Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
File:                     oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json)
Hash identifier:          87wYOB5ICWB1M+8MNFinoI8e7U3HzEUKj5kNA2lCxGU=
Subject key identifier:   F9:2B:04:1C:B1:19:8D:45:E9:0F:B0:1E:E9:20:AB:52:E3:7F:F2:8B
Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A
Certificate issuer:       /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
Certificate serial:       019922FA04FA8449FFCC215413130B8A3FBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 07:00:34 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:34 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:34 +0000
Files and hashes:         1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: 1E5Zvx8Odpydrw6R5rwxialU7epDmhJhTyqvhVHGfL4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:04:fa:84:49:ff:cc:21:54:13:13:0b:8a:3f:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
        Validity
            Not Before: Sep  7 07:00:34 2025 GMT
            Not After : Sep  8 07:00:34 2025 GMT
        Subject: CN=f92b041cb1198d45e90fb01ee920ab52e37ff28b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:5f:3e:cf:96:73:b5:48:fd:c6:d4:c7:1f:9f:
                    5d:23:37:94:d0:ee:19:0d:dd:c6:b0:0a:02:0b:e7:
                    de:53:eb:71:50:3b:71:ed:46:06:89:b5:ab:89:73:
                    ee:9c:3a:47:f7:45:50:31:ce:40:96:39:83:21:d0:
                    c8:85:b8:d3:c4:a8:ab:c0:18:64:84:4c:9f:c1:19:
                    83:9d:f6:a5:d4:ca:37:a3:09:0a:93:df:4d:7a:70:
                    74:e9:1b:8a:cf:75:35:9d:be:2c:34:fe:95:9c:35:
                    15:c2:f8:00:b3:aa:f5:bd:63:9f:ae:4d:29:e3:ee:
                    b9:6d:9a:20:5f:0b:d2:9c:79:48:6f:94:ad:8b:e0:
                    ab:83:d4:a0:88:d9:2c:ca:73:ae:f8:dc:c9:4a:b4:
                    87:33:36:c1:b9:31:76:74:85:62:02:af:b5:a0:01:
                    61:ed:d9:17:28:d8:75:75:e3:93:8c:01:fa:8b:25:
                    92:a9:d1:bb:b2:39:10:50:c9:e0:28:fb:02:1b:60:
                    b8:80:b3:5f:b7:0a:86:53:27:62:72:24:f7:5f:5c:
                    09:33:35:a0:91:91:ed:bb:18:17:f1:2e:50:63:53:
                    1c:d4:04:a7:d9:3e:e2:1e:22:7b:d1:88:c9:b9:51:
                    53:3f:43:a6:f6:ad:64:40:f0:9d:24:2d:7a:68:0b:
                    03:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:2B:04:1C:B1:19:8D:45:E9:0F:B0:1E:E9:20:AB:52:E3:7F:F2:8B
            X509v3 Authority Key Identifier:
                keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:35:7d:88:1c:00:9c:1b:cd:03:00:9d:88:13:57:6c:2c:a4:
         a8:bf:a1:76:2d:0d:71:c1:5b:32:a6:3e:9c:08:c8:32:cc:23:
         e4:a5:b7:d1:cf:5c:db:19:da:c7:cf:0b:f9:d1:5d:99:98:8e:
         70:da:6f:31:53:ac:97:ad:12:eb:ce:ab:ad:e3:a1:09:d6:fa:
         dc:80:06:c2:af:89:93:e1:1f:06:82:25:0a:89:99:e9:e4:ee:
         f1:1b:c3:74:d1:5c:f1:64:35:a8:6f:05:3f:2d:4b:48:97:37:
         7a:9e:72:09:ad:f9:aa:ac:ee:14:22:e2:9d:9e:9d:29:22:32:
         3e:cf:3b:e5:ee:b8:44:d5:6e:76:3c:3b:4b:f8:eb:27:0c:73:
         91:6d:dc:d2:e6:a5:40:dc:62:f6:66:14:8f:0c:a9:5e:6e:8f:
         46:a6:aa:4c:e0:5f:c1:de:c9:d0:02:c5:fb:7f:83:a8:17:0d:
         aa:57:80:05:96:bb:e2:4c:68:a4:83:64:91:e5:3e:82:65:fd:
         1b:71:e8:55:21:a7:4c:af:6d:07:ca:9f:f2:c2:56:73:3b:1b:
         cb:e1:63:f4:3c:87:46:b1:8e:fe:18:9b:6f:4f:0e:8a:a5:bf:
         f0:8a:6b:e0:f4:75:6f:8a:df:0b:4f:c0:5d:84:34:ec:77:9d:
         18:c7:02:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+gT6hEn/zCFUExMLij++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw
Mzk0MWEwHhcNMjUwOTA3MDcwMDM0WhcNMjUwOTA4MDcwMDM0WjAzMTEwLwYDVQQD
EyhmOTJiMDQxY2IxMTk4ZDQ1ZTkwZmIwMWVlOTIwYWI1MmUzN2ZmMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2l8+z5ZztUj9xtTHH59dIzeU0O4Z
Dd3GsAoCC+feU+txUDtx7UYGibWriXPunDpH90VQMc5AljmDIdDIhbjTxKirwBhk
hEyfwRmDnfal1Mo3owkKk99NenB06RuKz3U1nb4sNP6VnDUVwvgAs6r1vWOfrk0p
4+65bZogXwvSnHlIb5Sti+Crg9SgiNksynOu+NzJSrSHMzbBuTF2dIViAq+1oAFh
7dkXKNh1deOTjAH6iyWSqdG7sjkQUMngKPsCG2C4gLNftwqGUydiciT3X1wJMzWg
kZHtuxgX8S5QY1Mc1ASn2T7iHiJ70YjJuVFTP0Om9q1kQPCdJC16aAsDeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkrBByxGY1F6Q+wHukgq1Ljf/KLMB8GA1UdIwQY
MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt
YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz
LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABTV9iBwA
nBvNAwCdiBNXbCykqL+hdi0NccFbMqY+nAjIMswj5KW30c9c2xnax88L+dFdmZiO
cNpvMVOsl60S686rreOhCdb63IAGwq+Jk+EfBoIlComZ6eTu8RvDdNFc8WQ1qG8F
Py1LSJc3ep5yCa35qqzuFCLinZ6dKSIyPs875e64RNVudjw7S/jrJwxzkW3c0ual
QNxi9mYUjwypXm6PRqaqTOBfwd7J0ALF+3+DqBcNqleABZa74kxopINkkeU+gmX9
G3HoVSGnTK9tB8qf8sJWczsby+Fj9DyHRrGO/hibb08OiqW/8Ipr4PR1b4rfC0/A
XYQ07HedGMcCQg==
-----END CERTIFICATE-----