Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          iAxsPSTuobEzEkouvHUZyasKscjNDxVbYvTYVgIaS1o=
Subject key identifier:   47:46:E0:85:40:06:E2:A3:CF:89:B0:C0:D7:CC:1C:A8:00:C4:E5:2E
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       0198D65F69C32CBE9D66929716457A1F6E5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          161A
Signing time:             Sat 23 Aug 2025 10:00:33 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:33 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:33 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: PaOj1QblFO34lavbTIY0xGpQuGPFy376ymqy+IyhcmI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:69:c3:2c:be:9d:66:92:97:16:45:7a:1f:6e:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Aug 23 10:00:33 2025 GMT
            Not After : Aug 24 10:00:33 2025 GMT
        Subject: CN=4746e0854006e2a3cf89b0c0d7cc1ca800c4e52e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:1e:cf:77:14:18:d6:36:6b:cf:95:d5:98:e8:
                    40:66:81:4b:49:e3:dd:6f:f1:fb:27:a1:48:e0:85:
                    e1:ce:94:a4:26:96:ff:29:3c:24:18:7d:e2:2a:f0:
                    41:2d:a9:87:7f:4a:fb:39:c1:e6:27:4c:d4:ab:81:
                    d4:7c:6f:85:c7:72:c1:0e:a6:69:ed:75:ac:66:35:
                    6d:6e:82:cb:c8:75:e3:b7:53:24:c1:75:cd:78:c2:
                    23:cc:94:d9:0e:39:4a:5b:31:4f:75:53:2e:aa:3f:
                    cc:b3:64:2b:1a:5a:35:c1:38:9d:14:0d:ca:35:0c:
                    1e:c3:bc:b2:83:a0:12:16:7b:c8:69:f3:5e:a5:e7:
                    b3:ce:23:ad:29:e3:8d:9e:fe:f1:14:16:8d:c7:f2:
                    6a:2e:d6:e7:e7:01:ba:57:b6:c9:a2:82:e3:67:70:
                    82:58:4c:96:34:2e:60:40:e5:f1:47:45:e2:28:2d:
                    ad:d8:55:c9:0a:23:24:32:42:03:18:65:da:22:54:
                    14:02:e1:26:16:29:30:9d:88:ea:3b:2e:33:72:84:
                    45:de:f4:4a:1b:a0:d0:70:46:bd:2c:70:74:fb:8b:
                    df:fb:27:77:61:a8:23:32:cb:20:bd:ed:a7:35:d4:
                    79:1b:76:c1:8c:30:f8:72:2e:ab:5b:4b:cc:50:1a:
                    82:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:46:E0:85:40:06:E2:A3:CF:89:B0:C0:D7:CC:1C:A8:00:C4:E5:2E
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:85:a3:6e:92:60:f2:8e:ee:78:f1:4f:64:60:25:af:92:17:
         ab:b2:9b:79:3f:36:45:93:ac:8d:37:b7:2b:b2:2f:bd:48:68:
         90:7e:e2:b9:fd:13:00:22:63:48:ae:3a:4d:63:64:a4:7b:9b:
         d1:4f:4f:27:5a:b4:ec:46:83:52:ce:7a:fc:35:9b:3d:fe:74:
         71:ae:8a:28:40:ff:9a:bd:0e:dd:7d:7e:3e:e0:dc:ec:a1:c1:
         8e:43:f7:96:87:7b:63:3d:23:11:27:89:51:34:37:9c:d3:78:
         f5:8b:8c:c9:49:62:9c:eb:02:8e:34:b7:1c:d8:59:4b:fa:a6:
         34:d9:ee:b5:cb:79:15:a3:0f:2c:85:d6:72:8b:db:74:37:1f:
         e1:2d:1c:c1:d6:e6:b3:c3:06:ad:59:a1:85:c5:f2:1b:0b:d3:
         69:f7:8c:2e:07:63:5a:c7:fc:88:0e:42:e3:d9:0e:94:7d:d1:
         23:32:84:03:51:34:b7:b9:ae:71:23:78:aa:e4:8f:ff:e3:a0:
         13:37:d3:cd:c1:c7:42:8a:7c:56:84:30:51:7c:ae:26:00:29:
         dd:6c:e8:bb:0f:3c:0e:51:ad:d4:c4:39:02:2a:2b:23:ca:20:
         39:79:f4:4f:14:b8:19:e5:ed:96:04:47:cf:e2:00:84:4d:11:
         0b:7f:a1:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX2nDLL6dZpKXFkV6H25dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjUwODIzMTAwMDMzWhcNMjUwODI0MTAwMDMzWjAzMTEwLwYDVQQD
Eyg0NzQ2ZTA4NTQwMDZlMmEzY2Y4OWIwYzBkN2NjMWNhODAwYzRlNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR7PdxQY1jZrz5XVmOhAZoFLSePd
b/H7J6FI4IXhzpSkJpb/KTwkGH3iKvBBLamHf0r7OcHmJ0zUq4HUfG+Fx3LBDqZp
7XWsZjVtboLLyHXjt1MkwXXNeMIjzJTZDjlKWzFPdVMuqj/Ms2QrGlo1wTidFA3K
NQwew7yyg6ASFnvIafNepeezziOtKeONnv7xFBaNx/JqLtbn5wG6V7bJooLjZ3CC
WEyWNC5gQOXxR0XiKC2t2FXJCiMkMkIDGGXaIlQUAuEmFikwnYjqOy4zcoRF3vRK
G6DQcEa9LHB0+4vf+yd3YagjMssgve2nNdR5G3bBjDD4ci6rW0vMUBqC9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdG4IVABuKjz4mwwNfMHKgAxOUuMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK4WjbpJg
8o7uePFPZGAlr5IXq7KbeT82RZOsjTe3K7IvvUhokH7iuf0TACJjSK46TWNkpHub
0U9PJ1q07EaDUs56/DWbPf50ca6KKED/mr0O3X1+PuDc7KHBjkP3lod7Yz0jESeJ
UTQ3nNN49YuMyUlinOsCjjS3HNhZS/qmNNnutct5FaMPLIXWcovbdDcf4S0cwdbm
s8MGrVmhhcXyGwvTafeMLgdjWsf8iA5C49kOlH3RIzKEA1E0t7mucSN4quSP/+Og
EzfTzcHHQop8VoQwUXyuJgAp3Wzouw88DlGt1MQ5AiorI8ogOXn0TxS4GeXtlgRH
z+IAhE0RC3+huA==
-----END CERTIFICATE-----