Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          KFM07v8gwOY4qvZaNGYvbwUso2RUZMgbfEaVm5TIUmo=
Subject key identifier:   86:EC:E2:DA:75:91:97:78:6A:EC:D6:DD:6D:E6:13:26:CF:9C:AA:EF
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       0198D54E02DF888BE5C9CFD847D5A991587B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          0546
Signing time:             Sat 23 Aug 2025 05:01:56 +0000
Manifest this update:     Sat 23 Aug 2025 05:01:56 +0000
Manifest next update:     Sun 24 Aug 2025 05:01:56 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: CjxkoDz7te2c2pZA2uhWj8UHHMerjp1YWitSX1PcTyQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:02:df:88:8b:e5:c9:cf:d8:47:d5:a9:91:58:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Aug 23 05:01:56 2025 GMT
            Not After : Aug 24 05:01:56 2025 GMT
        Subject: CN=86ece2da759197786aecd6dd6de61326cf9caaef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:79:ca:20:70:fa:f1:72:fd:08:21:ac:2a:ac:
                    de:54:81:06:a0:72:c4:aa:2c:85:6d:73:ba:73:30:
                    31:3d:9b:e2:2d:68:59:4a:b7:67:55:07:67:02:f4:
                    42:01:a8:87:60:a5:b9:39:09:03:38:91:34:3f:2d:
                    73:29:64:e9:48:f0:11:4f:2b:04:60:aa:df:1b:e9:
                    16:2a:af:91:fb:3f:a2:70:6f:cb:00:61:99:41:91:
                    ec:ce:6e:95:c2:71:19:d9:50:b9:75:70:39:29:dc:
                    16:cc:c1:f0:05:29:64:23:15:46:f6:b7:89:2d:82:
                    7d:21:fd:5b:9b:fc:77:6b:3e:d2:0d:4a:30:6d:00:
                    0e:2f:34:05:41:66:1b:0d:49:d3:32:6a:95:73:7d:
                    a9:7b:85:a2:a3:a8:1d:70:81:2c:3f:8d:c2:e2:d8:
                    2a:23:7b:c2:cd:16:d2:47:75:56:fe:9a:f1:65:ef:
                    87:8e:a8:29:cd:b7:56:83:39:78:4e:75:a6:bb:b0:
                    03:9f:1c:83:34:b7:7e:75:5f:98:f0:b2:8f:8d:2f:
                    c5:6f:31:5e:f6:b9:25:4a:90:31:c7:4d:71:8f:23:
                    04:d3:63:cd:06:1b:36:90:d2:fb:81:89:de:0c:ca:
                    cb:11:e7:3d:c9:f3:82:9d:e1:cd:35:35:40:36:92:
                    5f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:EC:E2:DA:75:91:97:78:6A:EC:D6:DD:6D:E6:13:26:CF:9C:AA:EF
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:67:d4:ae:83:35:4a:7f:87:10:bd:5e:79:20:6b:3d:95:3a:
         21:e3:09:9e:7e:7d:0d:06:75:5b:c1:40:b8:f8:69:02:7a:bc:
         25:98:33:c0:2d:fc:4f:96:95:2d:bc:f4:74:dd:7e:44:d1:1e:
         9b:1a:e6:b7:3f:a4:56:07:29:d4:81:5d:8c:da:5f:48:ac:74:
         21:14:13:3b:45:b9:10:0b:08:62:41:1d:a3:6a:5f:80:52:56:
         71:d5:52:39:52:c6:7a:fe:51:ef:75:0e:43:67:d3:0f:21:e2:
         66:d4:92:b1:7a:9a:29:a2:2c:68:f0:0c:83:db:b8:cc:95:5c:
         cf:bd:30:62:ba:ac:e7:b4:f8:dc:62:31:88:48:82:96:74:10:
         4d:ce:f5:df:34:18:98:f9:2d:b0:e9:85:f9:d4:3f:6d:7a:39:
         3e:c0:46:e7:e4:13:3a:7a:08:7a:1f:1a:c7:29:ec:84:66:49:
         2a:d8:70:e2:4a:4a:d5:c8:a9:b5:4a:a5:16:eb:e7:ad:37:67:
         78:50:0e:1e:a9:72:c7:3d:eb:98:bf:01:b4:c0:58:09:ac:45:
         a8:60:31:27:d7:b7:26:44:82:1a:1e:fe:82:4f:7b:0f:a6:53:
         80:1c:6e:11:5b:1e:ea:6e:1c:7c:3c:ae:e0:03:20:2b:c9:50:
         4e:91:cb:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTgLfiIvlyc/YR9WpkVh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUwODIzMDUwMTU2WhcNMjUwODI0MDUwMTU2WjAzMTEwLwYDVQQD
Eyg4NmVjZTJkYTc1OTE5Nzc4NmFlY2Q2ZGQ2ZGU2MTMyNmNmOWNhYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3nKIHD68XL9CCGsKqzeVIEGoHLE
qiyFbXO6czAxPZviLWhZSrdnVQdnAvRCAaiHYKW5OQkDOJE0Py1zKWTpSPARTysE
YKrfG+kWKq+R+z+icG/LAGGZQZHszm6VwnEZ2VC5dXA5KdwWzMHwBSlkIxVG9reJ
LYJ9If1bm/x3az7SDUowbQAOLzQFQWYbDUnTMmqVc32pe4Wio6gdcIEsP43C4tgq
I3vCzRbSR3VW/prxZe+HjqgpzbdWgzl4TnWmu7ADnxyDNLd+dV+Y8LKPjS/FbzFe
9rklSpAxx01xjyME02PNBhs2kNL7gYneDMrLEec9yfOCneHNNTVANpJfWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbs4tp1kZd4auzW3W3mEybPnKrvMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgGfUroM1
Sn+HEL1eeSBrPZU6IeMJnn59DQZ1W8FAuPhpAnq8JZgzwC38T5aVLbz0dN1+RNEe
mxrmtz+kVgcp1IFdjNpfSKx0IRQTO0W5EAsIYkEdo2pfgFJWcdVSOVLGev5R73UO
Q2fTDyHiZtSSsXqaKaIsaPAMg9u4zJVcz70wYrqs57T43GIxiEiClnQQTc713zQY
mPktsOmF+dQ/bXo5PsBG5+QTOnoIeh8axynshGZJKthw4kpK1ciptUqlFuvnrTdn
eFAOHqlyxz3rmL8BtMBYCaxFqGAxJ9e3JkSCGh7+gk97D6ZTgBxuEVse6m4cfDyu
4AMgK8lQTpHLTA==
-----END CERTIFICATE-----