Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
File:                     D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft (raw, json)
Hash identifier:          RSYikGv455K0EFrHnipEbS9cKFfKFyxwPpDBehtcVh4=
Subject key identifier:   F2:14:6C:3E:11:B2:2E:3F:BA:DC:0D:9E:20:65:2E:7D:CA:81:A3:45
Authority key identifier: 0F:49:C4:9A:75:CF:6E:24:8C:9B:51:C7:05:4D:B2:F8:D9:DC:ED:CB
Certificate issuer:       /CN=0f49c49a75cf6e248c9b51c7054db2f8d9dcedcb
Certificate serial:       019873E1FA45536FAD7136E1631693B8033B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
Manifest number:          0B22
Signing time:             Mon 04 Aug 2025 07:00:45 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:45 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:45 +0000
Files and hashes:         1: D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl (hash: 3bmVKLsPCr1FEySqmtUJkQ7xVhjqdmwZ7iePgQpfpt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e1:fa:45:53:6f:ad:71:36:e1:63:16:93:b8:03:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f49c49a75cf6e248c9b51c7054db2f8d9dcedcb
        Validity
            Not Before: Aug  4 07:00:45 2025 GMT
            Not After : Aug  5 07:00:45 2025 GMT
        Subject: CN=f2146c3e11b22e3fbadc0d9e20652e7dca81a345
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:15:88:30:6d:6e:1f:89:c2:e6:c1:dc:a9:15:
                    95:f9:a1:a4:6a:97:4d:c4:54:45:0d:00:0d:93:25:
                    7d:8b:2c:b1:9d:21:af:f2:c9:54:17:3b:ac:4a:b4:
                    25:27:d8:44:1c:0e:7d:f8:48:94:b4:b9:6e:4a:f9:
                    1e:04:8e:52:f5:24:f2:25:4e:49:32:08:a8:e1:61:
                    1b:ca:9a:a2:ca:bf:6e:92:87:e0:7e:ba:83:3c:d2:
                    c5:a3:d2:7d:e1:6b:ff:c9:c5:15:3a:7a:5b:f4:51:
                    4c:a2:64:1b:ee:90:90:08:2d:31:00:b0:00:2a:71:
                    8c:97:09:38:f6:b5:c5:90:40:6c:4f:0e:1e:5d:f0:
                    81:3d:1a:09:e9:f5:42:0e:a1:f1:b5:ee:61:dc:57:
                    2e:9c:26:d5:f5:76:b9:2d:15:3a:f8:0e:ec:f7:52:
                    41:39:0e:d3:84:fe:44:df:2f:12:0a:28:97:cf:af:
                    b8:da:62:33:67:38:32:b6:c5:b1:ca:08:0e:a4:41:
                    3b:20:df:e2:eb:49:16:41:00:bd:01:3a:a8:71:2d:
                    24:c7:7e:2b:ee:0e:f8:47:2e:91:f2:22:6e:cd:4e:
                    21:51:af:9e:39:56:a7:48:f8:98:b1:df:25:22:d4:
                    ad:84:89:5c:f1:29:c6:6c:aa:20:36:3b:c2:38:8f:
                    0e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:14:6C:3E:11:B2:2E:3F:BA:DC:0D:9E:20:65:2E:7D:CA:81:A3:45
