Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
File:                     0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft (raw, json)
Hash identifier:          KAPz4tF8VtmauWXOoS/Sjytdo8oU+ye2eUlHZNXJ800=
Subject key identifier:   14:8C:A9:16:ED:22:41:ED:B5:6B:C3:BF:F3:06:EA:E2:53:0E:3D:08
Authority key identifier: D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF
Certificate issuer:       /CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
Certificate serial:       019A0035357B7B4999FD55A330299F328B8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
Manifest number:          053A
Signing time:             Mon 20 Oct 2025 06:01:18 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:18 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:18 +0000
Files and hashes:         1: 0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl (hash: TOIk78FWf37eaFw1g/kII2TWo77dErP4/3//IP9xCy0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:35:7b:7b:49:99:fd:55:a3:30:29:9f:32:8b:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
        Validity
            Not Before: Oct 20 06:01:18 2025 GMT
            Not After : Oct 21 06:01:18 2025 GMT
        Subject: CN=148ca916ed2241edb56bc3bff306eae2530e3d08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:4c:b5:f0:d7:c3:21:2a:d9:d0:58:3f:56:fc:
                    a7:61:d3:c1:60:07:a6:72:0c:81:7a:44:dc:1b:b5:
                    77:f6:ac:24:eb:8d:61:1f:13:ac:37:37:63:92:bb:
                    75:cd:2d:9d:c0:af:17:5f:d2:95:a4:09:00:16:b4:
                    6c:6a:96:2a:7f:ad:60:21:c3:f8:30:42:2b:83:45:
                    77:b4:6e:77:1d:33:69:2f:54:e8:4f:91:36:6f:ba:
                    08:d9:ab:b6:79:8f:93:da:87:e9:48:dd:f7:90:d7:
                    cf:ed:da:5a:24:1d:c0:5a:82:04:b2:90:81:d4:0d:
                    14:dc:7f:04:d7:0a:f0:9b:5d:81:be:a3:de:2c:2f:
                    67:0b:2c:45:c1:8b:cf:7e:c2:e9:86:0c:9c:85:19:
                    93:e2:b4:fe:71:0d:0b:d4:6e:99:3e:de:9b:c3:8f:
                    01:5e:2b:77:c2:11:6c:37:85:62:41:d8:61:7d:35:
                    a7:4e:8e:fe:40:df:b6:5f:9d:c8:cd:49:89:a0:40:
                    ef:f5:c5:3c:2a:74:b3:d5:cc:e0:64:f6:d2:38:c3:
                    6d:ef:e4:7d:5f:44:ba:3d:8a:65:5c:af:2a:2c:72:
                    d4:73:92:17:d3:d1:b0:21:9c:64:75:16:ea:77:9a:
                    64:e5:3e:40:ec:7f:b0:7b:a9:fa:86:8f:3c:8a:2f:
                    88:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:8C:A9:16:ED:22:41:ED:B5:6B:C3:BF:F3:06:EA:E2:53:0E:3D:08
            X509v3 Authority Key Identifier:
                keyid:D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:81:a8:5f:60:c1:30:8f:db:2f:e3:7d:32:d0:09:27:c4:ed:
         46:c5:2b:b7:24:20:f8:04:8a:be:cd:96:3b:d3:0c:5c:18:5d:
         e6:53:ba:51:6d:8e:f1:08:83:3f:36:5f:e1:4d:28:14:63:a0:
         72:c8:1b:9b:c5:94:99:9e:fb:c7:b3:65:36:99:55:94:29:50:
         67:43:d1:a8:43:6f:25:fd:05:57:e9:dd:7b:a3:ff:44:f7:c5:
         cb:ac:93:a9:09:7b:04:0a:d8:dc:51:43:28:e7:58:10:3e:21:
         ea:42:ca:df:39:ce:7f:c2:87:93:3e:64:e8:c2:4f:04:1e:62:
         81:77:1b:de:4c:8a:3f:24:8c:1d:79:f8:eb:ef:2e:fb:2e:39:
         05:cf:1a:e7:c1:b2:81:e0:50:4a:b0:3d:6d:1c:06:5a:e7:d2:
         81:30:a4:af:c3:6f:07:a8:bb:bc:1b:e5:32:d6:76:e0:54:52:
         15:fb:d5:a0:15:38:4c:26:ed:22:47:13:67:3e:ad:c0:f2:dd:
         2e:2a:9d:22:ca:96:10:f1:88:21:59:16:46:e9:81:52:a4:80:
         e0:62:81:11:82:53:3a:20:76:67:79:ab:ce:25:46:a4:ea:f5:
         4f:25:1c:10:3c:05:93:d4:2b:ba:e9:40:5c:50:d4:f9:e5:64:
         6d:c9:5e:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANTV7e0mZ/VWjMCmfMouOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYjBlODY4NmY3ZGFiMWY2NGM4MGQ0MzgyYzNjNTk0OWZm
MTFkYmYwHhcNMjUxMDIwMDYwMTE4WhcNMjUxMDIxMDYwMTE4WjAzMTEwLwYDVQQD
EygxNDhjYTkxNmVkMjI0MWVkYjU2YmMzYmZmMzA2ZWFlMjUzMGUzZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0y18NfDISrZ0Fg/VvynYdPBYAem
cgyBekTcG7V39qwk641hHxOsNzdjkrt1zS2dwK8XX9KVpAkAFrRsapYqf61gIcP4
MEIrg0V3tG53HTNpL1ToT5E2b7oI2au2eY+T2ofpSN33kNfP7dpaJB3AWoIEspCB
1A0U3H8E1wrwm12BvqPeLC9nCyxFwYvPfsLphgychRmT4rT+cQ0L1G6ZPt6bw48B
Xit3whFsN4ViQdhhfTWnTo7+QN+2X53IzUmJoEDv9cU8KnSz1czgZPbSOMNt7+R9
X0S6PYplXK8qLHLUc5IX09GwIZxkdRbqd5pk5T5A7H+we6n6ho88ii+IuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSMqRbtIkHttWvDv/MG6uJTDj0IMB8GA1UdIwQY
MBaAFNGw6GhvfasfZMgNQ4LDxZSf8R2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMt
ZGJiYzI1NGQxYzZjLzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMtZGJiYzI1NGQxYzZj
LzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYGoX2DB
MI/bL+N9MtAJJ8TtRsUrtyQg+ASKvs2WO9MMXBhd5lO6UW2O8QiDPzZf4U0oFGOg
csgbm8WUmZ77x7NlNplVlClQZ0PRqENvJf0FV+nde6P/RPfFy6yTqQl7BArY3FFD
KOdYED4h6kLK3znOf8KHkz5k6MJPBB5igXcb3kyKPySMHXn46+8u+y45Bc8a58Gy
geBQSrA9bRwGWufSgTCkr8NvB6i7vBvlMtZ24FRSFfvVoBU4TCbtIkcTZz6twPLd
LiqdIsqWEPGIIVkWRumBUqSA4GKBEYJTOiB2Z3mrziVGpOr1TyUcEDwFk9QruulA
XFDU+eVkbcleqA==
-----END CERTIFICATE-----