Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
File:                     OUjkpbK65iNUmZE9y-wE38pTHpA.mft (raw, json)
Hash identifier:          6LxHSkE+REseIIwFbuTuHDXLqn5ywEPiKvbLD0aYZH8=
Subject key identifier:   33:0B:CA:3F:EE:5A:52:AC:B6:2E:93:D6:52:51:F4:C7:D2:89:FB:3B
Authority key identifier: 39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90
Certificate issuer:       /CN=3948e4a5b2bae6235499913dcbec04dfca531e90
Certificate serial:       0199FAA10B57C8FB0AB449DA7130A69AF058
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
Manifest number:          15B3
Signing time:             Sun 19 Oct 2025 04:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 04:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 04:01:22 +0000
Files and hashes:         1: OUjkpbK65iNUmZE9y-wE38pTHpA.crl (hash: KkvGnUYWFgNzB0ymA7tRHu+URJ9aeQ7WHyEcuz4yr/I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 04:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:a1:0b:57:c8:fb:0a:b4:49:da:71:30:a6:9a:f0:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3948e4a5b2bae6235499913dcbec04dfca531e90
        Validity
            Not Before: Oct 19 04:01:22 2025 GMT
            Not After : Oct 20 04:01:22 2025 GMT
        Subject: CN=330bca3fee5a52acb62e93d65251f4c7d289fb3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:e4:61:aa:aa:ef:70:de:7f:b1:12:e9:ee:12:
                    90:a9:d4:30:f7:67:ed:4c:a1:c3:66:b5:0a:19:9c:
                    1b:e6:5b:46:c6:3c:a7:d1:c1:65:aa:92:5b:c9:13:
                    49:65:16:a0:2a:a5:99:ff:57:d1:2f:12:fd:35:79:
                    eb:4a:26:95:cc:63:e0:fc:5e:72:e6:8b:d9:2b:5b:
                    0a:37:10:1d:d1:3e:fe:f2:18:b0:10:73:6a:a3:fe:
                    38:5c:33:dc:c4:f1:52:31:26:20:f7:87:d7:0e:b1:
                    e0:2f:a3:54:ec:7f:c8:0e:a9:f9:ae:37:a9:eb:17:
                    65:51:b9:be:89:20:de:58:64:54:f1:fb:90:ac:17:
                    22:90:c2:02:83:4e:7d:0b:8b:c6:ad:db:fd:0e:bb:
                    59:62:d1:5b:87:bc:7d:84:30:cf:0f:26:bb:8a:0a:
                    1d:a7:5e:35:52:f0:38:cd:c7:38:92:75:84:b6:a8:
                    e5:c9:48:f5:18:63:83:43:71:4e:7a:78:6a:37:b8:
                    bc:15:76:de:32:99:8b:5d:0e:19:21:10:9c:dd:f0:
                    32:8f:25:eb:3d:56:d4:41:70:a5:95:d9:69:df:8b:
                    91:20:80:c5:2e:31:28:0f:dd:46:3d:df:7e:df:3c:
                    33:c1:16:ce:ba:39:b9:7b:f5:f0:bb:d5:98:37:58:
                    f5:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:0B:CA:3F:EE:5A:52:AC:B6:2E:93:D6:52:51:F4:C7:D2:89:FB:3B
            X509v3 Authority Key Identifier:
