Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
File:                     tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json)
Hash identifier:          cUht2Ay/SVDpHQ5mrc+ft4KiRqnuih736gN1jty/jLE=
Subject key identifier:   2E:CA:9F:EA:B7:A8:F0:D1:3F:73:44:A4:B5:7A:6B:A1:F9:6B:0E:63
Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
Certificate issuer:       /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Certificate serial:       0199FE471B75D5F4391826BB4ED81DDF1361
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
Manifest number:          08F8
Signing time:             Sun 19 Oct 2025 21:01:36 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:36 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:36 +0000
Files and hashes:         1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: y/zKoRVxMihpxipgk7l1RWw5zJRi6gyHj0WcdkhpQcU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:1b:75:d5:f4:39:18:26:bb:4e:d8:1d:df:13:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
        Validity
            Not Before: Oct 19 21:01:36 2025 GMT
            Not After : Oct 20 21:01:36 2025 GMT
        Subject: CN=2eca9feab7a8f0d13f7344a4b57a6ba1f96b0e63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:c8:67:2e:bc:9a:f1:90:fd:f5:45:5b:0c:44:
                    e0:ce:f2:4c:05:d7:fb:79:13:c1:f2:85:1f:14:1b:
                    5b:a2:3d:c0:f8:8d:33:40:a5:5e:d0:45:71:ff:85:
                    d0:1f:6d:ab:ce:0a:eb:ad:6d:eb:bc:8e:b5:97:3d:
                    5b:17:aa:1a:02:c9:1a:08:7d:81:bd:0c:1b:5f:5f:
                    ac:fc:82:07:bd:d6:98:72:5a:54:11:28:94:77:e1:
                    a2:76:1b:c5:0e:e5:1b:18:48:8c:26:5c:93:f9:3f:
                    ca:12:e1:5b:1d:a0:19:35:18:ba:2d:d1:b0:b8:c9:
                    fe:be:f2:68:ff:83:a3:b3:5c:a1:9a:da:0b:3e:02:
                    93:7e:68:d9:e0:44:2a:e2:9d:75:e7:68:49:d5:73:
                    8e:59:1a:7c:5f:2a:1d:a0:31:05:12:fa:09:15:f0:
                    de:57:8a:93:85:e3:2d:89:04:3a:d1:8a:cb:01:0a:
                    29:df:f3:28:12:16:a2:1b:5e:b9:db:15:34:de:92:
                    17:0c:11:c1:41:49:74:83:1d:ae:c3:fe:0f:4b:f9:
                    bc:2b:2a:9a:dc:2e:46:86:b3:9f:29:c0:4b:37:89:
                    cf:4a:a3:9b:d6:95:41:ab:f1:ab:b7:ea:0c:70:8b:
                    fb:7c:04:e1:34:1e:94:2e:78:5d:3f:5d:05:b2:3d:
                    cf:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:CA:9F:EA:B7:A8:F0:D1:3F:73:44:A4:B5:7A:6B:A1:F9:6B:0E:63
            X509v3 Authority Key Identifier:
                keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:01:d5:ed:32:92:d7:ac:46:07:4b:31:bb:15:b9:9f:71:35:
         c3:3b:25:e5:87:f5:aa:75:9b:6f:1a:9b:c9:60:95:8a:29:66:
         c6:e8:76:fc:36:f6:83:31:38:f7:f6:db:fc:e6:c1:56:32:24:
         6c:e8:29:ff:27:9e:18:52:c6:81:99:2a:9c:b3:20:9e:42:a8:
         5c:f2:20:70:8e:df:59:f4:64:3c:c0:22:0e:71:a8:ce:82:8c:
         6f:45:0b:78:3c:7f:a4:79:fb:a2:6f:23:10:b1:b9:71:78:fa:
         71:d0:ef:1a:6a:43:7d:34:de:ef:4b:0e:1c:dd:a4:8b:b3:14:
         d0:fd:ef:4f:2a:82:b0:25:0d:81:07:0a:8e:da:22:90:d3:9e:
         3b:5c:f9:bb:c0:d0:75:5e:a3:55:bf:c2:d5:e9:ef:31:43:69:
         92:16:6f:71:16:b4:5a:5e:90:83:3b:4b:7d:3c:c1:40:62:ae:
         d2:bd:62:14:22:b6:fb:d9:02:de:65:bb:39:8f:83:7e:70:eb:
         8b:f3:43:b7:45:a7:d4:fc:74:df:08:c5:e7:bd:a1:9a:c9:ec:
         73:90:38:89:81:0a:83:71:0b:c5:83:2f:0c:86:9f:13:25:80:
         f1:c5:28:0e:53:bf:50:59:83:f3:71:ac:51:aa:b4:7f:5a:e6:
         77:19:43:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+Rxt11fQ5GCa7Ttgd3xNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl
YTNjZDgwHhcNMjUxMDE5MjEwMTM2WhcNMjUxMDIwMjEwMTM2WjAzMTEwLwYDVQQD
EygyZWNhOWZlYWI3YThmMGQxM2Y3MzQ0YTRiNTdhNmJhMWY5NmIwZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5chnLrya8ZD99UVbDETgzvJMBdf7
eRPB8oUfFBtboj3A+I0zQKVe0EVx/4XQH22rzgrrrW3rvI61lz1bF6oaAskaCH2B
vQwbX1+s/IIHvdaYclpUESiUd+GidhvFDuUbGEiMJlyT+T/KEuFbHaAZNRi6LdGw
uMn+vvJo/4Ojs1yhmtoLPgKTfmjZ4EQq4p1152hJ1XOOWRp8XyodoDEFEvoJFfDe
V4qTheMtiQQ60YrLAQop3/MoEhaiG1652xU03pIXDBHBQUl0gx2uw/4PS/m8Kyqa
3C5GhrOfKcBLN4nPSqOb1pVBq/Grt+oMcIv7fAThNB6ULnhdP10Fsj3PgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7Kn+q3qPDRP3NEpLV6a6H5aw5jMB8GA1UdIwQY
MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt
MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3
LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdQHV7TKS
16xGB0sxuxW5n3E1wzsl5Yf1qnWbbxqbyWCViilmxuh2/Db2gzE49/bb/ObBVjIk
bOgp/yeeGFLGgZkqnLMgnkKoXPIgcI7fWfRkPMAiDnGozoKMb0ULeDx/pHn7om8j
ELG5cXj6cdDvGmpDfTTe70sOHN2ki7MU0P3vTyqCsCUNgQcKjtoikNOeO1z5u8DQ
dV6jVb/C1envMUNpkhZvcRa0Wl6QgztLfTzBQGKu0r1iFCK2+9kC3mW7OY+DfnDr
i/NDt0Wn1Px03wjF572hmsnsc5A4iYEKg3ELxYMvDIafEyWA8cUoDlO/UFmD83Gs
Uaq0f1rmdxlDQg==
-----END CERTIFICATE-----