            X509v3 Authority Key Identifier:
                keyid:0F:49:C4:9A:75:CF:6E:24:8C:9B:51:C7:05:4D:B2:F8:D9:DC:ED:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:72:bd:ea:61:ed:39:91:78:b2:21:6d:a0:f6:cd:0e:a7:9b:
         2f:99:3b:fd:db:21:5a:25:63:8f:7d:47:3d:2f:64:7f:5a:d9:
         8c:3d:61:18:bc:cd:89:0c:53:df:52:eb:f5:4a:20:db:f2:bf:
         46:fb:d7:ed:cf:87:81:a0:e7:43:c6:bf:ed:c7:90:d1:41:16:
         99:98:e5:98:92:33:ea:fa:2a:8b:f0:d4:a6:c2:cd:ba:19:40:
         87:1d:90:40:72:16:56:f0:cd:a1:70:fa:59:fd:f6:5c:b9:3b:
         73:07:49:e9:e5:c7:7a:35:35:88:c6:25:37:28:db:2a:eb:48:
         f0:c9:e9:76:bb:fa:12:53:47:f1:2e:67:ca:41:c3:89:c1:c6:
         0d:9e:15:32:96:2c:d0:3e:2c:d7:9a:b8:ea:94:14:ba:43:ff:
         13:b9:2f:1c:8b:42:ff:33:2c:4e:99:2a:46:e9:1f:ef:c2:55:
         1a:02:c9:92:e6:03:b6:99:d5:9d:6a:71:77:09:6c:6d:23:92:
         84:64:a2:b8:ba:57:0d:89:8b:c8:02:f2:d1:62:af:be:11:03:
         26:bc:fb:7a:7b:3a:ef:ff:7d:48:a4:0e:1c:c8:b3:93:47:3c:
         8b:0d:59:1a:b3:23:83:7c:98:72:c4:a2:e5:14:7d:27:92:96:
         0f:cc:fb:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4fpFU2+tcTbhYxaTuAM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDljNDlhNzVjZjZlMjQ4YzliNTFjNzA1NGRiMmY4ZDlk
Y2VkY2IwHhcNMjUwODA0MDcwMDQ1WhcNMjUwODA1MDcwMDQ1WjAzMTEwLwYDVQQD
EyhmMjE0NmMzZTExYjIyZTNmYmFkYzBkOWUyMDY1MmU3ZGNhODFhMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshWIMG1uH4nC5sHcqRWV+aGkapdN
xFRFDQANkyV9iyyxnSGv8slUFzusSrQlJ9hEHA59+EiUtLluSvkeBI5S9STyJU5J
Mgio4WEbypqiyr9ukofgfrqDPNLFo9J94Wv/ycUVOnpb9FFMomQb7pCQCC0xALAA
KnGMlwk49rXFkEBsTw4eXfCBPRoJ6fVCDqHxte5h3FcunCbV9Xa5LRU6+A7s91JB
OQ7ThP5E3y8SCiiXz6+42mIzZzgytsWxyggOpEE7IN/i60kWQQC9ATqocS0kx34r
7g74Ry6R8iJuzU4hUa+eOVanSPiYsd8lItSthIlc8SnGbKogNjvCOI8OhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIUbD4Rsi4/utwNniBlLn3KgaNFMB8GA1UdIwQY
MBaAFA9JxJp1z24kjJtRxwVNsvjZ3O3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9jZWExNjEtY2I1Yy00ZTQxLWI4MzYt
ZDgwMDc3ZTEyYjVkLzEvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9jZWExNjEtY2I1Yy00ZTQxLWI4MzYtZDgwMDc3ZTEyYjVk
LzEvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc3K96mHt
OZF4siFtoPbNDqebL5k7/dshWiVjj31HPS9kf1rZjD1hGLzNiQxT31Lr9Uog2/K/
RvvX7c+HgaDnQ8a/7ceQ0UEWmZjlmJIz6voqi/DUpsLNuhlAhx2QQHIWVvDNoXD6
Wf32XLk7cwdJ6eXHejU1iMYlNyjbKutI8Mnpdrv6ElNH8S5nykHDicHGDZ4VMpYs
0D4s15q46pQUukP/E7kvHItC/zMsTpkqRukf78JVGgLJkuYDtpnVnWpxdwlsbSOS
hGSiuLpXDYmLyALy0WKvvhEDJrz7ens67/99SKQOHMizk0c8iw1ZGrMjg3yYcsSi
5RR9J5KWD8z7BA==
-----END CERTIFICATE-----