Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          sJTMqoZrU8Fb7OS6W4avKaBViCRMU+b5RnywHw7yWm4=
Subject key identifier:   67:D6:4A:8D:12:7D:C5:5F:6E:A3:C5:BC:20:0B:DF:AF:76:73:AF:25
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       01976BF40F13FE61228BA31336F03345214C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 01:00:46 +0000
Manifest this update:     Sat 14 Jun 2025 01:00:46 +0000
Manifest next update:     Sun 15 Jun 2025 01:00:46 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: JULNDUEE6UmlHLC49RA4yPi2KJuEB/6pYSOoLjlLpLc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:f4:0f:13:fe:61:22:8b:a3:13:36:f0:33:45:21:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Jun 14 01:00:46 2025 GMT
            Not After : Jun 15 01:00:46 2025 GMT
        Subject: CN=67d64a8d127dc55f6ea3c5bc200bdfaf7673af25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:af:94:e6:2a:84:c2:f9:b4:84:5c:ad:66:a7:
                    63:48:d0:88:8f:f7:04:37:63:45:a2:68:67:a6:d2:
                    d9:7a:eb:93:3e:6e:57:67:0a:5e:8a:fc:ce:84:fc:
                    29:a3:16:69:da:a2:4a:84:97:6a:95:c6:ae:c2:35:
                    b5:d9:0d:0f:22:14:be:34:7c:e5:de:8c:57:34:d3:
                    cd:5f:97:22:a2:c9:7e:73:48:ff:e5:74:4a:59:af:
                    1a:96:a6:80:4d:d7:9b:81:5b:07:75:4d:6d:4c:1e:
                    2f:55:4a:c8:70:33:77:b4:ac:58:f4:3f:6a:48:6c:
                    b6:23:db:4d:71:b6:9e:ea:34:a3:66:1e:3c:ab:1d:
                    f3:e0:99:cd:e7:84:0a:50:ef:fd:b1:15:76:a2:83:
                    8f:f2:d3:c2:99:4e:9f:90:34:ef:d6:e9:1e:fc:85:
                    73:3e:97:4c:22:82:b1:6d:43:d7:50:7e:be:66:c3:
                    b9:75:2a:80:65:c4:88:42:50:e2:46:2d:8a:80:bb:
                    f3:cd:79:1d:8a:a1:31:1b:6f:aa:1d:74:7a:c8:69:
                    19:96:c5:d4:e6:6f:e2:6c:10:c8:98:c5:82:ae:e3:
                    02:5a:c4:21:ff:3c:6d:37:ad:33:c4:16:b3:d2:3a:
                    13:cc:10:a5:f5:34:71:b6:c4:fd:fc:9f:89:8c:26:
                    19:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:D6:4A:8D:12:7D:C5:5F:6E:A3:C5:BC:20:0B:DF:AF:76:73:AF:25
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:54:e0:69:fd:2c:c6:6b:27:54:a8:9b:e1:88:0c:44:08:2e:
         eb:cb:47:3d:60:c2:3b:62:2b:00:7b:c4:8a:67:ee:ec:d0:e7:
         33:d8:44:6f:ed:29:91:f3:e2:c6:a2:89:6b:5a:08:5e:fd:bf:
         44:83:76:89:0b:8b:86:d2:bf:72:a3:b0:bd:e3:2c:91:a2:c9:
         f8:cd:9e:72:37:26:ae:06:1f:37:2d:69:50:30:40:f5:fd:58:
         a2:45:e2:a5:fa:7d:92:7b:52:53:3e:c4:92:5f:7b:d1:e4:f6:
         92:f1:42:4a:08:24:21:61:1e:60:a5:a2:fe:26:48:d6:5a:09:
         ec:46:6e:3d:66:47:5c:76:b1:e8:85:76:06:40:cf:cc:5f:7c:
         b5:0b:f8:92:3b:53:86:96:f8:30:5e:05:50:a4:79:81:25:5d:
         e0:58:bc:07:32:74:51:15:53:48:ae:b9:4c:5f:07:88:24:13:
         72:fc:a0:92:bc:34:05:33:38:c3:b6:5b:a1:e3:20:7a:58:61:
         f7:fb:87:df:2b:ba:77:24:a3:4d:0f:26:cb:01:f9:fc:88:62:
         96:f8:7e:22:bf:bb:57:55:e2:17:37:4e:18:44:3a:e7:54:68:
         52:23:24:7f:8c:3d:4d:a6:c1:c1:c5:61:b6:7b:36:8a:c6:a4:
         6d:3f:10:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdr9A8T/mEii6MTNvAzRSFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjUwNjE0MDEwMDQ2WhcNMjUwNjE1MDEwMDQ2WjAzMTEwLwYDVQQD
Eyg2N2Q2NGE4ZDEyN2RjNTVmNmVhM2M1YmMyMDBiZGZhZjc2NzNhZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0q+U5iqEwvm0hFytZqdjSNCIj/cE
N2NFomhnptLZeuuTPm5XZwpeivzOhPwpoxZp2qJKhJdqlcauwjW12Q0PIhS+NHzl
3oxXNNPNX5ciosl+c0j/5XRKWa8alqaATdebgVsHdU1tTB4vVUrIcDN3tKxY9D9q
SGy2I9tNcbae6jSjZh48qx3z4JnN54QKUO/9sRV2ooOP8tPCmU6fkDTv1uke/IVz
PpdMIoKxbUPXUH6+ZsO5dSqAZcSIQlDiRi2KgLvzzXkdiqExG2+qHXR6yGkZlsXU
5m/ibBDImMWCruMCWsQh/zxtN60zxBaz0joTzBCl9TRxtsT9/J+JjCYZXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfWSo0SfcVfbqPFvCAL3692c68lMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHlTgaf0s
xmsnVKib4YgMRAgu68tHPWDCO2IrAHvEimfu7NDnM9hEb+0pkfPixqKJa1oIXv2/
RIN2iQuLhtK/cqOwveMskaLJ+M2ecjcmrgYfNy1pUDBA9f1YokXipfp9kntSUz7E
kl970eT2kvFCSggkIWEeYKWi/iZI1loJ7EZuPWZHXHax6IV2BkDPzF98tQv4kjtT
hpb4MF4FUKR5gSVd4Fi8BzJ0URVTSK65TF8HiCQTcvygkrw0BTM4w7ZboeMgelhh
9/uH3yu6dySjTQ8mywH5/Ihilvh+Ir+7V1XiFzdOGEQ651RoUiMkf4w9TabBwcVh
tns2isakbT8QkA==
-----END CERTIFICATE-----