Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          qc4x/iRL1vXCLAyYmBCmZzGlUeupcurBkC+/dQ1DMc8=
Subject key identifier:   1B:35:68:70:E9:FD:59:11:E1:61:EE:B3:15:2F:C0:54:8F:82:81:AB
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       019885438D50D41D05D84FE072CA3F88BFD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          15AE
Signing time:             Thu 07 Aug 2025 16:00:53 +0000
Manifest this update:     Thu 07 Aug 2025 16:00:53 +0000
Manifest next update:     Fri 08 Aug 2025 16:00:53 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: kKaDE2sLHUcyiowvhdY3oa8oflUKnJi7gSSRP7n2Row=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 16:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:85:43:8d:50:d4:1d:05:d8:4f:e0:72:ca:3f:88:bf:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Aug  7 16:00:53 2025 GMT
            Not After : Aug  8 16:00:53 2025 GMT
        Subject: CN=1b356870e9fd5911e161eeb3152fc0548f8281ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:24:73:59:28:44:1e:c2:b3:bb:e4:2d:8c:de:
                    b8:fe:03:44:fa:67:de:e0:5a:5a:a5:21:b3:e6:df:
                    3c:3d:7c:f9:c7:66:6b:d0:c0:ee:61:f4:41:e9:c6:
                    ae:7d:ac:4b:3d:1e:a4:66:35:04:54:22:ec:14:20:
                    07:3c:bc:e2:ec:9c:d9:2b:ed:09:7b:81:b6:e8:b8:
                    a6:bb:18:5d:f6:3e:7f:c8:8c:27:a7:d8:f0:c0:89:
                    3f:81:59:0c:4a:b8:26:fc:97:c6:19:b5:ba:46:7e:
                    50:a7:f4:3d:e2:ac:67:3b:a8:cc:30:8c:47:d1:1d:
                    4e:ff:e7:f9:3e:14:ed:09:ee:6e:6e:fb:4a:64:d7:
                    1b:73:91:e7:b3:2d:ca:c9:c5:7f:99:67:e6:11:34:
                    e1:c7:72:34:10:33:a7:80:3e:9c:bf:40:2b:0a:7e:
                    a4:04:3a:7b:87:83:29:80:53:92:87:c8:51:10:d4:
                    ab:99:5c:67:06:82:35:8a:29:28:e9:cf:88:a8:63:
                    23:fc:3e:9a:31:64:e5:d9:3d:c1:61:8a:6c:41:d9:
                    e8:2d:7f:9f:f6:e5:2d:7e:a2:43:bb:73:b0:4b:2c:
                    84:b7:98:19:98:8d:98:c5:c3:85:0c:18:2a:6c:17:
                    6b:9d:bf:75:27:ef:97:84:11:ff:e8:15:9e:4c:ce:
                    3b:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:35:68:70:E9:FD:59:11:E1:61:EE:B3:15:2F:C0:54:8F:82:81:AB
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:3b:39:74:2a:d8:d0:82:05:03:b8:b2:31:fa:c9:0a:8c:ce:
         eb:61:39:d5:f0:ce:e7:c7:d3:ee:80:23:12:f2:fd:6c:ef:f2:
         23:31:d8:11:8f:44:ce:07:ba:aa:e6:aa:d0:23:37:1a:72:f4:
         0a:3b:ca:3b:57:2c:af:80:89:05:1b:03:00:b2:b2:04:2d:62:
         3f:39:14:4b:4b:d5:2a:b7:2d:e3:bf:eb:ca:c7:5c:e9:fc:ec:
         f9:59:96:f2:f7:9e:09:4e:97:96:14:cc:10:ad:d0:61:98:64:
         8b:66:53:00:b2:5c:83:1d:7b:47:2c:92:c8:aa:5e:30:64:d0:
         4b:46:33:5c:f4:51:9c:98:7b:8d:c6:7e:c7:40:2f:ce:b5:e0:
         fc:8c:dd:dc:e3:17:be:0b:3b:01:fd:ef:01:56:e3:1d:f3:21:
         6f:df:6c:c6:b3:3d:69:8b:e3:b6:d8:5b:7c:86:7f:bf:3d:9a:
         77:3b:da:72:82:7b:c0:fc:8d:16:c2:8e:d5:b1:22:08:3f:0e:
         90:d7:c1:d8:17:d0:62:0d:c7:c5:b4:98:3b:7c:1c:1d:ce:2b:
         8c:70:1e:ab:f3:0b:ae:ac:50:f9:e1:a8:50:89:cf:f9:3b:e2:
         17:16:4d:6e:31:f8:b5:57:5d:b2:ef:7d:13:16:50:14:6b:f6:
         11:cd:38:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiFQ41Q1B0F2E/gcso/iL/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjUwODA3MTYwMDUzWhcNMjUwODA4MTYwMDUzWjAzMTEwLwYDVQQD
EygxYjM1Njg3MGU5ZmQ1OTExZTE2MWVlYjMxNTJmYzA1NDhmODI4MWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iRzWShEHsKzu+QtjN64/gNE+mfe
4FpapSGz5t88PXz5x2Zr0MDuYfRB6caufaxLPR6kZjUEVCLsFCAHPLzi7JzZK+0J
e4G26Limuxhd9j5/yIwnp9jwwIk/gVkMSrgm/JfGGbW6Rn5Qp/Q94qxnO6jMMIxH
0R1O/+f5PhTtCe5ubvtKZNcbc5Hnsy3KycV/mWfmETThx3I0EDOngD6cv0ArCn6k
BDp7h4MpgFOSh8hRENSrmVxnBoI1iiko6c+IqGMj/D6aMWTl2T3BYYpsQdnoLX+f
9uUtfqJDu3OwSyyEt5gZmI2YxcOFDBgqbBdrnb91J++XhBH/6BWeTM47OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBs1aHDp/VkR4WHusxUvwFSPgoGrMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcTs5dCrY
0IIFA7iyMfrJCozO62E51fDO58fT7oAjEvL9bO/yIzHYEY9Ezge6quaq0CM3GnL0
CjvKO1csr4CJBRsDALKyBC1iPzkUS0vVKrct47/rysdc6fzs+VmW8veeCU6XlhTM
EK3QYZhki2ZTALJcgx17RyySyKpeMGTQS0YzXPRRnJh7jcZ+x0AvzrXg/Izd3OMX
vgs7Af3vAVbjHfMhb99sxrM9aYvjtthbfIZ/vz2adzvacoJ7wPyNFsKO1bEiCD8O
kNfB2BfQYg3HxbSYO3wcHc4rjHAeq/MLrqxQ+eGoUInP+TviFxZNbjH4tVddsu99
ExZQFGv2Ec04Fg==
-----END CERTIFICATE-----