Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft
File:                     Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft (raw, json)
Hash identifier:          YNtF89v+VDoD3oSRTTgztbfnxPTniXxSdKd0vQH7IGk=
Subject key identifier:   45:03:AC:23:9A:F0:9E:00:68:40:31:14:87:80:2A:1B:DD:C9:80:E9
Authority key identifier: 0E:87:E5:D3:3A:9B:28:BE:7F:1A:F8:BC:9C:13:8B:15:80:90:F1:89
Certificate issuer:       /CN=0e87e5d33a9b28be7f1af8bc9c138b158090f189
Certificate serial:       019A4E865E44DAFE9F8CD3A368F1A3F74CBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft
Manifest number:          0579
Signing time:             Tue 04 Nov 2025 11:00:20 +0000
Manifest this update:     Tue 04 Nov 2025 11:00:20 +0000
Manifest next update:     Wed 05 Nov 2025 11:00:20 +0000
Files and hashes:         1: Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.crl (hash: 2bB4vlcjasSukbpx+Q4kvsUmnE0jaReXW7BlGrAqlMY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:86:5e:44:da:fe:9f:8c:d3:a3:68:f1:a3:f7:4c:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e87e5d33a9b28be7f1af8bc9c138b158090f189
        Validity
            Not Before: Nov  4 11:00:20 2025 GMT
            Not After : Nov  5 11:00:20 2025 GMT
        Subject: CN=4503ac239af09e006840311487802a1bddc980e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:0c:e5:5a:90:74:31:99:0d:c2:4e:31:eb:f1:
                    d8:86:02:0e:9d:1d:f5:37:28:93:39:c6:88:1a:15:
                    0e:fd:13:c5:56:14:30:66:a8:e5:4a:47:5d:7d:f6:
                    36:9d:0b:26:ba:a7:17:07:02:40:cd:76:0e:7f:7b:
                    82:d0:89:e6:d2:44:87:9a:a9:ef:53:dc:aa:9d:37:
                    ab:7f:66:3e:d4:96:e9:40:1b:eb:20:26:09:24:8c:
                    54:d3:39:42:2c:28:37:7c:ae:38:e0:f5:0b:b2:7a:
                    0d:75:22:69:9f:b7:e5:5a:52:1d:9f:8c:fe:63:53:
                    2d:59:13:9d:c2:45:be:ff:2b:4b:c7:04:2f:84:47:
                    a1:e5:f8:2d:ce:d1:f8:73:7e:f4:fe:08:13:38:1d:
                    ba:a1:e5:09:cc:d2:25:a9:d3:41:5f:6d:e4:f3:a4:
                    06:fc:8c:00:ab:f8:e7:b0:bb:1f:2f:a1:5c:d6:0b:
                    79:5e:50:ca:1f:f5:d9:23:01:05:71:50:e7:d0:96:
                    c6:af:78:6c:44:c6:99:b2:62:d5:ac:94:7a:b5:a9:
                    40:12:a1:05:db:db:90:8d:e6:15:79:bb:3d:fc:57:
                    91:9e:be:e4:f2:7e:a2:54:ed:bf:f7:ce:3d:85:29:
                    71:6f:68:7d:b4:4f:58:9d:ea:72:c9:7a:a5:d7:73:
                    bd:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:03:AC:23:9A:F0:9E:00:68:40:31:14:87:80:2A:1B:DD:C9:80:E9
            X509v3 Authority Key Identifier:
