Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          SBTv0NfZJrQm38VAFoed34G68K44L1rMzMtsglODJvg=
Subject key identifier:   CE:02:56:2E:17:0D:F0:97:47:F8:92:E2:A1:9D:61:F5:33:34:8E:F7
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       0199FC8FBA8CD9CE066C89ADE70DBE4C3C6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 13:01:41 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:41 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:41 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: O2snOpWB0rnWmhoy7kAOW/Ttz9094l/Eu9ACMHWwZC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:ba:8c:d9:ce:06:6c:89:ad:e7:0d:be:4c:3c:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Oct 19 13:01:41 2025 GMT
            Not After : Oct 20 13:01:41 2025 GMT
        Subject: CN=ce02562e170df09747f892e2a19d61f533348ef7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:d4:07:07:6f:9b:63:d4:55:e5:5a:10:be:57:
                    7a:ee:96:74:ab:01:c9:00:ca:19:8c:77:c6:03:b7:
                    91:d6:fa:2c:bc:c0:95:0a:4a:1f:96:2f:23:da:01:
                    f2:f9:82:13:dc:f0:42:aa:b9:3f:d7:62:60:3f:16:
                    d6:96:44:4c:48:7a:d7:6e:46:c3:66:e9:91:a4:c7:
                    20:48:09:4d:f8:3e:45:6a:19:11:b7:22:86:1b:89:
                    7e:42:15:54:ab:d8:e7:80:16:5f:bd:a6:f4:a1:38:
                    d5:1c:8d:5a:ae:ac:bd:cd:c1:0c:a9:49:f0:fd:50:
                    67:3a:68:0c:9d:a7:16:78:cd:f2:3f:95:5a:ad:78:
                    a8:d3:b4:29:66:1c:24:71:59:97:ef:66:f8:b5:e7:
                    9e:65:76:17:74:d7:46:a0:27:d1:b7:1f:0e:83:9c:
                    a9:ed:62:98:d6:fa:0b:dd:2c:08:cc:d7:a3:cd:55:
                    3d:40:f3:53:5a:00:4d:37:ec:60:af:60:23:32:da:
                    b7:05:27:5e:ce:75:e6:24:80:23:4b:d3:76:88:f5:
                    a6:e9:a6:b1:d0:38:e8:ee:ee:10:21:44:c7:b2:fd:
                    2f:06:52:56:d8:6d:84:68:0b:b6:f4:c1:46:0d:bc:
                    38:86:68:89:71:40:89:e8:b7:03:40:3b:b7:e7:d3:
                    bc:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:02:56:2E:17:0D:F0:97:47:F8:92:E2:A1:9D:61:F5:33:34:8E:F7
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:ca:dc:2a:1d:22:da:a6:1b:59:e7:e5:40:b6:a9:d5:89:7b:
         7e:cc:78:e7:7b:a1:98:a1:c9:a8:38:61:5d:32:cb:a7:42:ae:
         4e:5e:65:49:9b:39:65:3c:8a:6a:5e:0f:3f:d8:e0:5b:ba:cd:
         30:c1:b5:90:b0:13:aa:8f:23:d9:1f:2a:d3:df:d7:1c:a0:0a:
         76:5e:30:bf:1c:f2:8c:a5:a7:52:1c:ff:7b:84:b7:d1:27:1a:
         a0:a9:e4:65:55:ca:41:77:78:3a:e5:ea:81:d1:62:82:d8:e6:
         cc:a2:13:e6:4b:53:23:f4:81:4b:8a:81:0c:72:03:6b:17:6c:
         d1:bc:53:6f:9a:19:b1:b7:38:52:43:4d:25:47:ca:c7:d3:92:
         57:ed:d3:7a:ea:99:5c:2b:cc:f8:e6:d3:52:35:00:9c:a4:45:
         6e:e7:8d:45:5b:15:b4:d4:a4:f6:17:db:39:9a:a7:90:35:c6:
         89:f7:e8:ce:00:19:57:2e:44:4e:6e:74:4b:4b:af:68:03:6c:
         f2:b7:09:8f:2a:56:34:6a:cf:65:cf:ce:ba:43:8a:e8:d8:23:
         e8:80:93:23:d4:d7:12:d0:60:48:82:f7:11:24:ed:47:aa:19:
         a1:a9:4d:09:3e:bb:cd:49:32:3f:7b:0e:b7:28:d8:14:16:ea:
         c7:a1:e8:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j7qM2c4GbImt5w2+TDxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjUxMDE5MTMwMTQxWhcNMjUxMDIwMTMwMTQxWjAzMTEwLwYDVQQD
EyhjZTAyNTYyZTE3MGRmMDk3NDdmODkyZTJhMTlkNjFmNTMzMzQ4ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tQHB2+bY9RV5VoQvld67pZ0qwHJ
AMoZjHfGA7eR1vosvMCVCkofli8j2gHy+YIT3PBCqrk/12JgPxbWlkRMSHrXbkbD
ZumRpMcgSAlN+D5FahkRtyKGG4l+QhVUq9jngBZfvab0oTjVHI1arqy9zcEMqUnw
/VBnOmgMnacWeM3yP5VarXio07QpZhwkcVmX72b4teeeZXYXdNdGoCfRtx8Og5yp
7WKY1voL3SwIzNejzVU9QPNTWgBNN+xgr2AjMtq3BSdeznXmJIAjS9N2iPWm6aax
0Djo7u4QIUTHsv0vBlJW2G2EaAu29MFGDbw4hmiJcUCJ6LcDQDu359O85wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4CVi4XDfCXR/iS4qGdYfUzNI73MB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG8rcKh0i
2qYbWeflQLap1Yl7fsx453uhmKHJqDhhXTLLp0KuTl5lSZs5ZTyKal4PP9jgW7rN
MMG1kLATqo8j2R8q09/XHKAKdl4wvxzyjKWnUhz/e4S30ScaoKnkZVXKQXd4OuXq
gdFigtjmzKIT5ktTI/SBS4qBDHIDaxds0bxTb5oZsbc4UkNNJUfKx9OSV+3TeuqZ
XCvM+ObTUjUAnKRFbueNRVsVtNSk9hfbOZqnkDXGiffozgAZVy5ETm50S0uvaANs
8rcJjypWNGrPZc/OukOK6Ngj6ICTI9TXEtBgSIL3ESTtR6oZoalNCT67zUkyP3sO
tyjYFBbqx6Ho0w==
-----END CERTIFICATE-----