Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          GD6geYW8fManQAg98axy5674wCW8LodVvTl2tlqfUp0=
Subject key identifier:   9B:BE:B1:F0:73:D6:45:E5:26:0C:4D:33:F2:DC:51:7D:9A:4C:73:2B
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019A4EF4A1BDD8317DF8AE1F3564BEA00A7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          129C
Signing time:             Tue 04 Nov 2025 13:00:46 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:46 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:46 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: 7Z7KNByrEfx4h1i3B4Dy/NhMwBinUcgJBLgC2Ox6CZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:a1:bd:d8:31:7d:f8:ae:1f:35:64:be:a0:0a:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Nov  4 13:00:46 2025 GMT
            Not After : Nov  5 13:00:46 2025 GMT
        Subject: CN=9bbeb1f073d645e5260c4d33f2dc517d9a4c732b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:8a:ec:d2:49:3b:56:c4:72:cf:85:6a:b8:82:
                    70:33:14:f2:8d:66:51:17:f5:ec:ae:d5:91:c2:eb:
                    53:f5:05:a7:c9:3d:13:6f:82:3d:26:d2:d9:9d:25:
                    cf:c8:cb:53:76:b2:a3:f6:5a:ee:f3:af:4c:b9:14:
                    65:ff:4a:3f:69:9a:5f:c8:3a:30:b9:37:b3:f4:ca:
                    11:20:81:92:23:3f:99:30:1c:e0:62:e8:95:d6:19:
                    dc:91:c6:89:fb:48:fd:98:92:73:26:3d:eb:e5:2b:
                    1a:29:c9:c8:9f:ce:9f:1a:03:6c:6a:34:3a:3a:73:
                    7e:88:04:4b:f6:1a:b5:32:83:75:d2:97:35:da:b1:
                    3f:09:b7:0a:cd:8d:7c:d4:c6:6d:44:70:b1:ce:03:
                    b3:d0:2a:5b:83:d6:46:a3:bc:a2:d8:32:fc:5b:2d:
                    66:4d:53:4c:76:25:08:e0:8a:6f:8a:13:d6:10:ea:
                    cc:d6:7d:d0:fb:8d:53:93:1c:b2:58:ba:70:d0:69:
                    fd:80:30:40:48:87:eb:04:09:0e:1b:cd:e8:43:eb:
                    05:a5:c5:75:18:5b:d3:07:ab:0d:49:b6:a3:53:77:
                    2b:f4:5d:e4:49:4a:f8:63:e6:2a:a0:2d:0f:13:06:
                    ba:25:06:c8:fa:fd:07:e0:b0:79:14:53:8b:63:e8:
                    85:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:BE:B1:F0:73:D6:45:E5:26:0C:4D:33:F2:DC:51:7D:9A:4C:73:2B
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:51:f5:84:43:c4:ca:61:b5:22:30:99:77:58:82:56:ce:3b:
         c5:a7:57:20:a5:69:e7:a0:34:07:27:ca:b5:2f:cc:83:a3:f6:
         55:a4:4d:8e:56:21:b0:66:b8:59:5b:f6:73:ec:46:2c:2f:c7:
         5d:86:2a:81:e3:16:30:cf:cf:68:72:e9:3f:f0:d8:83:87:35:
         17:19:98:2a:13:f3:cd:e9:8a:4f:54:38:e2:1f:67:bd:11:0a:
         1f:f8:ab:56:68:8b:0e:f5:dd:b1:b5:a1:81:8a:b4:6e:53:99:
         fe:56:75:ef:48:9b:d9:f1:60:69:28:4e:8f:8c:16:8b:53:14:
         8f:a2:ae:98:ac:b7:99:3c:df:9e:12:cd:7c:fe:37:85:f9:aa:
         76:99:81:50:b4:51:81:40:b7:06:85:b5:ca:99:84:cd:f9:98:
         25:18:a2:56:96:e1:36:1e:3c:bc:57:a5:4d:09:c4:0a:8d:fb:
         e7:2b:0a:2f:8b:93:28:2e:2f:17:ce:35:ee:f4:3d:97:ec:66:
         22:ea:c4:d0:3a:31:04:3b:27:93:f7:c0:4b:0b:51:bc:79:cd:
         96:6d:42:69:c6:13:ce:22:6d:fd:d5:2f:6e:6a:bf:b2:73:41:
         9d:84:c3:51:6a:53:58:35:1d:32:96:28:f4:22:c1:7f:84:e3:
         4a:f7:9f:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9KG92DF9+K4fNWS+oAp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjUxMTA0MTMwMDQ2WhcNMjUxMTA1MTMwMDQ2WjAzMTEwLwYDVQQD
Eyg5YmJlYjFmMDczZDY0NWU1MjYwYzRkMzNmMmRjNTE3ZDlhNGM3MzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4rs0kk7VsRyz4VquIJwMxTyjWZR
F/XsrtWRwutT9QWnyT0Tb4I9JtLZnSXPyMtTdrKj9lru869MuRRl/0o/aZpfyDow
uTez9MoRIIGSIz+ZMBzgYuiV1hnckcaJ+0j9mJJzJj3r5SsaKcnIn86fGgNsajQ6
OnN+iARL9hq1MoN10pc12rE/CbcKzY181MZtRHCxzgOz0Cpbg9ZGo7yi2DL8Wy1m
TVNMdiUI4IpvihPWEOrM1n3Q+41TkxyyWLpw0Gn9gDBASIfrBAkOG83oQ+sFpcV1
GFvTB6sNSbajU3cr9F3kSUr4Y+YqoC0PEwa6JQbI+v0H4LB5FFOLY+iF8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJu+sfBz1kXlJgxNM/LcUX2aTHMrMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg1H1hEPE
ymG1IjCZd1iCVs47xadXIKVp56A0ByfKtS/Mg6P2VaRNjlYhsGa4WVv2c+xGLC/H
XYYqgeMWMM/PaHLpP/DYg4c1FxmYKhPzzemKT1Q44h9nvREKH/irVmiLDvXdsbWh
gYq0blOZ/lZ170ib2fFgaShOj4wWi1MUj6KumKy3mTzfnhLNfP43hfmqdpmBULRR
gUC3BoW1ypmEzfmYJRiiVpbhNh48vFelTQnECo375ysKL4uTKC4vF8417vQ9l+xm
IurE0DoxBDsnk/fASwtRvHnNlm1CacYTziJt/dUvbmq/snNBnYTDUWpTWDUdMpYo
9CLBf4TjSvefgA==
-----END CERTIFICATE-----