Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          vMPBqejNbGiAdhqjNezT+879byDz1lQW7orNyfOXXbs=
Subject key identifier:   C9:95:7F:B3:24:98:E5:24:48:5B:A6:16:6F:B7:03:CE:EA:BD:41:A1
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       01988B7C65DD51F949B24E7C33079CE9DBC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          135A
Signing time:             Fri 08 Aug 2025 21:00:42 +0000
Manifest this update:     Fri 08 Aug 2025 21:00:42 +0000
Manifest next update:     Sat 09 Aug 2025 21:00:42 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: WPnF0f4WuifVrCDM2aQuDlBc97n3GjfSZ0Q8hEHb+wc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:7c:65:dd:51:f9:49:b2:4e:7c:33:07:9c:e9:db:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: Aug  8 21:00:42 2025 GMT
            Not After : Aug  9 21:00:42 2025 GMT
        Subject: CN=c9957fb32498e524485ba6166fb703ceeabd41a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a5:aa:a5:54:7d:70:33:37:14:e7:ad:83:9e:
                    4b:68:cb:f4:48:15:f0:d2:4f:a9:0f:8c:22:3d:69:
                    28:70:5e:fb:f2:61:25:a9:3c:06:b0:29:1a:b2:99:
                    dd:04:2b:f1:b1:6a:7c:35:c4:77:de:52:ec:a5:26:
                    a9:46:8e:10:b2:75:bb:1a:fb:74:9b:32:1c:29:91:
                    95:05:22:21:43:b5:7e:46:36:7f:2d:f3:cb:91:a6:
                    04:ab:02:b5:83:3f:d4:7c:98:17:14:32:5d:1b:c3:
                    fa:77:ca:1b:67:1b:fc:3a:08:4a:d3:a9:89:d8:dd:
                    f3:44:da:df:ea:e1:77:37:e4:10:fc:98:44:ab:e8:
                    08:6a:f4:2a:84:73:ce:7f:45:12:b0:97:ca:fd:46:
                    63:44:14:65:13:32:6b:44:03:fb:7e:6b:3f:32:54:
                    6d:46:c9:cf:f3:0f:74:ef:18:6c:58:fc:fd:7e:5c:
                    bf:4f:fa:51:c7:83:38:cb:24:29:41:a1:ce:ec:c4:
                    57:48:6b:4f:52:ba:3c:cf:8f:d4:c3:1d:73:19:6a:
                    d0:85:d0:4f:96:81:52:ce:57:85:24:b2:cf:e9:17:
                    bb:61:bc:f1:95:d3:6e:10:de:1c:a8:1a:e5:74:12:
                    76:cf:f0:02:a7:b4:17:19:98:c6:1d:bd:27:f8:45:
                    53:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:95:7F:B3:24:98:E5:24:48:5B:A6:16:6F:B7:03:CE:EA:BD:41:A1
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:ba:8c:f6:5d:fb:e7:a2:62:d4:03:9a:9e:21:6c:b1:94:2f:
         70:b7:99:6d:eb:70:83:88:64:90:e9:1f:30:62:17:ce:fe:72:
         9a:c0:56:f3:2d:96:44:e2:2b:99:d8:0b:78:36:05:70:41:e7:
         7b:55:71:4d:41:1f:01:49:65:06:f6:e9:2d:57:3d:a3:5e:e9:
         b6:df:e7:a1:9a:27:0b:66:af:31:3f:6a:f8:fc:eb:c3:01:dd:
         5b:de:ec:1d:a5:a1:b3:28:6d:1e:fa:50:14:d3:8e:ad:bf:d5:
         b5:43:dc:e8:a6:4f:4a:52:2e:31:5b:09:59:9f:fc:b3:cc:38:
         4e:e3:79:0e:07:3b:8c:60:b2:b3:2b:57:dc:46:27:15:80:93:
         63:e4:fc:7e:22:b6:5c:71:d7:16:e1:03:63:17:6b:26:63:fd:
         af:c2:a7:e4:ce:90:92:e8:6f:3d:fb:4c:b0:b2:82:bb:01:af:
         25:e8:72:cd:2e:bc:13:34:75:05:9a:7e:86:a2:a5:9f:a8:82:
         47:05:30:07:0b:ea:98:e6:9f:6d:a4:46:17:0c:0c:af:09:f2:
         4b:0b:27:6c:6f:19:8f:56:98:26:c6:8d:f8:f3:94:6f:79:88:
         07:91:73:77:e4:50:44:e9:d1:29:57:9b:8e:3f:c1:8e:e4:4f:
         5c:90:01:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfGXdUflJsk58Mwec6dvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjUwODA4MjEwMDQyWhcNMjUwODA5MjEwMDQyWjAzMTEwLwYDVQQD
EyhjOTk1N2ZiMzI0OThlNTI0NDg1YmE2MTY2ZmI3MDNjZWVhYmQ0MWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKWqpVR9cDM3FOetg55LaMv0SBXw
0k+pD4wiPWkocF778mElqTwGsCkaspndBCvxsWp8NcR33lLspSapRo4QsnW7Gvt0
mzIcKZGVBSIhQ7V+RjZ/LfPLkaYEqwK1gz/UfJgXFDJdG8P6d8obZxv8OghK06mJ
2N3zRNrf6uF3N+QQ/JhEq+gIavQqhHPOf0USsJfK/UZjRBRlEzJrRAP7fms/MlRt
RsnP8w907xhsWPz9fly/T/pRx4M4yyQpQaHO7MRXSGtPUro8z4/Uwx1zGWrQhdBP
loFSzleFJLLP6Re7YbzxldNuEN4cqBrldBJ2z/ACp7QXGZjGHb0n+EVT7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmVf7MkmOUkSFumFm+3A87qvUGhMB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAbqM9l37
56Ji1AOaniFssZQvcLeZbetwg4hkkOkfMGIXzv5ymsBW8y2WROIrmdgLeDYFcEHn
e1VxTUEfAUllBvbpLVc9o17ptt/noZonC2avMT9q+PzrwwHdW97sHaWhsyhtHvpQ
FNOOrb/VtUPc6KZPSlIuMVsJWZ/8s8w4TuN5Dgc7jGCysytX3EYnFYCTY+T8fiK2
XHHXFuEDYxdrJmP9r8Kn5M6QkuhvPftMsLKCuwGvJehyzS68EzR1BZp+hqKln6iC
RwUwBwvqmOafbaRGFwwMrwnySwsnbG8Zj1aYJsaN+POUb3mIB5Fzd+RQROnRKVeb
jj/BjuRPXJABdw==
-----END CERTIFICATE-----