Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
File:                     oyHD8vYVgRDoDpLioyIdaVwnp9g.mft (raw, json)
Hash identifier:          0n+egPpZrIqiY9YS7u/Tj8lqYsjW/j6vJYG/wh6Lovo=
Subject key identifier:   10:D5:6C:A5:19:75:2B:8C:57:EE:9E:37:68:9F:1A:01:89:E7:50:E9
Authority key identifier: A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8
Certificate issuer:       /CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
Certificate serial:       0199FDD9EBEE3052ECC60DE7D3C120A5FF21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
Manifest number:          0F87
Signing time:             Sun 19 Oct 2025 19:02:21 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:21 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:21 +0000
Files and hashes:         1: oyHD8vYVgRDoDpLioyIdaVwnp9g.crl (hash: 94FfdxYrY9uDu/IE+wUdpGIBG2o9BeIILhy3wnNPewc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:eb:ee:30:52:ec:c6:0d:e7:d3:c1:20:a5:ff:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
        Validity
            Not Before: Oct 19 19:02:21 2025 GMT
            Not After : Oct 20 19:02:21 2025 GMT
        Subject: CN=10d56ca519752b8c57ee9e37689f1a0189e750e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:f8:fe:69:15:5d:2a:6a:10:b3:72:10:ba:7e:
                    9c:6a:0a:2f:60:a6:b2:a8:94:2a:ae:a0:a5:8c:2e:
                    61:6b:78:2c:da:7c:3d:bf:0a:b8:50:85:7f:f4:f5:
                    14:25:f4:68:7f:14:1f:5c:c1:04:eb:42:aa:f6:ba:
                    50:c0:37:0c:63:50:10:9c:2a:b4:3e:98:a7:7a:89:
                    f3:52:21:19:1a:32:31:ef:a8:88:24:31:47:88:a7:
                    a3:0f:b6:02:35:f3:72:85:52:3b:1c:3d:b2:30:cc:
                    d2:19:24:a6:a5:05:2d:5c:06:60:e7:47:37:ea:3c:
                    cd:b2:f5:df:8b:8e:ca:09:3f:58:26:6b:a1:0d:88:
                    cd:cb:19:14:e6:31:8e:12:c2:59:58:1c:c9:13:ad:
                    42:5a:f1:32:00:c6:09:f7:72:c5:cd:90:0b:89:9f:
                    57:e8:63:5f:e9:2d:e4:de:50:07:34:c4:bf:ac:c7:
                    c4:36:cc:f1:8e:a8:d0:2c:f8:40:b3:ca:c3:22:35:
                    30:8c:e9:2c:31:ad:59:f8:66:d5:d7:dd:c3:60:b3:
                    75:a1:a9:de:4c:55:d0:e7:94:ae:d6:e3:b2:fa:ae:
                    b8:32:8d:fc:51:b5:b8:d3:27:0a:29:13:31:e0:a5:
                    8b:c0:f5:7c:64:17:66:c6:31:b8:a3:2f:0d:cb:a0:
                    68:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:D5:6C:A5:19:75:2B:8C:57:EE:9E:37:68:9F:1A:01:89:E7:50:E9
            X509v3 Authority Key Identifier:
                keyid:A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:22:47:ef:49:4c:07:61:c4:0d:8f:7b:c0:da:70:57:53:3b:
         4d:c8:3b:43:6a:59:48:b3:38:ca:b6:05:ba:44:10:f5:d3:6a:
         01:d1:b7:7a:d0:10:d6:4d:57:37:8b:0e:57:60:69:76:50:2f:
         ab:7d:fc:87:15:79:78:73:b3:55:41:90:0a:76:f0:63:ab:ae:
         6d:33:77:95:6e:b3:62:f9:4d:0a:5d:94:54:ec:37:3b:43:2a:
         47:ff:14:84:a4:4e:59:9f:54:18:3b:a4:bf:d2:41:9e:5a:99:
         ae:cc:4b:ec:2d:89:aa:e1:c5:3f:b6:af:f3:1f:99:d3:5c:88:
         df:12:67:88:8c:9b:4b:28:64:b6:cc:15:0f:c2:a7:4d:d9:35:
         8e:17:ac:01:23:da:6d:10:78:cc:16:31:07:e3:e8:7e:aa:8d:
         88:ed:8b:31:da:8c:40:81:aa:98:41:63:1d:13:1d:83:93:6c:
         d1:b3:ff:cc:23:7d:f7:7a:1e:9e:90:90:ff:a3:12:fb:ec:91:
         6b:5b:ae:ff:de:14:68:4e:59:2b:e8:17:a0:fa:1a:50:64:3a:
         81:4a:ed:59:91:3d:3c:7e:08:b0:ea:00:a9:e4:09:8f:c0:a3:
         f9:14:6a:89:b7:6c:ab:78:dc:62:a9:ad:62:b2:6f:27:cc:9a:
         b6:01:05:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92evuMFLsxg3n08Egpf8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjFjM2YyZjYxNTgxMTBlODBlOTJlMmEzMjIxZDY5NWMy
N2E3ZDgwHhcNMjUxMDE5MTkwMjIxWhcNMjUxMDIwMTkwMjIxWjAzMTEwLwYDVQQD
EygxMGQ1NmNhNTE5NzUyYjhjNTdlZTllMzc2ODlmMWEwMTg5ZTc1MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vj+aRVdKmoQs3IQun6cagovYKay
qJQqrqCljC5ha3gs2nw9vwq4UIV/9PUUJfRofxQfXMEE60Kq9rpQwDcMY1AQnCq0
PpineonzUiEZGjIx76iIJDFHiKejD7YCNfNyhVI7HD2yMMzSGSSmpQUtXAZg50c3
6jzNsvXfi47KCT9YJmuhDYjNyxkU5jGOEsJZWBzJE61CWvEyAMYJ93LFzZALiZ9X
6GNf6S3k3lAHNMS/rMfENszxjqjQLPhAs8rDIjUwjOksMa1Z+GbV193DYLN1oane
TFXQ55Su1uOy+q64Mo38UbW40ycKKRMx4KWLwPV8ZBdmxjG4oy8Ny6BocQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDVbKUZdSuMV+6eN2ifGgGJ51DpMB8GA1UdIwQY
MBaAFKMhw/L2FYEQ6A6S4qMiHWlcJ6fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYt
Y2ZmNDYxZTBkZjM0LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYtY2ZmNDYxZTBkZjM0
LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJyJH70lM
B2HEDY97wNpwV1M7Tcg7Q2pZSLM4yrYFukQQ9dNqAdG3etAQ1k1XN4sOV2BpdlAv
q338hxV5eHOzVUGQCnbwY6uubTN3lW6zYvlNCl2UVOw3O0MqR/8UhKROWZ9UGDuk
v9JBnlqZrsxL7C2JquHFP7av8x+Z01yI3xJniIybSyhktswVD8KnTdk1jhesASPa
bRB4zBYxB+PofqqNiO2LMdqMQIGqmEFjHRMdg5Ns0bP/zCN993oenpCQ/6MS++yR
a1uu/94UaE5ZK+gXoPoaUGQ6gUrtWZE9PH4IsOoAqeQJj8Cj+RRqibdsq3jcYqmt
YrJvJ8yatgEFcQ==
-----END CERTIFICATE-----