Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
File:                     OUjkpbK65iNUmZE9y-wE38pTHpA.mft (raw, json)
Hash identifier:          6Bj1U5ZNwk1DhkGswP+sCy0oG6LH1ltbuaxxea19IKA=
Subject key identifier:   1E:93:45:83:37:87:51:55:BD:33:26:C4:29:DD:D1:9C:12:FE:AB:EE
Authority key identifier: 39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90
Certificate issuer:       /CN=3948e4a5b2bae6235499913dcbec04dfca531e90
Certificate serial:       0198D5162BCE68F1D20E64A900D58D04B912
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
Manifest number:          151B
Signing time:             Sat 23 Aug 2025 04:00:56 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:56 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:56 +0000
Files and hashes:         1: OUjkpbK65iNUmZE9y-wE38pTHpA.crl (hash: F0zB36O9qeUSL0+6abUrwhnoks+rXx+KUR4i7CQ8q98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:2b:ce:68:f1:d2:0e:64:a9:00:d5:8d:04:b9:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3948e4a5b2bae6235499913dcbec04dfca531e90
        Validity
            Not Before: Aug 23 04:00:56 2025 GMT
            Not After : Aug 24 04:00:56 2025 GMT
        Subject: CN=1e93458337875155bd3326c429ddd19c12feabee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:53:2a:25:f1:00:fc:b7:07:72:bc:7d:3c:a2:
                    48:d1:53:47:bf:16:cd:11:d8:a4:76:79:25:75:f4:
                    23:d1:fe:82:46:25:04:43:00:a2:2c:18:8f:28:ac:
                    2b:83:3e:94:81:32:a6:17:e7:e8:0a:f4:2c:e2:87:
                    ef:37:19:b1:e8:0b:0a:44:66:3d:7a:b7:f1:53:a1:
                    dd:a5:d5:c3:83:2a:9a:be:0c:9e:25:15:f6:0a:30:
                    07:29:f8:7f:9f:4d:90:a6:07:27:b0:f7:d0:37:fe:
                    44:7a:d5:34:6e:93:ee:72:3b:a4:5f:57:58:2d:9b:
                    bb:a5:bb:da:3b:b1:2c:1f:68:e5:75:a9:cd:37:c1:
                    dc:f7:34:b7:80:43:9b:27:e1:9e:79:d3:61:9c:e5:
                    d4:0a:1f:38:80:69:92:a8:75:90:7f:eb:90:22:6a:
                    7b:fb:58:10:0d:ae:40:35:4a:d6:f3:4a:ee:0f:b8:
                    f9:ba:ec:ae:f0:4c:a4:27:c7:dd:50:be:50:b8:ca:
                    c7:b2:a1:1a:02:c8:fb:e6:b9:5c:aa:a1:ba:12:d6:
                    be:43:69:58:bc:14:a4:f2:97:57:80:ac:93:a5:88:
                    81:33:70:31:54:87:dd:36:19:6f:fd:35:be:b9:b9:
                    9f:2d:1c:57:16:3e:cd:19:fa:f5:2d:f8:be:1d:c5:
                    db:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:93:45:83:37:87:51:55:BD:33:26:C4:29:DD:D1:9C:12:FE:AB:EE
            X509v3 Authority Key Identifier:
                keyid:39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:86:66:1c:1e:83:31:b9:4a:47:28:26:2f:a8:69:31:ab:e2:
         8e:bc:44:f4:d4:fe:b3:8c:6d:e7:1c:80:fe:f6:9e:6a:ad:1c:
         b3:36:14:b4:92:35:58:0b:8a:fb:cd:6b:11:c5:a2:b9:55:32:
         3d:a3:bf:61:45:46:0d:e1:39:db:92:38:73:b6:1e:47:f2:25:
         be:ce:50:a1:d9:6f:9a:d7:80:83:30:4a:f0:78:0c:66:02:f9:
         67:cb:c2:68:4a:a6:72:64:b6:35:f6:5a:15:e1:50:d8:32:7e:
         90:7c:c4:4b:69:1a:ed:80:60:d1:c7:81:17:d3:38:59:4e:31:
         93:b5:25:69:f8:8c:40:98:73:7f:6d:0f:18:67:82:18:c7:9b:
         08:b9:7b:9c:a8:97:f7:5a:bf:a5:88:7f:74:9a:d5:63:f7:20:
         3f:2b:df:ae:e0:d2:9a:ac:6a:9c:94:4d:e2:0d:cd:8d:7a:7e:
         01:19:dd:cb:d6:0f:2d:25:b5:28:fd:f9:63:ad:62:4e:97:c2:
         dc:d7:af:b2:de:93:4c:02:7a:fc:86:08:a9:fc:d3:94:13:10:
         d8:0a:be:f3:15:13:17:a1:ee:08:cf:eb:93:bf:d8:67:8f:de:
         df:5f:88:af:50:98:fb:09:ff:82:17:7d:f9:3c:29:28:fa:da:
         a4:c1:0c:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFivOaPHSDmSpANWNBLkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDhlNGE1YjJiYWU2MjM1NDk5OTEzZGNiZWMwNGRmY2E1
MzFlOTAwHhcNMjUwODIzMDQwMDU2WhcNMjUwODI0MDQwMDU2WjAzMTEwLwYDVQQD
EygxZTkzNDU4MzM3ODc1MTU1YmQzMzI2YzQyOWRkZDE5YzEyZmVhYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1MqJfEA/LcHcrx9PKJI0VNHvxbN
EdikdnkldfQj0f6CRiUEQwCiLBiPKKwrgz6UgTKmF+foCvQs4ofvNxmx6AsKRGY9
erfxU6HdpdXDgyqavgyeJRX2CjAHKfh/n02QpgcnsPfQN/5EetU0bpPucjukX1dY
LZu7pbvaO7EsH2jldanNN8Hc9zS3gEObJ+GeedNhnOXUCh84gGmSqHWQf+uQImp7
+1gQDa5ANUrW80ruD7j5uuyu8EykJ8fdUL5QuMrHsqEaAsj75rlcqqG6Eta+Q2lY
vBSk8pdXgKyTpYiBM3AxVIfdNhlv/TW+ubmfLRxXFj7NGfr1Lfi+HcXb2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6TRYM3h1FVvTMmxCnd0ZwS/qvuMB8GA1UdIwQY
MBaAFDlI5KWyuuYjVJmRPcvsBN/KUx6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUt
ZjY1MGU1MDdhNzZkLzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUtZjY1MGU1MDdhNzZk
LzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFIZmHB6D
MblKRygmL6hpMavijrxE9NT+s4xt5xyA/vaeaq0cszYUtJI1WAuK+81rEcWiuVUy
PaO/YUVGDeE525I4c7YeR/Ilvs5QodlvmteAgzBK8HgMZgL5Z8vCaEqmcmS2NfZa
FeFQ2DJ+kHzES2ka7YBg0ceBF9M4WU4xk7UlafiMQJhzf20PGGeCGMebCLl7nKiX
91q/pYh/dJrVY/cgPyvfruDSmqxqnJRN4g3NjXp+ARndy9YPLSW1KP35Y61iTpfC
3Nevst6TTAJ6/IYIqfzTlBMQ2Aq+8xUTF6HuCM/rk7/YZ4/e31+Ir1CY+wn/ghd9
+TwpKPrapMEMpA==
-----END CERTIFICATE-----