Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
File:                     Ou5vE-TaDy5DIqGnWqfn189xekI.mft (raw, json)
Hash identifier:          DdrzvE/XIhJnGoqxOY7fkVqRTh3f6MrsBSCQNKMPCS4=
Subject key identifier:   78:3C:FE:0D:38:69:9C:02:A1:CA:94:08:1A:13:C5:55:81:82:2F:B7
Authority key identifier: 3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42
Certificate issuer:       /CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
Certificate serial:       019921B1FFFD83130966055C132CF38E9FD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 01:02:17 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:17 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:17 +0000
Files and hashes:         1: Ou5vE-TaDy5DIqGnWqfn189xekI.crl (hash: HjeFQsOSWoKfXL6IZ3IxeAjEkyMX9YmT9PS7iAVLgPA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:ff:fd:83:13:09:66:05:5c:13:2c:f3:8e:9f:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
        Validity
            Not Before: Sep  7 01:02:17 2025 GMT
            Not After : Sep  8 01:02:17 2025 GMT
        Subject: CN=783cfe0d38699c02a1ca94081a13c55581822fb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:27:8c:a6:02:1a:93:df:bd:34:8b:5a:c7:61:
                    fb:e3:70:22:2b:65:5e:b7:91:da:20:ba:5f:09:24:
                    a4:34:70:b0:56:b3:99:bb:03:d5:b9:51:1f:2a:2a:
                    d7:f4:fc:9c:e1:90:54:dc:5d:7e:26:6a:de:fe:52:
                    2f:8e:0c:5c:af:0b:df:d0:95:ae:31:af:bb:09:f9:
                    13:60:52:ad:5d:75:88:96:ff:21:73:ca:bf:20:e8:
                    fc:d6:bd:d5:8a:7d:ff:f3:6f:70:77:5a:f8:b5:42:
                    f3:dc:5e:3c:99:c6:93:4f:1c:e5:6c:a0:fe:33:37:
                    26:03:b9:36:8d:15:97:e7:42:7f:10:f5:fd:dc:35:
                    0f:4d:d4:64:d2:ce:d6:93:86:e9:cf:cc:52:28:ad:
                    47:14:58:d7:f2:5b:27:44:b8:ec:ca:5e:54:a6:76:
                    d9:9f:94:29:ab:68:52:2f:8e:bb:41:67:b8:e0:9c:
                    9e:4d:2d:b3:a2:f0:17:73:5a:b7:74:aa:21:31:69:
                    7a:cf:fe:b7:f3:48:87:23:d6:33:c1:b7:5c:06:58:
                    16:b9:bc:f3:a5:74:c2:ff:64:fb:ed:a8:a9:3f:80:
                    5b:26:d0:fe:58:30:95:29:12:3d:18:6d:e8:13:61:
                    92:dc:7a:62:49:21:99:af:c3:ce:7f:c3:c9:a5:bd:
                    38:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:3C:FE:0D:38:69:9C:02:A1:CA:94:08:1A:13:C5:55:81:82:2F:B7
            X509v3 Authority Key Identifier:
                keyid:3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:77:54:c2:0b:14:79:0d:39:4f:cd:66:07:aa:d8:c4:5e:54:
         4e:43:65:2b:13:f9:a0:aa:ae:57:f5:bd:81:ca:e3:25:9b:70:
         a8:ea:69:0f:6a:c7:10:66:c3:78:3d:b7:0e:82:60:a0:7b:5c:
         58:dd:c0:a0:c4:7f:b1:d6:ee:47:a9:95:54:31:33:38:89:46:
         83:46:c7:50:78:f6:4a:4b:b8:23:d9:82:50:23:9e:1c:11:0e:
         66:1b:c3:6a:3c:54:92:bc:39:d5:71:cf:bc:26:ec:e8:2d:2b:
         57:13:bb:3d:33:95:e4:7e:cc:0a:ac:d0:1a:6a:dc:89:a8:8d:
         8b:74:d1:2d:a3:e2:ed:ec:1e:c4:9d:1e:ac:18:0c:51:5e:61:
         ca:ac:f1:45:3e:7d:0b:f7:7c:73:8d:2f:7f:4c:56:45:95:78:
         ba:5e:eb:91:fd:67:dd:34:73:e7:80:c4:a5:77:f6:2f:7d:18:
         d5:6b:24:56:b5:4b:43:30:d5:2c:4e:1c:12:ce:4c:38:ec:19:
         c0:f0:16:74:d2:18:fc:db:ad:d6:a6:be:ab:34:89:35:72:31:
         f4:29:37:33:20:85:18:ca:94:db:87:31:97:59:d5:fd:dc:dd:
         89:17:09:1a:0b:d7:b8:71:10:68:9c:10:64:90:d8:87:b8:62:
         14:b3:a0:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsf/9gxMJZgVcEyzzjp/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWU2ZjEzZTRkYTBmMmU0MzIyYTFhNzVhYTdlN2Q3Y2Y3
MTdhNDIwHhcNMjUwOTA3MDEwMjE3WhcNMjUwOTA4MDEwMjE3WjAzMTEwLwYDVQQD
Eyg3ODNjZmUwZDM4Njk5YzAyYTFjYTk0MDgxYTEzYzU1NTgxODIyZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yeMpgIak9+9NItax2H743AiK2Ve
t5HaILpfCSSkNHCwVrOZuwPVuVEfKirX9Pyc4ZBU3F1+Jmre/lIvjgxcrwvf0JWu
Ma+7CfkTYFKtXXWIlv8hc8q/IOj81r3Vin3/829wd1r4tULz3F48mcaTTxzlbKD+
MzcmA7k2jRWX50J/EPX93DUPTdRk0s7Wk4bpz8xSKK1HFFjX8lsnRLjsyl5UpnbZ
n5Qpq2hSL467QWe44JyeTS2zovAXc1q3dKohMWl6z/6380iHI9YzwbdcBlgWubzz
pXTC/2T77aipP4BbJtD+WDCVKRI9GG3oE2GS3HpiSSGZr8POf8PJpb04bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHg8/g04aZwCocqUCBoTxVWBgi+3MB8GA1UdIwQY
MBaAFDrubxPk2g8uQyKhp1qn59fPcXpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQt
MGMwMjkyMTY3Zjk1LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQtMGMwMjkyMTY3Zjk1
LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQXdUwgsU
eQ05T81mB6rYxF5UTkNlKxP5oKquV/W9gcrjJZtwqOppD2rHEGbDeD23DoJgoHtc
WN3AoMR/sdbuR6mVVDEzOIlGg0bHUHj2Sku4I9mCUCOeHBEOZhvDajxUkrw51XHP
vCbs6C0rVxO7PTOV5H7MCqzQGmrciaiNi3TRLaPi7ewexJ0erBgMUV5hyqzxRT59
C/d8c40vf0xWRZV4ul7rkf1n3TRz54DEpXf2L30Y1WskVrVLQzDVLE4cEs5MOOwZ
wPAWdNIY/Nut1qa+qzSJNXIx9Ck3MyCFGMqU24cxl1nV/dzdiRcJGgvXuHEQaJwQ
ZJDYh7hiFLOgXg==
-----END CERTIFICATE-----