                keyid:0E:87:E5:D3:3A:9B:28:BE:7F:1A:F8:BC:9C:13:8B:15:80:90:F1:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e0a25c-d527-4c75-a1bb-3ef640f937c4/1/Dofl0zqbKL5_Gvi8nBOLFYCQ8Yk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:81:14:44:0c:d4:d0:d0:98:85:d6:7b:87:4e:ee:70:0f:3d:
         12:82:04:9e:07:11:d9:23:17:f2:e2:fd:0f:89:37:66:3c:68:
         41:6b:50:68:99:c0:7a:40:cd:84:ca:0d:87:7b:ba:ba:15:75:
         ef:39:4a:24:05:64:62:42:4d:bc:6e:e1:5f:1c:06:c3:8e:28:
         46:20:cd:fc:7a:b6:c3:f2:12:4b:fd:0d:27:b5:6f:f0:d3:18:
         1f:1d:ab:51:6f:fc:6b:5f:ef:ce:f6:f9:c1:66:ef:f5:1c:08:
         99:14:d9:73:30:9b:3e:42:50:a5:26:78:32:b2:3b:99:8c:ad:
         16:eb:13:82:c9:42:8c:e7:da:19:ab:9e:83:86:8e:fa:cf:40:
         71:13:1e:bd:e0:8a:b9:1b:07:f6:01:a3:78:2f:74:03:96:bc:
         f7:b7:0b:88:1c:b2:7a:a7:68:6b:9b:dd:fa:70:4f:5c:fa:6c:
         80:f4:84:f5:18:86:d3:fc:3e:ab:ed:02:66:e7:75:16:c7:51:
         2c:ae:14:e9:3e:92:d5:43:80:5b:5f:e1:3b:0c:5e:05:a1:73:
         53:d5:e7:57:a6:1c:f1:f0:52:06:0d:b9:cc:75:a4:20:ee:33:
         96:91:eb:ed:4c:22:00:f5:16:fc:23:1a:34:a5:69:24:2f:37:
         e8:c4:54:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhl5E2v6fjNOjaPGj90y+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODdlNWQzM2E5YjI4YmU3ZjFhZjhiYzljMTM4YjE1ODA5
MGYxODkwHhcNMjUxMTA0MTEwMDIwWhcNMjUxMTA1MTEwMDIwWjAzMTEwLwYDVQQD
Eyg0NTAzYWMyMzlhZjA5ZTAwNjg0MDMxMTQ4NzgwMmExYmRkYzk4MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQzlWpB0MZkNwk4x6/HYhgIOnR31
NyiTOcaIGhUO/RPFVhQwZqjlSkddffY2nQsmuqcXBwJAzXYOf3uC0Inm0kSHmqnv
U9yqnTerf2Y+1JbpQBvrICYJJIxU0zlCLCg3fK444PULsnoNdSJpn7flWlIdn4z+
Y1MtWROdwkW+/ytLxwQvhEeh5fgtztH4c370/ggTOB26oeUJzNIlqdNBX23k86QG
/IwAq/jnsLsfL6Fc1gt5XlDKH/XZIwEFcVDn0JbGr3hsRMaZsmLVrJR6talAEqEF
29uQjeYVebs9/FeRnr7k8n6iVO2/9849hSlxb2h9tE9YnepyyXql13O9EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUDrCOa8J4AaEAxFIeAKhvdyYDpMB8GA1UdIwQY
MBaAFA6H5dM6myi+fxr4vJwTixWAkPGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9mbDB6cWJLTDVfR3ZpOG5CT0xGWUNROFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lMGEyNWMtZDUyNy00Yzc1LWExYmIt
M2VmNjQwZjkzN2M0LzEvRG9mbDB6cWJLTDVfR3ZpOG5CT0xGWUNROFlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lMGEyNWMtZDUyNy00Yzc1LWExYmItM2VmNjQwZjkzN2M0
LzEvRG9mbDB6cWJLTDVfR3ZpOG5CT0xGWUNROFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaoEURAzU
0NCYhdZ7h07ucA89EoIEngcR2SMX8uL9D4k3ZjxoQWtQaJnAekDNhMoNh3u6uhV1
7zlKJAVkYkJNvG7hXxwGw44oRiDN/Hq2w/ISS/0NJ7Vv8NMYHx2rUW/8a1/vzvb5
wWbv9RwImRTZczCbPkJQpSZ4MrI7mYytFusTgslCjOfaGaueg4aO+s9AcRMeveCK
uRsH9gGjeC90A5a897cLiByyeqdoa5vd+nBPXPpsgPSE9RiG0/w+q+0CZud1FsdR
LK4U6T6S1UOAW1/hOwxeBaFzU9XnV6Yc8fBSBg25zHWkIO4zlpHr7UwiAPUW/CMa
NKVpJC836MRUZg==
-----END CERTIFICATE-----