Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          T8VuACKMdWatEuA0da722YAl4PmK3a4BewOi+5DBeac=
Subject key identifier:   18:6E:00:A5:E8:3A:1C:81:3C:B4:CE:AF:BE:1A:B0:3F:D8:D7:A4:0C
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       0199221E712B61736F52FD15464F354DC401
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0D1B
Signing time:             Sun 07 Sep 2025 03:00:44 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:44 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:44 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: kF/v4oQkDudEAWGJ4CRpNn+CI8wHdip2p3Nnate91yA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:71:2b:61:73:6f:52:fd:15:46:4f:35:4d:c4:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Sep  7 03:00:44 2025 GMT
            Not After : Sep  8 03:00:44 2025 GMT
        Subject: CN=186e00a5e83a1c813cb4ceafbe1ab03fd8d7a40c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:96:1c:a4:37:fd:a3:e4:81:b6:53:6c:57:75:
                    aa:1d:6b:03:b5:1c:95:2f:22:28:a6:1a:54:14:04:
                    c8:61:61:2d:66:91:3a:77:23:48:5c:55:ca:df:9f:
                    59:60:9d:7f:ac:43:cc:2e:29:15:b5:c7:cf:a1:d2:
                    f6:6e:f1:c3:bb:de:ba:93:31:18:dd:75:9d:61:a4:
                    59:fc:74:36:a9:51:52:eb:02:a5:dd:da:5f:56:16:
                    d4:2d:51:3e:2f:34:65:23:86:50:74:69:aa:f6:a3:
                    e7:a6:b6:f4:e7:c3:e2:cf:47:ca:4e:bb:8d:36:03:
                    6f:da:76:c1:62:1d:a9:42:1c:ee:85:3a:eb:f1:f1:
                    f6:cd:c3:90:b3:39:c5:25:91:1d:84:45:80:98:ab:
                    e5:b5:33:cd:35:0e:31:d9:5a:f4:8e:f5:78:90:67:
                    f6:bf:0e:1a:db:66:3d:5b:44:56:ba:a3:8d:83:2b:
                    bb:39:a8:ac:be:3d:9c:d5:f9:3f:52:c4:08:41:e7:
                    e8:e6:f4:c9:1a:a7:01:7c:97:ea:49:3c:fa:5c:eb:
                    d9:ba:56:f9:f4:86:cb:97:db:83:84:cd:cf:4b:99:
                    a5:cc:02:41:26:f7:64:bb:ae:bd:fc:ff:68:f9:3a:
                    57:34:41:d4:21:e0:a3:f6:9e:32:c5:ee:ac:af:59:
                    78:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:6E:00:A5:E8:3A:1C:81:3C:B4:CE:AF:BE:1A:B0:3F:D8:D7:A4:0C
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:28:fd:65:43:1a:79:a8:33:f3:ee:ee:2f:29:c5:19:eb:dd:
         72:e1:27:66:b2:d2:5f:9c:9e:8f:a2:e4:3a:58:6c:cb:7f:a7:
         db:dd:2c:39:56:3f:bb:5a:bf:ae:ab:50:f1:9e:24:71:7c:87:
         c2:44:5c:ae:cc:04:9a:59:93:8a:c2:7c:6d:f9:54:69:20:bf:
         1e:e9:4c:c8:05:d7:4e:ea:29:e7:35:da:4f:2d:05:5d:63:6c:
         90:a3:c7:2b:60:7c:a9:b6:d1:b2:43:9c:83:93:b0:60:7f:75:
         16:64:0a:37:3c:0f:ec:7b:dc:6d:4e:0f:e4:d5:d9:be:fe:4a:
         55:8e:a8:30:a7:cf:c1:da:c3:de:f1:2e:dd:48:b3:18:d3:fd:
         e7:55:1f:b8:bd:b1:f4:94:91:0b:10:4e:2e:df:91:4f:c3:e1:
         79:37:41:35:75:91:a3:6b:18:9a:13:05:55:e8:65:04:06:c2:
         cc:3d:41:a5:14:59:7c:87:24:9b:00:fc:4d:fc:50:12:96:02:
         85:aa:b6:f0:0e:ab:7f:0f:d1:e6:44:51:33:75:a2:a6:c4:59:
         74:c4:f1:57:23:81:5d:78:01:92:a5:44:e8:42:93:f2:9e:a7:
         c0:9c:96:12:8c:36:a9:95:3d:cf:71:9c:a7:d8:14:98:e6:7e:
         9f:66:96:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHnErYXNvUv0VRk81TcQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUwOTA3MDMwMDQ0WhcNMjUwOTA4MDMwMDQ0WjAzMTEwLwYDVQQD
EygxODZlMDBhNWU4M2ExYzgxM2NiNGNlYWZiZTFhYjAzZmQ4ZDdhNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZYcpDf9o+SBtlNsV3WqHWsDtRyV
LyIophpUFATIYWEtZpE6dyNIXFXK359ZYJ1/rEPMLikVtcfPodL2bvHDu966kzEY
3XWdYaRZ/HQ2qVFS6wKl3dpfVhbULVE+LzRlI4ZQdGmq9qPnprb058Piz0fKTruN
NgNv2nbBYh2pQhzuhTrr8fH2zcOQsznFJZEdhEWAmKvltTPNNQ4x2Vr0jvV4kGf2
vw4a22Y9W0RWuqONgyu7Oaisvj2c1fk/UsQIQefo5vTJGqcBfJfqSTz6XOvZulb5
9IbLl9uDhM3PS5mlzAJBJvdku669/P9o+TpXNEHUIeCj9p4yxe6sr1l4tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhuAKXoOhyBPLTOr74asD/Y16QMMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACij9ZUMa
eagz8+7uLynFGevdcuEnZrLSX5yej6LkOlhsy3+n290sOVY/u1q/rqtQ8Z4kcXyH
wkRcrswEmlmTisJ8bflUaSC/HulMyAXXTuop5zXaTy0FXWNskKPHK2B8qbbRskOc
g5OwYH91FmQKNzwP7HvcbU4P5NXZvv5KVY6oMKfPwdrD3vEu3UizGNP951UfuL2x
9JSRCxBOLt+RT8PheTdBNXWRo2sYmhMFVehlBAbCzD1BpRRZfIckmwD8TfxQEpYC
haq28A6rfw/R5kRRM3WipsRZdMTxVyOBXXgBkqVE6EKT8p6nwJyWEow2qZU9z3Gc
p9gUmOZ+n2aW2w==
-----END CERTIFICATE-----