Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft
File:                     Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft (raw, json)
Hash identifier:          TN0vvlc5cMLOI0pq59Mj1FHncqbhMmFZrrxYu2Mk65c=
Subject key identifier:   34:92:DD:B0:A2:C7:84:70:3D:F3:CB:21:07:CB:F0:42:76:2F:BC:4F
Authority key identifier: 0E:8C:E0:A6:AB:B8:EE:50:D4:4B:3B:AE:42:D4:A2:54:9F:FB:82:40
Certificate issuer:       /CN=0e8ce0a6abb8ee50d44b3bae42d4a2549ffb8240
Certificate serial:       019A4EF587A09CC5D0494E790A621E8E58C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dozgpqu47lDUSzuuQtSiVJ_7gkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft
Manifest number:          154A
Signing time:             Tue 04 Nov 2025 13:01:44 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:44 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:44 +0000
Files and hashes:         1: Dozgpqu47lDUSzuuQtSiVJ_7gkA.crl (hash: QaHVoKx/zIzD0YMamRnj1r14HLyJgDLvSjHAG+HyWB4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dozgpqu47lDUSzuuQtSiVJ_7gkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:87:a0:9c:c5:d0:49:4e:79:0a:62:1e:8e:58:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e8ce0a6abb8ee50d44b3bae42d4a2549ffb8240
        Validity
            Not Before: Nov  4 13:01:44 2025 GMT
            Not After : Nov  5 13:01:44 2025 GMT
        Subject: CN=3492ddb0a2c784703df3cb2107cbf042762fbc4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:32:82:32:70:0a:b1:58:f8:c5:2e:da:4b:68:
                    f3:a6:68:a4:8e:6f:81:96:48:fb:65:81:9f:04:33:
                    a4:ef:c5:50:e5:c5:81:3d:c2:05:8e:0e:b9:af:ec:
                    7c:bb:09:63:fc:ef:83:c4:59:5e:0e:63:fb:43:1e:
                    95:b2:07:e4:93:77:20:41:4e:3c:e6:02:08:f7:38:
                    48:9b:25:9b:b9:0a:08:aa:48:23:6e:ca:f1:44:75:
                    c2:ab:9e:08:34:1c:f2:27:b9:d0:2b:43:5a:45:68:
                    9a:0b:13:49:10:e0:2f:1a:ba:6d:c4:57:de:69:47:
                    12:6c:e4:e6:9c:3e:6e:1e:86:19:fe:d3:c8:e1:b3:
                    26:44:ed:aa:27:e7:a0:5b:6a:21:9d:e3:a9:fb:58:
                    5f:79:71:9b:d2:ae:25:e2:61:7a:dd:85:56:6d:44:
                    8b:00:89:e0:db:3c:db:26:83:7e:ee:06:ca:d8:22:
                    ff:cd:ad:0a:f7:d6:4c:d7:9d:62:86:ae:ac:07:26:
                    f9:43:4d:00:ae:33:86:83:75:a1:a2:57:1f:c5:9e:
                    4a:85:62:ab:ca:72:e6:16:dd:57:96:cf:d1:df:a8:
                    9c:95:62:d8:22:d6:52:f7:9c:78:44:1e:6a:3e:12:
                    16:1b:be:f6:ad:1a:3c:07:33:08:8e:a6:5c:5a:96:
                    1b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:92:DD:B0:A2:C7:84:70:3D:F3:CB:21:07:CB:F0:42:76:2F:BC:4F
            X509v3 Authority Key Identifier:
