8f:6c:c7:a0:08:f1:65:9a:0b:cb:81:
                    7a:62:f6:56:59:81:01:d9:f1:5a:74:03:14:5c:c2:
                    fb:7a:09:13:df:85:1c:6f:35:d2:b3:b3:f8:25:bf:
                    c5:a4:ee:05:c0:e7:28:48:6b:f8:49:79:7d:bd:73:
                    17:36:30:e1:03:1d:da:89:c9:e0:97:b9:e0:0b:9b:
                    f3:c1:6d:84:25:0b:49:d7:2c:bc:a6:63:f0:2d:29:
                    8a:72:ad:db:a1:27:26:30:c8:1d:ec:30:02:76:e8:
                    89:7d:63:d5:bb:e7:80:92:3e:d4:42:df:1c:7f:33:
                    f5:dc:6f:09:25:40:ca:41:c7:29:ad:d3:69:56:6f:
                    31:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:53:4F:FF:2E:CF:9E:1D:92:7E:F4:3F:0B:A5:21:23:A3:EE:EE:C4
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:09:c7:4b:a5:61:9d:52:83:28:ed:66:b6:28:82:84:12:cb:
         78:38:f4:39:66:f9:81:a1:d4:31:f5:68:46:c8:11:16:37:a1:
         9a:0c:90:e7:95:1a:0c:16:0f:a7:34:5c:84:f0:44:f2:80:7b:
         f1:31:f4:ba:4d:00:da:07:0c:dd:2a:a8:6d:95:64:9a:ed:fb:
         27:61:ed:ad:a9:a1:70:da:44:22:4d:84:4a:04:49:f2:68:69:
         03:76:e6:46:a6:a8:88:6d:3b:65:63:25:15:ab:c0:93:5a:79:
         f0:47:ba:72:d7:df:fb:7c:f6:59:ec:57:55:46:5d:27:91:09:
         cf:44:f2:89:02:12:ea:d2:47:d7:51:d0:5a:14:14:c4:18:2f:
         41:71:9d:78:0b:4f:79:a3:26:a4:34:bb:ed:6d:1c:30:5a:08:
         20:ca:e3:4c:f3:2d:21:bc:36:00:cd:8a:ea:02:b4:03:88:a3:
         42:e7:4f:c1:fd:71:82:ef:6c:bd:0d:ed:27:74:e2:8d:8a:34:
         21:a5:92:2f:91:99:71:6d:c3:b2:9c:ab:2a:02:8d:63:3b:38:
         4e:bd:4d:af:cc:36:eb:4b:06:5d:b5:13:01:53:7a:d1:22:00:
         2c:9b:e8:98:8c:56:bd:27:cf:b9:7c:f5:fd:11:dd:6f:e3:62:
         52:57:42:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4fZkGkF4aNjOncbpfa3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUwODA0MDcwMDQ1WhcNMjUwODA1MDcwMDQ1WjAzMTEwLwYDVQQD
EyhkMDUzNGZmZjJlY2Y5ZTFkOTI3ZWY0M2YwYmE1MjEyM2EzZWVlZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt9B3xiGUapPqMmm/wfSYlO3sV1G
J1HF4JDg4IApKG+qzThcP/si7EMRtVhMXHblTYd+AXw9wJSiYfKU95OC0IcQqeTN
tpXXcbQeet5MeB0Hv48q4bpf8FoRKRd7w/vBa7AqrC7kLStpBf18MDVSxGh26V4m
rUOE8Kfmj2zHoAjxZZoLy4F6YvZWWYEB2fFadAMUXML7egkT34UcbzXSs7P4Jb/F
pO4FwOcoSGv4SXl9vXMXNjDhAx3aicngl7ngC5vzwW2EJQtJ1yy8pmPwLSmKcq3b
oScmMMgd7DACduiJfWPVu+eAkj7UQt8cfzP13G8JJUDKQccprdNpVm8xVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBTT/8uz54dkn70PwulISOj7u7EMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGwnHS6Vh
nVKDKO1mtiiChBLLeDj0OWb5gaHUMfVoRsgRFjehmgyQ55UaDBYPpzRchPBE8oB7
8TH0uk0A2gcM3SqobZVkmu37J2HtramhcNpEIk2ESgRJ8mhpA3bmRqaoiG07ZWMl
FavAk1p58Ee6ctff+3z2WexXVUZdJ5EJz0TyiQIS6tJH11HQWhQUxBgvQXGdeAtP
eaMmpDS77W0cMFoIIMrjTPMtIbw2AM2K6gK0A4ijQudPwf1xgu9svQ3tJ3TijYo0
IaWSL5GZcW3DspyrKgKNYzs4Tr1Nr8w260sGXbUTAVN60SIALJvomIxWvSfPuXz1
/RHdb+NiUldCRQ==
-----END CERTIFICATE-----