Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
File:                     0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft (raw, json)
Hash identifier:          BLEGlgZDmiupfYgizcQeixSPzo5t4oXzJseYthWG9Qk=
Subject key identifier:   F8:8D:47:D5:DF:3C:4A:29:86:32:D0:7B:89:70:5E:2A:46:22:43:52
Authority key identifier: D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF
Certificate issuer:       /CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
Certificate serial:       019916887D9EDF423A1A9A45181D3984549F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
Manifest number:          04C1
Signing time:             Thu 04 Sep 2025 21:01:07 +0000
Manifest this update:     Thu 04 Sep 2025 21:01:07 +0000
Manifest next update:     Fri 05 Sep 2025 21:01:07 +0000
Files and hashes:         1: 0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl (hash: O+l66Z/OkZhOQSCOzNOssbAcSLJYTiNqq0lbBLh9F7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 21:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:88:7d:9e:df:42:3a:1a:9a:45:18:1d:39:84:54:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
        Validity
            Not Before: Sep  4 21:01:07 2025 GMT
            Not After : Sep  5 21:01:07 2025 GMT
        Subject: CN=f88d47d5df3c4a298632d07b89705e2a46224352
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:81:3e:00:95:c6:dd:01:28:fc:1b:e3:91:f2:
                    88:9a:f4:22:bf:90:d1:6d:5d:5d:6d:6c:ac:d0:29:
                    ff:54:de:f9:b4:70:c9:b7:af:d7:92:e8:d4:32:50:
                    ed:52:69:7d:05:ab:d0:8d:4a:d0:d3:36:10:5f:de:
                    d8:0c:51:16:7f:01:ac:b2:ad:52:0e:4f:ea:5e:50:
                    44:5c:25:4d:ed:44:c8:fb:95:81:7a:71:80:5a:31:
                    12:ca:b8:70:5d:73:c0:c7:d8:a3:cd:8d:e5:f5:c3:
                    6d:51:86:84:74:0c:12:af:06:77:d4:c7:84:29:ce:
                    50:7e:cd:a4:16:d2:5e:db:c1:9c:40:7b:13:da:7b:
                    8d:44:12:e0:11:a2:9b:f5:b4:74:76:2d:dd:a0:9a:
                    dc:87:53:e6:ff:50:59:09:f4:a0:c2:5d:10:7b:2c:
                    6a:6c:a9:94:98:0c:0f:c2:d8:ef:1a:ff:0b:70:c0:
                    41:57:d8:f9:0e:2d:71:c1:be:8f:eb:63:15:c3:48:
                    ac:d8:ff:3b:7f:c4:13:a7:81:bf:ba:6a:e8:9e:18:
                    d8:3e:d4:b4:8b:b6:4b:55:39:1d:14:ff:09:21:56:
                    f4:00:4c:86:55:51:0d:08:b9:ed:fa:a8:34:fc:4d:
                    17:2b:a9:f7:49:73:86:5a:fa:e4:e1:9c:14:12:d2:
                    00:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:8D:47:D5:DF:3C:4A:29:86:32:D0:7B:89:70:5E:2A:46:22:43:52
            X509v3 Authority Key Identifier:
                keyid:D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:ce:7f:81:1f:10:88:aa:33:d3:1f:8f:cd:46:9a:7c:3f:ed:
         33:bb:a8:61:44:c8:16:c5:c5:bb:74:52:ef:16:e7:25:33:f7:
         bb:bb:c4:94:c6:c5:5d:f6:5e:da:97:61:1d:45:35:51:17:e9:
         2c:1d:bb:66:10:1a:54:1f:72:92:2b:c4:93:8d:18:85:03:2b:
         28:db:19:58:84:3c:33:13:9a:fb:1c:c8:85:f7:80:30:45:76:
         0a:9b:bb:25:22:6c:e4:0c:8a:0c:d4:4c:70:7d:67:b5:1c:5b:
         f7:7e:f7:b0:54:aa:11:0c:df:db:1c:75:08:bb:5a:e2:06:f7:
         b3:ca:7a:71:48:19:03:64:12:8e:5e:fd:d1:c0:c3:d5:40:93:
         8c:4d:dd:57:ff:31:f2:93:50:19:7d:34:b4:da:18:58:90:27:
         c4:14:e7:4d:d4:03:37:ad:32:3b:d8:d2:a3:21:5c:af:d3:8a:
         ea:fa:2a:8c:04:65:91:ce:e7:75:2d:d3:b2:51:40:07:2d:de:
         7c:8a:de:e1:24:3f:4b:6d:21:0d:3d:8c:d4:0d:d6:1b:6c:05:
         15:a1:b7:3b:69:85:3c:50:0e:71:d5:98:96:a6:47:c8:f5:f8:
         43:37:05:0e:c4:cf:d2:e8:c4:5c:76:db:fa:72:6a:a2:80:db:
         fb:08:e2:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWiH2e30I6GppFGB05hFSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYjBlODY4NmY3ZGFiMWY2NGM4MGQ0MzgyYzNjNTk0OWZm
MTFkYmYwHhcNMjUwOTA0MjEwMTA3WhcNMjUwOTA1MjEwMTA3WjAzMTEwLwYDVQQD
EyhmODhkNDdkNWRmM2M0YTI5ODYzMmQwN2I4OTcwNWUyYTQ2MjI0MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44E+AJXG3QEo/BvjkfKImvQiv5DR
bV1dbWys0Cn/VN75tHDJt6/XkujUMlDtUml9BavQjUrQ0zYQX97YDFEWfwGssq1S
Dk/qXlBEXCVN7UTI+5WBenGAWjESyrhwXXPAx9ijzY3l9cNtUYaEdAwSrwZ31MeE
Kc5Qfs2kFtJe28GcQHsT2nuNRBLgEaKb9bR0di3doJrch1Pm/1BZCfSgwl0Qeyxq
bKmUmAwPwtjvGv8LcMBBV9j5Di1xwb6P62MVw0is2P87f8QTp4G/umronhjYPtS0
i7ZLVTkdFP8JIVb0AEyGVVENCLnt+qg0/E0XK6n3SXOGWvrk4ZwUEtIAOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPiNR9XfPEophjLQe4lwXipGIkNSMB8GA1UdIwQY
MBaAFNGw6GhvfasfZMgNQ4LDxZSf8R2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMt
ZGJiYzI1NGQxYzZjLzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMtZGJiYzI1NGQxYzZj
LzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEc5/gR8Q
iKoz0x+PzUaafD/tM7uoYUTIFsXFu3RS7xbnJTP3u7vElMbFXfZe2pdhHUU1URfp
LB27ZhAaVB9ykivEk40YhQMrKNsZWIQ8MxOa+xzIhfeAMEV2Cpu7JSJs5AyKDNRM
cH1ntRxb9373sFSqEQzf2xx1CLta4gb3s8p6cUgZA2QSjl790cDD1UCTjE3dV/8x
8pNQGX00tNoYWJAnxBTnTdQDN60yO9jSoyFcr9OK6voqjARlkc7ndS3TslFABy3e
fIre4SQ/S20hDT2M1A3WG2wFFaG3O2mFPFAOcdWYlqZHyPX4QzcFDsTP0ujEXHbb
+nJqooDb+wjiZQ==
-----END CERTIFICATE-----