Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
File:                     o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft (raw, json)
Hash identifier:          M02ohN0/0mrd92aeg3o6P4TS6KmnaPUHzHkxhtaFVGs=
Subject key identifier:   9A:BB:6C:6A:28:09:C2:C9:45:F1:65:0F:6C:8B:43:90:EA:3B:5D:DE
Authority key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64
Certificate issuer:       /CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
Certificate serial:       019923A0CF6F232F75B0D0015DC9C8AC80B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 10:02:45 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:45 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:45 +0000
Files and hashes:         1: o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl (hash: XzSxoR3Q0HfpAzTbEeM/oJFAfDPR18Djabfd10h4CME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:cf:6f:23:2f:75:b0:d0:01:5d:c9:c8:ac:80:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
        Validity
            Not Before: Sep  7 10:02:45 2025 GMT
            Not After : Sep  8 10:02:45 2025 GMT
        Subject: CN=9abb6c6a2809c2c945f1650f6c8b4390ea3b5dde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4f:a9:d9:f4:e5:62:26:98:c5:fb:20:c2:1a:
                    cc:19:56:cc:62:f6:5c:6e:76:ee:eb:23:f4:7f:d9:
                    75:19:5d:c0:9a:16:da:a3:15:83:d6:97:95:d1:f9:
                    ce:32:5a:f6:aa:5c:91:c1:56:34:bb:b5:4a:0a:ac:
                    3b:39:2a:d9:37:b9:5d:45:7f:8b:d1:24:03:e0:a1:
                    cd:a7:3a:5e:43:53:66:65:a1:43:69:91:07:57:a3:
                    40:86:b2:9e:01:4d:12:cd:eb:df:59:b6:dd:5d:f4:
                    e3:49:dd:fb:86:4c:5c:fb:a3:ca:53:c8:ea:b2:c0:
                    41:4d:45:5f:53:85:5b:b6:12:b2:bb:8e:b2:73:64:
                    3e:c4:a1:24:26:eb:e6:3c:89:3c:71:f6:dc:4a:d4:
                    3c:e5:6c:9e:2d:fc:56:68:df:ee:82:ac:7f:b2:0e:
                    8a:e0:d0:77:2d:6d:f9:35:02:0a:5a:3a:de:9c:aa:
                    66:80:6d:c1:e7:fe:18:15:dd:19:ed:70:ef:f3:5f:
                    5f:35:bb:cb:0f:59:17:80:4b:f2:5a:14:d5:0d:cd:
                    72:8f:71:e6:9d:e3:ba:29:6b:b5:8f:99:41:a0:46:
                    b9:0c:5c:93:d1:5d:42:21:aa:99:07:7b:ef:41:11:
                    7b:57:f7:9e:af:9c:aa:87:42:8a:00:92:7e:c5:74:
                    f3:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:BB:6C:6A:28:09:C2:C9:45:F1:65:0F:6C:8B:43:90:EA:3B:5D:DE
            X509v3 Authority Key Identifier:
                keyid:A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:f4:18:f9:fe:b0:f1:e5:73:af:8d:dd:f4:eb:2b:e7:d8:6a:
         06:c9:b7:30:13:f3:17:41:8b:15:a7:9a:0d:96:d0:97:7b:a4:
         30:2c:b8:68:e5:fe:0a:b3:cc:52:c3:0f:16:8b:86:bc:83:28:
         2f:e2:bc:f1:41:fe:28:68:23:4f:74:dc:eb:c8:e2:31:05:71:
         7f:bd:c8:7e:3c:f1:38:a8:7d:b4:39:03:ab:5b:74:05:25:03:
         ef:8c:c8:ba:74:45:2e:b0:2c:0b:0a:4b:d3:54:34:a5:35:e8:
         fe:72:c6:97:b5:02:86:78:2c:8c:3b:b1:09:60:17:c7:76:a1:
         cc:57:00:9c:8b:8c:b5:86:a3:72:06:d6:a0:cc:4e:d2:48:5e:
         2d:d1:ae:d5:aa:1a:f2:e4:b8:01:c1:6e:1f:8a:28:9e:f8:5d:
         9b:05:ee:84:53:99:34:1e:e6:aa:36:1f:e5:28:f4:a7:a1:76:
         d5:19:c3:11:30:35:7e:7c:98:1c:65:c3:75:86:03:8e:d2:3c:
         fb:14:44:40:61:41:0f:c0:5d:d9:5e:f9:65:ed:41:72:f3:e9:
         cb:4d:da:80:fd:43:a8:af:91:4e:12:a7:6d:5c:14:74:f2:82:
         81:ce:da:5e:58:97:5c:33:26:40:42:17:d5:b2:7c:ed:40:a0:
         5b:3d:91:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoM9vIy91sNABXcnIrIC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYThjYWY2MjE3Y2ViMTBkZDhjMTQ2Zjk2YjlkNzczZWRk
ODg4NjQwHhcNMjUwOTA3MTAwMjQ1WhcNMjUwOTA4MTAwMjQ1WjAzMTEwLwYDVQQD
Eyg5YWJiNmM2YTI4MDljMmM5NDVmMTY1MGY2YzhiNDM5MGVhM2I1ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE+p2fTlYiaYxfsgwhrMGVbMYvZc
bnbu6yP0f9l1GV3AmhbaoxWD1peV0fnOMlr2qlyRwVY0u7VKCqw7OSrZN7ldRX+L
0SQD4KHNpzpeQ1NmZaFDaZEHV6NAhrKeAU0SzevfWbbdXfTjSd37hkxc+6PKU8jq
ssBBTUVfU4VbthKyu46yc2Q+xKEkJuvmPIk8cfbcStQ85WyeLfxWaN/ugqx/sg6K
4NB3LW35NQIKWjrenKpmgG3B5/4YFd0Z7XDv819fNbvLD1kXgEvyWhTVDc1yj3Hm
neO6KWu1j5lBoEa5DFyT0V1CIaqZB3vvQRF7V/eer5yqh0KKAJJ+xXTzvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJq7bGooCcLJRfFlD2yLQ5DqO13eMB8GA1UdIwQY
MBaAFKOoyvYhfOsQ3YwUb5a513Pt2IhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAt
ZTVjYmEyMTM3MzA4LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAtZTVjYmEyMTM3MzA4
LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU/QY+f6w
8eVzr43d9Osr59hqBsm3MBPzF0GLFaeaDZbQl3ukMCy4aOX+CrPMUsMPFouGvIMo
L+K88UH+KGgjT3Tc68jiMQVxf73IfjzxOKh9tDkDq1t0BSUD74zIunRFLrAsCwpL
01Q0pTXo/nLGl7UChngsjDuxCWAXx3ahzFcAnIuMtYajcgbWoMxO0kheLdGu1aoa
8uS4AcFuH4oonvhdmwXuhFOZNB7mqjYf5Sj0p6F21RnDETA1fnyYHGXDdYYDjtI8
+xREQGFBD8Bd2V75Ze1BcvPpy03agP1DqK+RThKnbVwUdPKCgc7aXliXXDMmQEIX
1bJ87UCgWz2RsQ==
-----END CERTIFICATE-----