Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          PH7aQJAqX2vN7f40Y39zztB/2Lz7QLvzEHQeRPBMWQc=
Subject key identifier:   FF:18:04:0B:28:E2:16:36:35:CF:87:67:D4:EE:66:66:38:2F:58:C3
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       0199FAD7F44D500C620267641D2B1C79F6C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          05DE
Signing time:             Sun 19 Oct 2025 05:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:20 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: 2LkwK1fW69MeeokNCRrf4YlpMdMWi1aq746Qt4y+Q+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:f4:4d:50:0c:62:02:67:64:1d:2b:1c:79:f6:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Oct 19 05:01:20 2025 GMT
            Not After : Oct 20 05:01:20 2025 GMT
        Subject: CN=ff18040b28e2163635cf8767d4ee6666382f58c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:4d:14:f7:de:3b:28:34:e3:02:b2:42:96:b7:
                    14:7b:b3:a2:af:22:6b:e7:98:b5:b4:45:73:ae:94:
                    3f:3d:7d:d5:f1:7d:40:5e:6c:5f:f1:85:19:d6:06:
                    d8:11:7a:66:e7:11:be:ad:52:b5:d9:41:10:13:5e:
                    03:1f:2d:92:02:e3:c2:2a:4b:00:54:65:58:ef:97:
                    da:7a:9d:d4:15:e5:b0:5a:34:83:2b:5b:53:50:8d:
                    e2:ed:02:4e:a3:d4:ac:4f:2b:2d:d3:b2:9d:79:2f:
                    d5:f1:a7:9e:ff:1c:47:0e:90:98:7b:28:f7:a8:05:
                    12:dc:7a:d3:ee:bb:e9:87:3a:9d:48:46:22:e3:c8:
                    70:7f:72:28:e8:de:ed:5d:22:8b:73:c3:a2:2a:de:
                    8f:bc:06:d0:62:45:04:82:82:41:04:96:5c:f3:3d:
                    fd:52:de:30:9a:24:0d:31:39:94:4d:18:2d:fe:30:
                    b7:ab:42:e4:be:57:a4:00:45:a7:8f:07:1e:a9:7d:
                    0b:ea:30:49:4a:28:55:08:41:e5:32:d8:33:cb:56:
                    c1:03:8d:60:27:45:5a:54:03:70:cb:74:01:f2:1e:
                    30:d5:5e:97:c6:ff:4c:0a:81:20:b3:ef:ae:47:20:
                    26:68:4d:de:a5:15:b3:3f:8d:b9:81:ee:3d:d4:d5:
                    c2:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:18:04:0B:28:E2:16:36:35:CF:87:67:D4:EE:66:66:38:2F:58:C3
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:9f:f1:21:80:82:67:24:95:f0:a2:3c:14:00:24:b5:46:d5:
         ab:8a:f5:95:6e:25:d9:9f:55:bb:95:3b:64:a8:82:74:b4:e3:
         67:85:9a:af:47:31:bd:72:32:48:62:5d:76:24:70:b0:79:62:
         47:7c:24:3a:92:29:8d:1f:1d:4b:3c:45:3d:69:6e:de:d4:23:
         70:00:f5:43:29:bd:40:2a:76:4f:28:a0:11:37:31:e0:3e:81:
         ed:2b:17:28:4f:41:4a:9c:d8:fe:1b:1e:85:35:a2:1e:28:e8:
         e3:df:86:7b:57:88:0b:e4:44:7a:90:f7:0c:be:1d:34:27:ea:
         02:e9:12:23:f1:2d:e7:6a:c1:85:78:36:60:1f:8f:0c:e6:70:
         5f:b6:8f:c9:33:43:a7:fb:78:30:fe:82:36:98:c1:bd:7a:65:
         61:a7:92:3e:f5:d7:7f:72:61:84:24:a8:18:ae:08:e8:dc:33:
         78:2f:9d:ef:8f:fd:a9:1c:db:85:90:ea:d0:32:e9:12:21:e8:
         3b:31:b4:5b:c5:68:a0:61:b6:cc:d0:63:73:c2:9c:f6:f6:6f:
         d2:4e:88:27:b7:f0:c2:db:97:61:44:b7:09:17:c3:36:78:0e:
         ef:79:67:33:9c:7e:b4:34:33:17:c1:62:96:ea:8c:f7:f9:bd:
         0f:cf:2b:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn61/RNUAxiAmdkHSscefbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUxMDE5MDUwMTIwWhcNMjUxMDIwMDUwMTIwWjAzMTEwLwYDVQQD
EyhmZjE4MDQwYjI4ZTIxNjM2MzVjZjg3NjdkNGVlNjY2NjM4MmY1OGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE0U9947KDTjArJClrcUe7OiryJr
55i1tEVzrpQ/PX3V8X1AXmxf8YUZ1gbYEXpm5xG+rVK12UEQE14DHy2SAuPCKksA
VGVY75faep3UFeWwWjSDK1tTUI3i7QJOo9SsTyst07KdeS/V8aee/xxHDpCYeyj3
qAUS3HrT7rvphzqdSEYi48hwf3Io6N7tXSKLc8OiKt6PvAbQYkUEgoJBBJZc8z39
Ut4wmiQNMTmUTRgt/jC3q0LkvlekAEWnjwceqX0L6jBJSihVCEHlMtgzy1bBA41g
J0VaVANwy3QB8h4w1V6Xxv9MCoEgs++uRyAmaE3epRWzP425ge491NXCswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8YBAso4hY2Nc+HZ9TuZmY4L1jDMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJ/xIYCC
ZySV8KI8FAAktUbVq4r1lW4l2Z9Vu5U7ZKiCdLTjZ4War0cxvXIySGJddiRwsHli
R3wkOpIpjR8dSzxFPWlu3tQjcAD1Qym9QCp2TyigETcx4D6B7SsXKE9BSpzY/hse
hTWiHijo49+Ge1eIC+REepD3DL4dNCfqAukSI/Et52rBhXg2YB+PDOZwX7aPyTND
p/t4MP6CNpjBvXplYaeSPvXXf3JhhCSoGK4I6NwzeC+d74/9qRzbhZDq0DLpEiHo
OzG0W8VooGG2zNBjc8Kc9vZv0k6IJ7fwwtuXYUS3CRfDNngO73lnM5x+tDQzF8Fi
luqM9/m9D88rgA==
-----END CERTIFICATE-----