                keyid:39:48:E4:A5:B2:BA:E6:23:54:99:91:3D:CB:EC:04:DF:CA:53:1E:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUjkpbK65iNUmZE9y-wE38pTHpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b1c3f3-7a40-432c-b41e-f650e507a76d/1/OUjkpbK65iNUmZE9y-wE38pTHpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:de:7f:fb:66:5e:3d:db:84:11:d5:cb:9c:0d:88:4c:15:0f:
         b3:4e:fc:db:5f:4d:eb:eb:7f:37:bc:cb:94:dc:99:5c:f7:67:
         11:3b:c7:c9:fd:cb:ee:f6:e2:00:63:06:24:9e:c0:7c:5e:4b:
         bf:cd:24:2c:ac:8c:f6:d8:2b:67:1c:13:d3:25:b7:5e:a0:32:
         9c:5e:0e:86:8d:76:b4:01:72:70:db:18:92:88:d9:87:9d:1c:
         17:36:f1:a0:22:7d:e1:48:a7:d3:e1:38:b8:f2:6b:9f:7a:a9:
         b5:63:79:e7:57:51:79:82:b9:0a:fd:a0:45:3e:c2:79:dc:fa:
         4d:24:e2:a5:62:fc:8a:63:f5:54:a1:74:30:76:ff:31:a2:14:
         62:ce:e4:02:30:ba:9d:7c:27:1e:bf:85:e0:cd:bf:9a:c8:5f:
         96:2d:14:79:f2:b7:49:5f:0e:9e:4b:7a:18:39:a2:e6:81:77:
         58:22:0a:67:92:fe:b6:7b:3a:e2:6e:c0:09:fc:a2:43:e5:5e:
         60:82:b6:75:7d:02:a4:fb:4e:02:1d:f7:e1:66:ec:5b:dc:98:
         46:4c:99:99:39:42:a8:44:91:02:d7:21:af:0d:9c:96:7a:50:
         ac:89:15:03:50:2e:19:60:dc:84:df:22:0d:c4:91:e6:e3:62:
         3e:ab:9f:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oQtXyPsKtEnacTCmmvBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NDhlNGE1YjJiYWU2MjM1NDk5OTEzZGNiZWMwNGRmY2E1
MzFlOTAwHhcNMjUxMDE5MDQwMTIyWhcNMjUxMDIwMDQwMTIyWjAzMTEwLwYDVQQD
EygzMzBiY2EzZmVlNWE1MmFjYjYyZTkzZDY1MjUxZjRjN2QyODlmYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+RhqqrvcN5/sRLp7hKQqdQw92ft
TKHDZrUKGZwb5ltGxjyn0cFlqpJbyRNJZRagKqWZ/1fRLxL9NXnrSiaVzGPg/F5y
5ovZK1sKNxAd0T7+8hiwEHNqo/44XDPcxPFSMSYg94fXDrHgL6NU7H/IDqn5rjep
6xdlUbm+iSDeWGRU8fuQrBcikMICg059C4vGrdv9DrtZYtFbh7x9hDDPDya7igod
p141UvA4zcc4knWEtqjlyUj1GGODQ3FOenhqN7i8FXbeMpmLXQ4ZIRCc3fAyjyXr
PVbUQXClldlp34uRIIDFLjEoD91GPd9+3zwzwRbOujm5e/Xwu9WYN1j1mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDMLyj/uWlKsti6T1lJR9MfSifs7MB8GA1UdIwQY
MBaAFDlI5KWyuuYjVJmRPcvsBN/KUx6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUt
ZjY1MGU1MDdhNzZkLzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9iMWMzZjMtN2E0MC00MzJjLWI0MWUtZjY1MGU1MDdhNzZk
LzEvT1Vqa3BiSzY1aU5VbVpFOXktd0UzOHBUSHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIt5/+2Ze
PduEEdXLnA2ITBUPs078219N6+t/N7zLlNyZXPdnETvHyf3L7vbiAGMGJJ7AfF5L
v80kLKyM9tgrZxwT0yW3XqAynF4Oho12tAFycNsYkojZh50cFzbxoCJ94Uin0+E4
uPJrn3qptWN551dReYK5Cv2gRT7Cedz6TSTipWL8imP1VKF0MHb/MaIUYs7kAjC6
nXwnHr+F4M2/mshfli0UefK3SV8Onkt6GDmi5oF3WCIKZ5L+tns64m7ACfyiQ+Ve
YIK2dX0CpPtOAh334WbsW9yYRkyZmTlCqESRAtchrw2clnpQrIkVA1AuGWDchN8i
DcSR5uNiPqufqw==
-----END CERTIFICATE-----