Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          K9didxqD4e8ekhgxUoPeQXDrJDo4TxJw5b23ajow3qY=
Subject key identifier:   16:8A:AD:02:16:D9:3C:5A:15:9E:46:21:D5:26:9D:3F:7B:6F:51:40
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       019921B181A8BC27CB664821BC975C2D8980
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          0952
Signing time:             Sun 07 Sep 2025 01:01:45 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:45 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:45 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: 6Jze2s3WF62Olr0ayiEunFE9G4yQhN/dURanTxIBOFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:81:a8:bc:27:cb:66:48:21:bc:97:5c:2d:89:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: Sep  7 01:01:45 2025 GMT
            Not After : Sep  8 01:01:45 2025 GMT
        Subject: CN=168aad0216d93c5a159e4621d5269d3f7b6f5140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:47:f4:db:9b:cf:90:7a:03:35:fa:f6:a1:a2:
                    b1:37:9f:cc:5d:81:7e:fa:c3:84:1e:65:5c:ac:af:
                    3a:55:ea:b9:c6:1a:3b:5b:6f:69:21:ab:d6:c7:2e:
                    c0:6a:92:63:be:83:68:9e:17:da:d5:02:03:fe:fa:
                    9d:45:2a:d2:c7:4d:eb:3e:8c:af:00:52:cf:dc:4b:
                    6e:1a:4f:d6:9a:c0:79:8f:4e:cf:cb:ea:2c:90:16:
                    3c:dc:85:af:cb:9c:09:48:5f:ae:d2:48:7d:43:7d:
                    78:f3:98:5f:4f:a6:e5:6b:2c:5c:1e:fc:71:a1:21:
                    5d:83:ed:9f:24:69:d3:46:05:06:e6:6e:2b:35:1e:
                    a9:15:ee:3a:94:67:c5:6f:bc:7d:eb:6e:93:4d:8c:
                    c1:1b:f9:41:50:9b:b1:71:3d:c9:29:dc:da:b7:ad:
                    05:e1:b2:68:eb:39:e0:2b:9d:a8:54:44:b5:63:b3:
                    be:1b:2a:a0:4b:00:a1:8d:88:af:e5:9c:c2:29:fd:
                    f2:41:29:c8:fa:32:27:41:9b:29:8f:50:4c:02:7b:
                    24:f9:17:f6:76:45:70:47:bd:eb:8d:bb:45:a9:15:
                    ad:e1:e6:54:55:db:db:85:6d:84:f5:b6:25:74:13:
                    8b:e4:62:60:01:6b:a7:24:ea:e5:f3:60:9b:ad:28:
                    b6:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:8A:AD:02:16:D9:3C:5A:15:9E:46:21:D5:26:9D:3F:7B:6F:51:40
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:02:9a:12:30:28:be:a2:af:1a:66:fc:bc:d9:2a:73:2f:12:
         36:f9:3e:da:ce:8b:03:42:9d:8c:f1:80:0e:99:fa:1b:a1:ef:
         bd:5c:7f:ec:2e:ec:7b:1f:36:10:49:dd:4d:26:4d:79:15:6e:
         6d:45:7f:84:63:6c:96:95:37:8d:53:42:02:5e:eb:61:6d:f3:
         e3:e9:37:a6:e4:91:85:a4:69:cf:ce:6a:6b:19:95:95:5f:57:
         01:e0:90:66:99:a1:91:41:19:ce:cf:bf:57:71:0e:4c:63:4d:
         d9:35:13:05:9a:51:6b:dd:79:40:9a:49:9a:9f:66:19:bc:af:
         e1:0a:e4:93:a8:13:62:4f:84:45:ec:f1:db:39:1d:df:ee:a6:
         f2:2f:1a:3d:aa:90:13:59:83:ff:6c:b9:0a:0c:5c:1b:2d:ee:
         5c:70:19:64:18:55:75:44:ea:62:2b:65:97:63:99:ae:df:30:
         b4:5f:e5:40:b5:5a:28:43:ed:9a:17:45:23:0a:94:57:05:78:
         92:7d:d4:c1:98:41:87:1a:03:87:bc:1d:48:7b:06:fe:9c:75:
         ec:8d:66:f3:d5:1e:67:c1:60:8b:0e:93:c3:eb:d7:3f:43:68:
         48:d5:4e:a2:82:da:a8:48:f6:f2:45:3b:7e:e1:c9:5d:3f:ca:
         0c:db:fd:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsYGovCfLZkghvJdcLYmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjUwOTA3MDEwMTQ1WhcNMjUwOTA4MDEwMTQ1WjAzMTEwLwYDVQQD
EygxNjhhYWQwMjE2ZDkzYzVhMTU5ZTQ2MjFkNTI2OWQzZjdiNmY1MTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ef025vPkHoDNfr2oaKxN5/MXYF+
+sOEHmVcrK86Veq5xho7W29pIavWxy7AapJjvoNonhfa1QID/vqdRSrSx03rPoyv
AFLP3EtuGk/WmsB5j07Py+oskBY83IWvy5wJSF+u0kh9Q31485hfT6blayxcHvxx
oSFdg+2fJGnTRgUG5m4rNR6pFe46lGfFb7x9626TTYzBG/lBUJuxcT3JKdzat60F
4bJo6zngK52oVES1Y7O+GyqgSwChjYiv5ZzCKf3yQSnI+jInQZspj1BMAnsk+Rf2
dkVwR73rjbtFqRWt4eZUVdvbhW2E9bYldBOL5GJgAWunJOrl82CbrSi2EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBaKrQIW2TxaFZ5GIdUmnT97b1FAMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXQKaEjAo
vqKvGmb8vNkqcy8SNvk+2s6LA0KdjPGADpn6G6HvvVx/7C7sex82EEndTSZNeRVu
bUV/hGNslpU3jVNCAl7rYW3z4+k3puSRhaRpz85qaxmVlV9XAeCQZpmhkUEZzs+/
V3EOTGNN2TUTBZpRa915QJpJmp9mGbyv4Qrkk6gTYk+ERezx2zkd3+6m8i8aPaqQ
E1mD/2y5CgxcGy3uXHAZZBhVdUTqYitll2OZrt8wtF/lQLVaKEPtmhdFIwqUVwV4
kn3UwZhBhxoDh7wdSHsG/px17I1m89UeZ8Fgiw6Tw+vXP0NoSNVOooLaqEj28kU7
fuHJXT/KDNv9bQ==
-----END CERTIFICATE-----