Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          i2cCKAPSSaETAvykl6hqn+P3rVcJtpXjKLXcYOCYsqk=
Subject key identifier:   6A:77:FB:D6:1B:30:D5:94:C4:06:58:C8:0E:EC:F8:51:3A:25:E9:AA
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       0198801D6A8A1DFD7A53B7059982310E1F74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          161A
Signing time:             Wed 06 Aug 2025 16:01:08 +0000
Manifest this update:     Wed 06 Aug 2025 16:01:08 +0000
Manifest next update:     Thu 07 Aug 2025 16:01:08 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: iPej7LF7aWv3i0HPO0TAK60c6sKlxCT/CBEVUJMsSYQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 14:26:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:1d:6a:8a:1d:fd:7a:53:b7:05:99:82:31:0e:1f:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Aug  6 16:01:08 2025 GMT
            Not After : Aug  7 16:01:08 2025 GMT
        Subject: CN=6a77fbd61b30d594c40658c80eecf8513a25e9aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:cd:2a:6b:7d:80:62:51:39:37:6b:67:b0:e9:
                    cd:10:58:5c:1a:1b:b2:6e:8a:ff:dc:60:60:c9:ab:
                    70:39:4d:f4:0d:2d:17:7e:14:57:d1:ac:1c:88:bc:
                    9f:0a:98:15:c7:62:ac:e2:0a:ad:d8:53:6f:03:88:
                    e9:02:01:ce:61:69:c1:77:a7:0c:4f:a5:6d:17:3f:
                    c1:38:a5:53:d8:70:dc:fa:ac:68:77:07:27:46:9e:
                    a9:9d:03:91:f1:79:25:08:73:c6:64:69:6c:c3:7d:
                    1e:12:bc:1b:f2:2e:ec:e7:95:37:be:fd:66:26:1d:
                    d7:ad:5b:7c:bb:43:19:a8:56:67:b7:0c:fc:dd:ff:
                    4b:8d:1e:4e:33:8c:4f:96:14:01:4e:d2:cd:e0:a3:
                    a4:fd:ed:f4:8d:5c:a2:5d:77:f4:b3:22:65:d0:6d:
                    ad:45:62:0c:3e:88:ba:96:27:fb:ea:49:08:96:bf:
                    83:48:e6:d6:25:91:8b:b0:20:46:ea:39:a0:a1:28:
                    61:0e:e3:3e:d3:25:3a:37:9b:6d:d4:bd:fd:47:0e:
                    3f:55:80:a7:3e:6d:ed:d4:e1:14:b2:7d:7e:29:c7:
                    71:d1:10:a0:bd:f7:3d:ce:91:fc:a4:13:d6:8a:af:
                    d9:28:bc:ee:ed:6b:ad:5e:ea:1e:fb:37:54:6c:cc:
                    f9:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:77:FB:D6:1B:30:D5:94:C4:06:58:C8:0E:EC:F8:51:3A:25:E9:AA
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:69:16:ad:8b:06:4a:62:28:3c:ba:75:ac:a1:ba:b4:f4:d4:
         5c:fd:80:51:c9:b2:46:12:ab:95:8f:c0:86:9c:8a:8c:de:ca:
         9a:82:74:35:04:d5:b0:3c:4e:19:57:48:60:8d:88:e0:e3:e9:
         c4:03:3a:dd:34:45:c1:6c:c1:ce:81:55:13:cd:63:63:c1:e6:
         17:62:de:4d:83:ea:47:98:a3:9a:65:b9:3b:ea:65:59:61:48:
         42:53:cf:85:96:b0:e6:74:1e:ea:9b:23:3e:17:d8:77:ea:e6:
         2d:25:26:04:3f:fa:c0:f5:b3:5e:93:8f:72:f4:21:69:0d:18:
         2d:0d:46:66:5a:d2:f7:d3:d3:b3:68:d5:0b:f9:7b:a2:20:d1:
         29:34:7b:47:4a:b8:d2:18:a5:8d:c9:42:3d:bd:3e:b5:41:a2:
         ed:47:07:03:f6:db:8f:b5:2b:87:73:e6:e2:7e:cc:f3:d2:f7:
         39:51:fb:bd:23:dd:28:c3:f2:04:aa:28:6b:b5:a0:95:37:8c:
         b1:7b:fe:89:e2:a7:b4:38:24:7f:fa:cd:88:f3:ba:97:38:f8:
         0c:e6:ee:a7:a6:29:c2:07:82:45:df:0d:d9:0f:ae:4c:f3:f8:
         f6:e0:ea:2b:10:58:5e:8b:93:3c:87:cd:67:09:20:2d:0f:1d:
         5c:37:bc:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAHWqKHf16U7cFmYIxDh90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjUwODA2MTYwMTA4WhcNMjUwODA3MTYwMTA4WjAzMTEwLwYDVQQD
Eyg2YTc3ZmJkNjFiMzBkNTk0YzQwNjU4YzgwZWVjZjg1MTNhMjVlOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM0qa32AYlE5N2tnsOnNEFhcGhuy
bor/3GBgyatwOU30DS0XfhRX0awciLyfCpgVx2Ks4gqt2FNvA4jpAgHOYWnBd6cM
T6VtFz/BOKVT2HDc+qxodwcnRp6pnQOR8XklCHPGZGlsw30eErwb8i7s55U3vv1m
Jh3XrVt8u0MZqFZntwz83f9LjR5OM4xPlhQBTtLN4KOk/e30jVyiXXf0syJl0G2t
RWIMPoi6lif76kkIlr+DSObWJZGLsCBG6jmgoShhDuM+0yU6N5tt1L39Rw4/VYCn
Pm3t1OEUsn1+Kcdx0RCgvfc9zpH8pBPWiq/ZKLzu7WutXuoe+zdUbMz5kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGp3+9YbMNWUxAZYyA7s+FE6JemqMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlmkWrYsG
SmIoPLp1rKG6tPTUXP2AUcmyRhKrlY/AhpyKjN7KmoJ0NQTVsDxOGVdIYI2I4OPp
xAM63TRFwWzBzoFVE81jY8HmF2LeTYPqR5ijmmW5O+plWWFIQlPPhZaw5nQe6psj
PhfYd+rmLSUmBD/6wPWzXpOPcvQhaQ0YLQ1GZlrS99PTs2jVC/l7oiDRKTR7R0q4
0hiljclCPb0+tUGi7UcHA/bbj7Urh3Pm4n7M89L3OVH7vSPdKMPyBKooa7WglTeM
sXv+ieKntDgkf/rNiPO6lzj4DObup6YpwgeCRd8N2Q+uTPP49uDqKxBYXouTPIfN
ZwkgLQ8dXDe8lg==
-----END CERTIFICATE-----