Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          T6q/DhkrShe6+c1r0dE1zfFIfYpIoKH5MlDeNzrN1o4=
Subject key identifier:   0F:44:8F:1B:F9:F8:20:A1:4D:EC:96:55:53:A9:AE:05:E7:99:63:18
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       0199FC58FD71FCF8CC1CFAB6B5D685214A9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 12:01:54 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:54 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:54 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: 91TCgqSuBF8MZ4Z+xXPVW06pChKOYEa40lV31/amTe0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:fd:71:fc:f8:cc:1c:fa:b6:b5:d6:85:21:4a:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Oct 19 12:01:54 2025 GMT
            Not After : Oct 20 12:01:54 2025 GMT
        Subject: CN=0f448f1bf9f820a14dec965553a9ae05e7996318
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:6e:4a:0e:aa:07:d1:ca:ee:2b:e9:f6:92:57:
                    71:77:25:82:65:a1:b3:79:79:f7:99:24:5f:2b:f6:
                    7b:3c:58:be:b6:6d:1c:1e:b4:3b:5a:2e:c6:89:14:
                    21:12:33:92:ba:0d:16:52:ca:d3:ac:fc:09:b5:33:
                    33:62:c5:1a:d1:ad:68:6e:7a:7f:df:a9:5e:94:34:
                    f8:c6:91:a8:1b:d6:57:b6:f6:ae:21:32:23:fe:9c:
                    32:a7:f4:2d:0e:ef:47:16:7d:ea:d6:25:21:05:94:
                    fe:08:7d:43:41:22:35:f8:58:13:67:3e:9c:5b:28:
                    db:67:27:47:0f:fe:a5:ca:19:ef:84:6d:ba:c4:0c:
                    6f:0e:a9:ec:e5:5f:26:8d:c0:81:14:e2:91:f7:2f:
                    3d:16:59:0c:2d:35:c8:60:92:d0:ad:ac:29:d1:40:
                    fa:4f:14:96:f8:8d:24:ad:46:30:e0:89:ea:b1:e1:
                    c7:50:68:1d:3f:d7:23:97:36:78:10:ba:26:63:d7:
                    0f:6d:e6:87:43:0c:06:21:07:9c:c8:79:39:be:fa:
                    a3:ea:e0:70:55:37:c9:d4:35:e1:59:2b:b9:83:55:
                    e9:33:fc:53:a2:2d:6e:4b:39:25:b6:b9:19:05:a4:
                    c4:2c:db:b9:fa:ab:83:ec:d3:e2:40:a9:0a:ef:0c:
                    87:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:44:8F:1B:F9:F8:20:A1:4D:EC:96:55:53:A9:AE:05:E7:99:63:18
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:c6:76:53:fe:31:f2:d5:f3:93:64:b8:21:14:2d:3a:01:23:
         27:43:3a:5a:a1:9e:43:bb:ce:75:84:18:f5:cf:60:59:42:b1:
         9b:3d:57:17:f6:7f:82:6e:d7:b5:ff:70:8f:d1:c3:3b:cb:8d:
         bf:57:b5:fc:5c:76:bb:4c:03:08:55:e5:a0:be:34:e5:be:70:
         95:0e:66:05:c6:01:eb:32:5f:4b:25:12:07:2d:61:78:66:3d:
         80:4c:c1:60:bc:70:46:d5:08:7e:b7:37:f8:45:55:18:b5:e2:
         da:4f:d6:70:77:c5:cc:6f:e6:90:c0:c8:9d:46:e3:67:60:9a:
         39:f5:c0:a1:49:6c:51:c5:95:9e:d4:4e:12:d6:c9:7c:9a:8c:
         1b:a2:77:5e:54:1b:9c:31:dc:02:43:82:4d:ce:85:af:58:4f:
         d3:58:fb:d9:ca:80:1a:3d:63:30:96:83:2e:3d:e1:a4:c8:da:
         b8:d0:10:51:15:d3:33:92:d0:a6:04:6e:57:55:32:94:58:f7:
         87:9a:c7:34:76:24:2b:c3:6d:7e:50:9b:bb:ee:37:c5:a1:60:
         4d:bf:55:57:72:6b:b4:ee:21:b2:34:37:11:53:80:33:14:dd:
         81:0a:1f:dc:a1:ca:f9:36:ed:3e:e7:f4:57:b1:af:4b:87:bf:
         48:13:ae:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WP1x/PjMHPq2tdaFIUqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjUxMDE5MTIwMTU0WhcNMjUxMDIwMTIwMTU0WjAzMTEwLwYDVQQD
EygwZjQ0OGYxYmY5ZjgyMGExNGRlYzk2NTU1M2E5YWUwNWU3OTk2MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG5KDqoH0cruK+n2kldxdyWCZaGz
eXn3mSRfK/Z7PFi+tm0cHrQ7Wi7GiRQhEjOSug0WUsrTrPwJtTMzYsUa0a1obnp/
36lelDT4xpGoG9ZXtvauITIj/pwyp/QtDu9HFn3q1iUhBZT+CH1DQSI1+FgTZz6c
WyjbZydHD/6lyhnvhG26xAxvDqns5V8mjcCBFOKR9y89FlkMLTXIYJLQrawp0UD6
TxSW+I0krUYw4InqseHHUGgdP9cjlzZ4ELomY9cPbeaHQwwGIQecyHk5vvqj6uBw
VTfJ1DXhWSu5g1XpM/xToi1uSzkltrkZBaTELNu5+quD7NPiQKkK7wyHowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9Ejxv5+CChTeyWVVOprgXnmWMYMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIMZ2U/4x
8tXzk2S4IRQtOgEjJ0M6WqGeQ7vOdYQY9c9gWUKxmz1XF/Z/gm7Xtf9wj9HDO8uN
v1e1/Fx2u0wDCFXloL405b5wlQ5mBcYB6zJfSyUSBy1heGY9gEzBYLxwRtUIfrc3
+EVVGLXi2k/WcHfFzG/mkMDInUbjZ2CaOfXAoUlsUcWVntROEtbJfJqMG6J3XlQb
nDHcAkOCTc6Fr1hP01j72cqAGj1jMJaDLj3hpMjauNAQURXTM5LQpgRuV1UylFj3
h5rHNHYkK8NtflCbu+43xaFgTb9VV3JrtO4hsjQ3EVOAMxTdgQof3KHK+TbtPuf0
V7GvS4e/SBOutg==
-----END CERTIFICATE-----