Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          kWnQpv12vJDFe7Y62JoSTNGBGqiD9009aNK6UE3Sstg=
Subject key identifier:   13:B2:28:AD:E7:EF:81:C3:A7:68:BB:B6:AC:53:F3:18:98:86:2E:2F
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       019922551C3A4E70067F000ABCC48ABEE74F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 04:00:26 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:26 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:26 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: DUyKJUd3AzvXDHX7z/+CCEg/uthv9hvrzsNYooot5vM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:1c:3a:4e:70:06:7f:00:0a:bc:c4:8a:be:e7:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Sep  7 04:00:26 2025 GMT
            Not After : Sep  8 04:00:26 2025 GMT
        Subject: CN=13b228ade7ef81c3a768bbb6ac53f31898862e2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:0d:ac:de:0d:47:dc:0f:86:04:56:d3:a7:b6:
                    0a:f8:1e:b6:6f:6e:ac:b1:ad:dd:e7:a8:00:e2:cf:
                    e8:6e:a8:cc:74:c5:c8:88:94:9e:eb:06:1e:e9:56:
                    a3:b1:fc:9f:5d:94:8e:a3:85:df:17:51:34:e3:7e:
                    85:8c:1d:74:c3:16:b3:56:82:e7:99:6e:eb:05:b4:
                    18:df:38:f6:00:30:34:2a:68:e7:dc:2f:37:05:83:
                    06:ac:38:b7:55:33:84:5a:35:e8:2d:80:c2:61:4b:
                    92:1b:cd:07:45:55:d3:89:ae:8d:d7:fc:83:88:95:
                    25:a4:60:36:90:1d:ac:ac:40:d4:ae:0c:e0:26:10:
                    2c:1e:ac:fc:fd:89:54:9d:18:8a:d9:e0:12:72:74:
                    83:48:59:e3:a4:cb:16:fd:a1:9a:d2:e3:51:9b:f4:
                    9f:1c:79:58:9c:82:f6:4d:28:5b:7d:61:c6:63:04:
                    6f:8d:69:9c:d6:81:64:2f:22:e3:6d:9f:95:26:68:
                    33:d9:38:4d:46:bf:39:c5:76:f6:34:22:ed:d4:8a:
                    ef:fb:5b:2f:6e:27:f4:df:b7:f6:c0:04:91:04:79:
                    6e:da:99:4a:d3:43:1a:e0:42:66:2c:8f:8b:93:60:
                    39:8c:63:cf:fd:75:04:2c:26:15:a2:d1:f5:fd:d9:
                    10:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:B2:28:AD:E7:EF:81:C3:A7:68:BB:B6:AC:53:F3:18:98:86:2E:2F
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:5a:09:59:de:16:a7:71:40:70:5d:b1:7b:01:84:47:4f:3e:
         b6:30:b7:68:e9:29:4f:25:2f:27:a2:b7:5b:44:65:f4:87:c0:
         d2:e1:78:a2:f7:80:a0:89:a9:25:86:6c:84:8b:38:4d:43:5c:
         f0:3f:01:a7:bb:7d:1b:97:6a:71:7a:5a:e3:2b:b3:69:83:80:
         ff:0b:3c:72:33:49:66:ec:27:ff:91:63:9f:6b:a6:82:e8:3d:
         67:b5:37:de:ec:56:d7:ed:2b:ae:23:0c:1f:1e:56:29:40:6b:
         63:ca:0a:fb:68:24:4c:17:27:77:b7:75:dc:df:34:d7:9f:e9:
         43:8b:dc:9c:91:9f:95:f9:93:11:ad:09:f1:a7:58:4c:34:c0:
         d1:54:2a:48:d8:c9:8d:47:69:01:96:13:7b:9e:15:8c:22:8d:
         30:18:02:54:eb:72:54:a8:24:ee:a8:b9:82:ea:41:7a:1d:0e:
         67:be:15:67:ad:9c:ee:7d:93:a9:49:3c:44:fb:d7:24:fa:28:
         b9:23:a6:ec:a1:e5:88:20:d2:2e:2e:cf:69:cb:43:b0:9b:66:
         9c:85:de:f0:83:92:71:f4:52:bc:25:f0:ad:5f:73:e1:5b:d0:
         87:78:7a:8c:46:d5:ef:b3:ed:e6:14:df:8f:3e:dd:3f:ff:4b:
         10:82:bb:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVRw6TnAGfwAKvMSKvudPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjUwOTA3MDQwMDI2WhcNMjUwOTA4MDQwMDI2WjAzMTEwLwYDVQQD
EygxM2IyMjhhZGU3ZWY4MWMzYTc2OGJiYjZhYzUzZjMxODk4ODYyZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Q2s3g1H3A+GBFbTp7YK+B62b26s
sa3d56gA4s/obqjMdMXIiJSe6wYe6VajsfyfXZSOo4XfF1E0436FjB10wxazVoLn
mW7rBbQY3zj2ADA0Kmjn3C83BYMGrDi3VTOEWjXoLYDCYUuSG80HRVXTia6N1/yD
iJUlpGA2kB2srEDUrgzgJhAsHqz8/YlUnRiK2eAScnSDSFnjpMsW/aGa0uNRm/Sf
HHlYnIL2TShbfWHGYwRvjWmc1oFkLyLjbZ+VJmgz2ThNRr85xXb2NCLt1Irv+1sv
bif037f2wASRBHlu2plK00Ma4EJmLI+Lk2A5jGPP/XUELCYVotH1/dkQ0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOyKK3n74HDp2i7tqxT8xiYhi4vMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEVoJWd4W
p3FAcF2xewGER08+tjC3aOkpTyUvJ6K3W0Rl9IfA0uF4oveAoImpJYZshIs4TUNc
8D8Bp7t9G5dqcXpa4yuzaYOA/ws8cjNJZuwn/5Fjn2umgug9Z7U33uxW1+0rriMM
Hx5WKUBrY8oK+2gkTBcnd7d13N8015/pQ4vcnJGflfmTEa0J8adYTDTA0VQqSNjJ
jUdpAZYTe54VjCKNMBgCVOtyVKgk7qi5gupBeh0OZ74VZ62c7n2TqUk8RPvXJPoo
uSOm7KHliCDSLi7PactDsJtmnIXe8IOScfRSvCXwrV9z4VvQh3h6jEbV77Pt5hTf
jz7dP/9LEIK7Dw==
-----END CERTIFICATE-----