Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          cB3UXpGsrpxFx/VipHzDISa8ahQGD9UKTeo7Cg8QPWI=
Subject key identifier:   1D:34:EB:CC:86:05:0A:70:47:42:9F:08:3F:01:D6:5E:F8:5A:55:30
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       0198A15F379CBDE350B4AF4F7A363EAB019D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          065B
Signing time:             Wed 13 Aug 2025 03:00:28 +0000
Manifest this update:     Wed 13 Aug 2025 03:00:28 +0000
Manifest next update:     Thu 14 Aug 2025 03:00:28 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: 8fZYtY6eYUQxPgSWUvGU7upzkK5soklrme2xBr5XN28=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a1:5f:37:9c:bd:e3:50:b4:af:4f:7a:36:3e:ab:01:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Aug 13 03:00:28 2025 GMT
            Not After : Aug 14 03:00:28 2025 GMT
        Subject: CN=1d34ebcc86050a7047429f083f01d65ef85a5530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:87:d9:90:d5:dd:75:b5:99:5f:6d:05:03:07:
                    88:a5:e1:b5:25:c2:3e:05:87:5f:35:f3:3d:c4:2c:
                    1e:6b:77:38:92:b7:2b:c1:fd:8d:b9:9c:34:2c:73:
                    87:c2:fa:08:68:47:36:10:b7:95:8e:99:4d:af:f4:
                    ef:62:10:cf:e8:9e:ef:71:9f:3a:84:30:ee:13:95:
                    5b:56:cc:d5:6d:c9:f7:14:49:7f:8f:9a:84:5b:42:
                    70:fa:de:78:c3:6e:c9:2c:30:68:df:ba:a0:60:1c:
                    9d:41:51:c8:1a:60:db:48:74:1b:2b:91:9c:7e:dc:
                    f5:b4:a5:bc:25:9f:99:64:47:50:eb:f4:35:08:af:
                    60:e5:83:d2:07:9a:0f:4b:b2:62:22:f2:55:b4:1d:
                    c8:79:ae:76:99:d1:ba:1f:02:ff:0a:47:66:33:ce:
                    a1:e8:9e:e7:76:8c:49:f8:24:43:8c:fd:d4:63:c4:
                    7b:e8:e4:ff:00:56:d2:c8:1a:63:51:1a:10:04:5a:
                    c4:c3:37:bb:9e:d2:b6:80:dc:75:63:26:63:64:bd:
                    39:b1:5d:cc:87:08:8a:49:48:cd:97:bf:16:f8:72:
                    94:7d:43:ce:88:3a:a1:bf:1b:57:25:9a:8c:57:9d:
                    5c:d5:08:6a:30:22:73:b4:bd:74:9d:f1:a2:0a:90:
                    21:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:34:EB:CC:86:05:0A:70:47:42:9F:08:3F:01:D6:5E:F8:5A:55:30
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:d7:41:58:d7:a8:a8:b2:9f:90:04:dc:0f:32:c7:ed:22:10:
         87:12:34:2d:fd:1e:2f:e9:00:e7:28:5d:a4:73:2c:e2:55:ad:
         93:d3:a7:7c:59:ea:02:76:16:25:a8:09:ce:04:ef:42:51:7d:
         db:63:c5:ad:40:98:84:97:d4:8a:89:f8:bf:db:03:e1:eb:dc:
         fa:26:8b:ad:60:34:4d:1f:81:d8:32:21:54:40:32:21:8e:a0:
         af:67:55:3a:c4:7a:9d:01:09:c5:80:ac:67:2d:cb:38:ca:b5:
         55:a9:7d:eb:57:ea:10:69:a2:8c:4f:9b:7d:26:b3:5d:aa:4b:
         24:ac:53:96:9a:aa:88:88:5a:69:46:da:d5:ee:da:15:cb:e6:
         3e:c8:28:ec:da:35:b1:b0:41:c0:af:9a:a7:47:f1:5b:18:80:
         0d:b0:2a:f8:fe:a0:15:58:b1:41:39:ac:9c:20:8e:41:4e:c3:
         57:83:fe:1a:b0:32:ca:63:9c:16:43:75:82:12:11:59:85:84:
         b5:bb:1e:03:8a:e7:37:cc:8f:94:a6:0f:6d:e5:7b:1b:1a:e9:
         66:7d:0b:8a:32:91:b5:da:60:08:49:47:20:ed:59:c1:77:aa:
         d6:33:4b:2c:3d:50:aa:57:e2:de:f6:cc:2c:f1:29:75:18:5e:
         ed:bb:72:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZihXzecveNQtK9PejY+qwGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjUwODEzMDMwMDI4WhcNMjUwODE0MDMwMDI4WjAzMTEwLwYDVQQD
EygxZDM0ZWJjYzg2MDUwYTcwNDc0MjlmMDgzZjAxZDY1ZWY4NWE1NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IfZkNXddbWZX20FAweIpeG1JcI+
BYdfNfM9xCwea3c4krcrwf2NuZw0LHOHwvoIaEc2ELeVjplNr/TvYhDP6J7vcZ86
hDDuE5VbVszVbcn3FEl/j5qEW0Jw+t54w27JLDBo37qgYBydQVHIGmDbSHQbK5Gc
ftz1tKW8JZ+ZZEdQ6/Q1CK9g5YPSB5oPS7JiIvJVtB3Iea52mdG6HwL/CkdmM86h
6J7ndoxJ+CRDjP3UY8R76OT/AFbSyBpjURoQBFrEwze7ntK2gNx1YyZjZL05sV3M
hwiKSUjNl78W+HKUfUPOiDqhvxtXJZqMV51c1QhqMCJztL10nfGiCpAhFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0068yGBQpwR0KfCD8B1l74WlUwMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY9dBWNeo
qLKfkATcDzLH7SIQhxI0Lf0eL+kA5yhdpHMs4lWtk9OnfFnqAnYWJagJzgTvQlF9
22PFrUCYhJfUion4v9sD4evc+iaLrWA0TR+B2DIhVEAyIY6gr2dVOsR6nQEJxYCs
Zy3LOMq1Val961fqEGmijE+bfSazXapLJKxTlpqqiIhaaUba1e7aFcvmPsgo7No1
sbBBwK+ap0fxWxiADbAq+P6gFVixQTmsnCCOQU7DV4P+GrAyymOcFkN1ghIRWYWE
tbseA4rnN8yPlKYPbeV7GxrpZn0LijKRtdpgCElHIO1ZwXeq1jNLLD1Qqlfi3vbM
LPEpdRhe7bty5A==
-----END CERTIFICATE-----