Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
File:                     oyHD8vYVgRDoDpLioyIdaVwnp9g.mft (raw, json)
Hash identifier:          0w6ZpFV8rYXTek20hU9lRaWCBQrsIceG2UHQdBtFxJ8=
Subject key identifier:   AB:8B:B5:40:0D:E6:3A:99:27:17:0A:48:13:DC:58:CC:6B:FB:CA:AB
Authority key identifier: A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8
Certificate issuer:       /CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
Certificate serial:       0198D473CDAEC8D4640F00D09929EF88DC99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
Manifest number:          0EED
Signing time:             Sat 23 Aug 2025 01:03:35 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:35 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:35 +0000
Files and hashes:         1: oyHD8vYVgRDoDpLioyIdaVwnp9g.crl (hash: 8J7XGZwrhwKsqF2bYnPSzTMNQcZikjM+5lTTvytbZ54=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:cd:ae:c8:d4:64:0f:00:d0:99:29:ef:88:dc:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
        Validity
            Not Before: Aug 23 01:03:35 2025 GMT
            Not After : Aug 24 01:03:35 2025 GMT
        Subject: CN=ab8bb5400de63a9927170a4813dc58cc6bfbcaab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:bc:38:f0:a3:76:73:da:ca:88:69:16:4f:3e:
                    9b:4d:0d:40:5a:f0:dd:67:f4:14:a3:3a:86:2a:0d:
                    8d:10:69:90:84:28:67:3d:25:66:19:11:23:3b:95:
                    a3:dc:22:ba:7a:dc:8c:8c:d9:91:c6:e3:ad:c7:bc:
                    d0:4f:31:a5:c7:de:c4:f1:18:21:7a:2b:8a:d4:1f:
                    97:a4:90:70:4c:0c:0b:1f:f3:f0:09:4e:57:de:9f:
                    e7:e4:d8:96:c7:88:8e:9d:b2:6a:ff:51:e1:54:23:
                    8d:96:9b:8f:32:27:f3:28:72:4d:1f:11:24:43:15:
                    7c:1f:ca:8d:a5:d0:7b:3a:25:90:66:35:e1:06:89:
                    c3:41:7d:f5:d4:7c:0e:24:b6:ba:fc:2b:5c:a4:cc:
                    31:ac:25:87:e3:42:05:f7:38:3a:bf:bb:33:f8:75:
                    e4:9a:4d:c8:f5:c1:80:18:b8:97:76:30:f7:92:19:
                    5b:15:45:97:cd:e4:b4:9e:55:8c:b5:a6:ab:df:e7:
                    1f:05:32:4d:59:99:73:7f:4a:e7:93:30:56:4f:fe:
                    e0:f5:02:14:9d:12:11:71:70:41:73:9c:6e:50:d6:
                    92:31:31:99:6c:f8:c6:45:01:76:47:df:94:0e:d4:
                    2a:32:6f:c7:0a:d0:c0:87:17:5e:2d:0f:4a:c2:f8:
                    d9:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:8B:B5:40:0D:E6:3A:99:27:17:0A:48:13:DC:58:CC:6B:FB:CA:AB
            X509v3 Authority Key Identifier:
                keyid:A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:ae:c0:ea:fd:17:de:75:d2:f6:67:c9:f6:7d:e5:de:80:33:
         0c:06:0f:d1:76:58:fa:83:b0:01:b3:10:1d:a6:22:ed:41:aa:
         95:c4:80:bf:81:a7:34:26:be:b6:19:87:27:da:06:a8:0e:c1:
         e6:df:56:7b:a4:68:0f:c8:a8:b8:98:b8:ad:53:fa:6c:cb:e2:
         09:8a:a5:c7:2a:86:70:5e:8c:2d:a1:05:40:30:86:35:33:ca:
         b5:36:5b:a5:0b:b1:42:97:6c:a0:33:b2:12:2f:a1:42:49:33:
         7f:12:b6:e1:fd:1c:82:0b:74:06:8e:07:90:f6:07:b9:4d:ea:
         f7:0f:21:c3:84:0e:de:2d:7c:67:e4:46:87:40:13:16:f7:ec:
         84:75:c4:9a:80:44:27:c2:e0:29:22:e9:3d:c5:43:1a:2d:78:
         4a:bd:39:0a:5b:25:07:f4:74:62:d5:46:ca:c1:fa:d8:fc:27:
         85:99:49:8b:e8:90:fb:5d:ba:97:71:f9:93:d9:6f:a8:1d:e7:
         e1:1e:83:0a:67:b8:e9:b8:30:8f:ed:a8:10:81:3a:d1:e0:44:
         8b:11:9f:91:09:4a:ec:64:4e:6f:bc:dd:87:06:8a:91:fb:b1:
         66:0b:b6:34:d5:9c:a8:be:cf:7c:e9:4f:a4:6c:52:d8:d5:05:
         fa:9d:3a:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc82uyNRkDwDQmSnviNyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjFjM2YyZjYxNTgxMTBlODBlOTJlMmEzMjIxZDY5NWMy
N2E3ZDgwHhcNMjUwODIzMDEwMzM1WhcNMjUwODI0MDEwMzM1WjAzMTEwLwYDVQQD
EyhhYjhiYjU0MDBkZTYzYTk5MjcxNzBhNDgxM2RjNThjYzZiZmJjYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibw48KN2c9rKiGkWTz6bTQ1AWvDd
Z/QUozqGKg2NEGmQhChnPSVmGREjO5Wj3CK6etyMjNmRxuOtx7zQTzGlx97E8Rgh
eiuK1B+XpJBwTAwLH/PwCU5X3p/n5NiWx4iOnbJq/1HhVCONlpuPMifzKHJNHxEk
QxV8H8qNpdB7OiWQZjXhBonDQX311HwOJLa6/CtcpMwxrCWH40IF9zg6v7sz+HXk
mk3I9cGAGLiXdjD3khlbFUWXzeS0nlWMtaar3+cfBTJNWZlzf0rnkzBWT/7g9QIU
nRIRcXBBc5xuUNaSMTGZbPjGRQF2R9+UDtQqMm/HCtDAhxdeLQ9KwvjZ5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuLtUAN5jqZJxcKSBPcWMxr+8qrMB8GA1UdIwQY
MBaAFKMhw/L2FYEQ6A6S4qMiHWlcJ6fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYt
Y2ZmNDYxZTBkZjM0LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYtY2ZmNDYxZTBkZjM0
LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATa7A6v0X
3nXS9mfJ9n3l3oAzDAYP0XZY+oOwAbMQHaYi7UGqlcSAv4GnNCa+thmHJ9oGqA7B
5t9We6RoD8iouJi4rVP6bMviCYqlxyqGcF6MLaEFQDCGNTPKtTZbpQuxQpdsoDOy
Ei+hQkkzfxK24f0cggt0Bo4HkPYHuU3q9w8hw4QO3i18Z+RGh0ATFvfshHXEmoBE
J8LgKSLpPcVDGi14Sr05ClslB/R0YtVGysH62PwnhZlJi+iQ+126l3H5k9lvqB3n
4R6DCme46bgwj+2oEIE60eBEixGfkQlK7GROb7zdhwaKkfuxZgu2NNWcqL7PfOlP
pGxS2NUF+p061g==
-----END CERTIFICATE-----