Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          sMTceCv+DoCbYq8yvdUovjm6M8lYyuL81HH8yBayqxk=
Subject key identifier:   07:39:9B:22:19:9C:A1:07:D7:5A:C9:10:26:7E:9F:ED:8A:9F:89:AE
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       0198D6CD83DDFF44B16A9A9A032F395035F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 12:00:49 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:49 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:49 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: GCIDrTEbWIlkUz3bWxwGWkE2CfoqewuH+Z8EWwXE5xU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:83:dd:ff:44:b1:6a:9a:9a:03:2f:39:50:35:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Aug 23 12:00:49 2025 GMT
            Not After : Aug 24 12:00:49 2025 GMT
        Subject: CN=07399b22199ca107d75ac910267e9fed8a9f89ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:43:71:97:e6:4f:e3:f8:39:50:c9:7e:72:23:
                    b3:64:14:61:fd:90:9b:7c:17:60:b7:6b:b1:eb:20:
                    86:14:b3:c8:31:59:a6:79:e3:c8:24:be:ea:c5:a2:
                    5c:35:c9:50:2e:68:cb:22:8b:ac:5e:31:3a:e0:42:
                    ce:f3:99:52:e8:1e:08:e4:de:91:4f:ff:3c:36:67:
                    45:0a:58:3c:08:a1:3b:bc:4b:b5:db:2f:b6:18:e4:
                    5b:a1:88:d8:99:6e:d7:fc:97:1f:c5:1f:b5:81:8d:
                    c3:89:1c:a8:da:61:36:68:5e:75:fc:49:50:0b:45:
                    64:a8:ea:9b:9c:ee:f2:3c:d6:22:a1:fd:5b:99:2e:
                    ce:49:ff:4c:57:4e:9b:49:7d:64:94:9b:41:7f:61:
                    cd:8f:f2:7c:c9:56:45:be:77:7f:98:19:14:5d:9e:
                    26:f2:9f:49:fe:51:7b:20:1e:32:63:00:92:ab:66:
                    74:cd:44:71:34:65:4e:78:79:9f:36:ef:4d:2f:f8:
                    97:56:c9:3a:6e:76:a4:fe:a8:7b:6d:08:34:d6:a1:
                    e5:25:a3:a1:fb:0b:24:d7:b3:05:8f:f7:c3:0a:15:
                    a4:be:ef:1a:c3:1c:8f:76:55:be:ad:f9:64:2b:46:
                    d4:79:ce:d8:2f:a2:de:35:23:54:12:84:54:7c:12:
                    e2:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:39:9B:22:19:9C:A1:07:D7:5A:C9:10:26:7E:9F:ED:8A:9F:89:AE
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:57:eb:96:19:0c:e7:8c:71:34:fa:20:69:88:40:c4:8c:bc:
         c2:9b:fe:c1:45:2d:b1:3a:90:d2:28:79:36:46:85:82:2a:02:
         dd:70:39:c5:ed:f1:8e:10:07:4f:c4:a8:da:9a:2f:d4:75:d3:
         b2:a3:47:8e:de:57:03:3f:9b:79:00:39:88:e5:3c:df:bb:51:
         f3:e9:ef:b3:fe:39:14:18:6c:f1:9d:a2:7c:b0:73:0f:22:d6:
         96:ad:ec:eb:90:4c:11:eb:01:29:3f:ae:83:b9:d0:42:6f:3a:
         d2:47:cb:4a:b4:b3:6e:58:4a:ba:50:9f:c9:bf:54:cf:4b:47:
         fc:bc:aa:d0:f6:e0:64:2d:0d:a7:e9:9c:01:4e:24:84:f6:ff:
         6e:96:fb:f8:69:d2:69:ef:c5:57:a5:ff:81:ac:4f:50:5b:08:
         b0:5f:31:c1:d8:21:9b:1f:e1:8e:4c:34:e6:fa:25:af:9c:c6:
         b8:94:4f:b2:12:85:44:38:39:d0:69:c1:11:b5:5c:bd:ae:4c:
         9a:3c:49:bf:ae:14:50:30:95:16:d3:e7:7c:c6:e0:d5:5f:4b:
         72:11:fd:a9:c0:29:34:0f:f2:56:9c:a6:c4:40:c5:99:d2:38:
         e9:0c:bc:03:bb:e3:a4:ae:fe:1e:c6:7b:53:f9:13:f5:51:5b:
         d2:aa:d0:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzYPd/0SxapqaAy85UDX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjUwODIzMTIwMDQ5WhcNMjUwODI0MTIwMDQ5WjAzMTEwLwYDVQQD
EygwNzM5OWIyMjE5OWNhMTA3ZDc1YWM5MTAyNjdlOWZlZDhhOWY4OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kNxl+ZP4/g5UMl+ciOzZBRh/ZCb
fBdgt2ux6yCGFLPIMVmmeePIJL7qxaJcNclQLmjLIousXjE64ELO85lS6B4I5N6R
T/88NmdFClg8CKE7vEu12y+2GORboYjYmW7X/JcfxR+1gY3DiRyo2mE2aF51/ElQ
C0VkqOqbnO7yPNYiof1bmS7OSf9MV06bSX1klJtBf2HNj/J8yVZFvnd/mBkUXZ4m
8p9J/lF7IB4yYwCSq2Z0zURxNGVOeHmfNu9NL/iXVsk6bnak/qh7bQg01qHlJaOh
+wsk17MFj/fDChWkvu8awxyPdlW+rflkK0bUec7YL6LeNSNUEoRUfBLiWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAc5myIZnKEH11rJECZ+n+2Kn4muMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQVfrlhkM
54xxNPogaYhAxIy8wpv+wUUtsTqQ0ih5NkaFgioC3XA5xe3xjhAHT8So2pov1HXT
sqNHjt5XAz+beQA5iOU837tR8+nvs/45FBhs8Z2ifLBzDyLWlq3s65BMEesBKT+u
g7nQQm860kfLSrSzblhKulCfyb9Uz0tH/Lyq0PbgZC0Np+mcAU4khPb/bpb7+GnS
ae/FV6X/gaxPUFsIsF8xwdghmx/hjkw05volr5zGuJRPshKFRDg50GnBEbVcva5M
mjxJv64UUDCVFtPnfMbg1V9LchH9qcApNA/yVpymxEDFmdI46Qy8A7vjpK7+HsZ7
U/kT9VFb0qrQeQ==
-----END CERTIFICATE-----