                keyid:0E:8C:E0:A6:AB:B8:EE:50:D4:4B:3B:AE:42:D4:A2:54:9F:FB:82:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dozgpqu47lDUSzuuQtSiVJ_7gkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:a2:78:fd:6a:ac:b1:58:f3:03:fe:e9:6b:cf:58:13:bd:a6:
         c3:2c:3b:9c:d4:60:65:70:49:25:3e:48:db:e5:8f:fd:81:ae:
         27:ea:f9:9a:ef:db:58:00:b9:20:4a:c2:e2:f0:95:0b:09:23:
         42:d2:61:fa:3c:2c:d4:16:cf:3e:d5:23:ca:95:48:ab:78:bd:
         dc:fc:ab:7c:d0:e0:1b:1e:41:6a:d1:28:68:68:36:f0:14:17:
         99:bb:09:59:25:1a:fd:18:84:37:22:1b:f8:5f:c8:4b:9d:a1:
         28:62:a2:d3:72:0e:75:42:29:3b:87:4d:f9:45:02:da:5f:b1:
         09:d5:75:a7:db:58:c6:ab:c5:23:65:5f:f9:12:47:da:9b:90:
         ac:37:fa:63:59:1f:c5:37:a5:79:9e:b9:ff:75:a8:f5:c7:f8:
         56:95:2c:33:c4:c6:04:9f:03:65:a3:24:63:eb:1d:dd:c7:3d:
         a8:92:5a:5d:ef:55:b0:c7:98:29:9f:e7:b7:ea:d8:13:38:67:
         64:fc:70:22:50:4a:c6:85:17:e4:5e:c3:97:2c:91:b0:a5:93:
         94:62:62:26:10:28:84:73:0f:ba:20:08:96:bc:17:cd:13:26:
         5d:56:b6:66:37:1b:32:34:d6:96:4d:b1:37:4a:0f:b0:e9:21:
         2e:66:27:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9YegnMXQSU55CmIejljHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlOGNlMGE2YWJiOGVlNTBkNDRiM2JhZTQyZDRhMjU0OWZm
YjgyNDAwHhcNMjUxMTA0MTMwMTQ0WhcNMjUxMTA1MTMwMTQ0WjAzMTEwLwYDVQQD
EygzNDkyZGRiMGEyYzc4NDcwM2RmM2NiMjEwN2NiZjA0Mjc2MmZiYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDKCMnAKsVj4xS7aS2jzpmikjm+B
lkj7ZYGfBDOk78VQ5cWBPcIFjg65r+x8uwlj/O+DxFleDmP7Qx6Vsgfkk3cgQU48
5gII9zhImyWbuQoIqkgjbsrxRHXCq54INBzyJ7nQK0NaRWiaCxNJEOAvGrptxFfe
aUcSbOTmnD5uHoYZ/tPI4bMmRO2qJ+egW2ohneOp+1hfeXGb0q4l4mF63YVWbUSL
AIng2zzbJoN+7gbK2CL/za0K99ZM151ihq6sByb5Q00ArjOGg3WholcfxZ5KhWKr
ynLmFt1Xls/R36iclWLYItZS95x4RB5qPhIWG772rRo8BzMIjqZcWpYbKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSS3bCix4RwPfPLIQfL8EJ2L7xPMB8GA1UdIwQY
MBaAFA6M4KaruO5Q1Es7rkLUolSf+4JAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG96Z3BxdTQ3bERVU3p1dVF0U2lWSl83Z2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85ZjIwNzctZGY0Zi00OTdlLThlOTAt
YzQ5OTc1NWEyNjg5LzEvRG96Z3BxdTQ3bERVU3p1dVF0U2lWSl83Z2tBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85ZjIwNzctZGY0Zi00OTdlLThlOTAtYzQ5OTc1NWEyNjg5
LzEvRG96Z3BxdTQ3bERVU3p1dVF0U2lWSl83Z2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHqJ4/Wqs
sVjzA/7pa89YE72mwyw7nNRgZXBJJT5I2+WP/YGuJ+r5mu/bWAC5IErC4vCVCwkj
QtJh+jws1BbPPtUjypVIq3i93PyrfNDgGx5BatEoaGg28BQXmbsJWSUa/RiENyIb
+F/IS52hKGKi03IOdUIpO4dN+UUC2l+xCdV1p9tYxqvFI2Vf+RJH2puQrDf6Y1kf
xTeleZ65/3Wo9cf4VpUsM8TGBJ8DZaMkY+sd3cc9qJJaXe9VsMeYKZ/nt+rYEzhn
ZPxwIlBKxoUX5F7DlyyRsKWTlGJiJhAohHMPuiAIlrwXzRMmXVa2ZjcbMjTWlk2x
N0oPsOkhLmYn6Q==
-----END CERTIFICATE-----