Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File:                     OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier:          jool8u1xMyeCrnWgKdzGc2npLUiEqIM4V1KoYiSr6qQ=
Subject key identifier:   9F:CB:EE:AC:E1:95:FC:22:D1:19:62:79:8D:EA:3D:B3:3B:D4:09:4D
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer:       /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial:       0198D47345C89009A5DF125BF0AD5BCB6632
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number:          059C
Signing time:             Sat 23 Aug 2025 01:03:00 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:00 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:00 +0000
Files and hashes:         1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: 2kGmzDZjG0X4y7WCL1y7mzX25K7mfziSVaeza6KdW0s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:45:c8:90:09:a5:df:12:5b:f0:ad:5b:cb:66:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
        Validity
            Not Before: Aug 23 01:03:00 2025 GMT
            Not After : Aug 24 01:03:00 2025 GMT
        Subject: CN=9fcbeeace195fc22d11962798dea3db33bd4094d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:56:93:17:07:7e:82:74:5b:3f:1a:e2:12:c0:
                    6a:a9:72:70:12:d3:6f:2a:0d:74:be:cf:8a:5f:94:
                    b4:db:b5:98:05:8c:d3:cf:9c:7b:41:53:08:d4:a9:
                    50:a8:5b:93:35:81:68:9e:a7:3a:cd:d8:fc:86:09:
                    2f:9c:e4:14:20:19:34:9b:26:81:41:1b:65:d8:88:
                    95:e5:9e:3c:b2:14:74:9b:00:53:4d:cf:23:54:28:
                    2c:b4:99:b4:c5:6d:40:6e:2c:4e:80:c5:b0:00:fd:
                    32:2a:7a:f6:34:70:d9:2d:e6:45:fb:f2:56:eb:ab:
                    4c:c3:47:5d:89:77:92:ac:a8:37:2b:ae:66:9e:ca:
                    e1:36:5f:e6:7e:93:e0:cd:49:bd:ce:15:21:35:a0:
                    b2:6d:43:b2:c9:b3:1e:01:30:5e:5e:65:c4:16:7d:
                    70:e7:b0:15:fc:50:29:5a:ef:9b:8e:2f:b7:a2:58:
                    e2:71:0f:44:6c:2f:78:c4:d8:dd:d8:9d:91:80:d6:
                    97:e9:bc:5e:68:f9:8d:11:60:13:b7:98:a6:22:e1:
                    62:0d:2f:e1:bb:8d:a8:c6:e2:2d:8a:35:b5:4c:9c:
                    33:d2:68:68:b0:bf:37:3a:72:5d:f8:21:4f:2b:d6:
                    9c:39:1f:77:b1:07:67:ac:f7:9f:b8:72:a6:0d:f9:
                    54:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:CB:EE:AC:E1:95:FC:22:D1:19:62:79:8D:EA:3D:B3:3B:D4:09:4D
            X509v3 Authority Key Identifier:
                keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:d3:03:78:cb:17:31:09:51:e4:40:07:8b:c6:24:bc:f2:3a:
         69:9f:e0:65:6b:67:1a:9d:53:7a:e9:c8:fe:06:da:d5:a4:6f:
         c9:3f:0a:89:a1:45:e3:86:a6:1b:cc:dc:8c:a3:05:06:ea:1e:
         5c:45:5b:66:23:56:20:e0:a1:5a:7d:fd:18:3f:da:9a:8b:fc:
         df:51:d5:d3:70:01:a8:4e:42:80:e5:f4:b2:c0:83:b4:74:31:
         1c:b0:d8:05:e4:f3:8d:fc:40:b0:ae:da:4e:89:49:1f:be:d6:
         98:f9:c5:0a:7b:65:8d:b5:6c:77:62:47:47:5c:28:af:45:0d:
         81:bf:f1:27:05:28:eb:7f:3c:4a:08:b2:dd:f9:fa:57:fc:81:
         73:0a:84:ca:da:32:80:30:ab:05:7c:0b:0c:0b:ed:1e:e0:ca:
         fa:c4:12:31:db:d6:f6:64:11:07:90:4f:0a:3f:20:ec:16:4f:
         86:e7:56:c1:d9:ff:be:ca:1e:b8:7b:15:4b:eb:44:d7:0c:72:
         4d:91:e5:b1:1b:5b:7d:68:37:ae:2f:c8:2f:89:c5:89:32:54:
         86:9a:01:06:88:71:1d:7d:bc:a9:38:10:56:4f:d8:54:62:2a:
         fe:60:b0:46:10:13:c4:4a:17:c7:6b:22:32:4f:70:21:e2:97:
         a1:4c:8a:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc0XIkAml3xJb8K1by2YyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjUwODIzMDEwMzAwWhcNMjUwODI0MDEwMzAwWjAzMTEwLwYDVQQD
Eyg5ZmNiZWVhY2UxOTVmYzIyZDExOTYyNzk4ZGVhM2RiMzNiZDQwOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFaTFwd+gnRbPxriEsBqqXJwEtNv
Kg10vs+KX5S027WYBYzTz5x7QVMI1KlQqFuTNYFonqc6zdj8hgkvnOQUIBk0myaB
QRtl2IiV5Z48shR0mwBTTc8jVCgstJm0xW1AbixOgMWwAP0yKnr2NHDZLeZF+/JW
66tMw0ddiXeSrKg3K65mnsrhNl/mfpPgzUm9zhUhNaCybUOyybMeATBeXmXEFn1w
57AV/FApWu+bji+3oljicQ9EbC94xNjd2J2RgNaX6bxeaPmNEWATt5imIuFiDS/h
u42oxuItijW1TJwz0mhosL83OnJd+CFPK9acOR93sQdnrPefuHKmDflUkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/L7qzhlfwi0RlieY3qPbM71AlNMB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL9MDeMsX
MQlR5EAHi8YkvPI6aZ/gZWtnGp1TeunI/gba1aRvyT8KiaFF44amG8zcjKMFBuoe
XEVbZiNWIOChWn39GD/amov831HV03ABqE5CgOX0ssCDtHQxHLDYBeTzjfxAsK7a
TolJH77WmPnFCntljbVsd2JHR1wor0UNgb/xJwUo6388Sgiy3fn6V/yBcwqEytoy
gDCrBXwLDAvtHuDK+sQSMdvW9mQRB5BPCj8g7BZPhudWwdn/vsoeuHsVS+tE1wxy
TZHlsRtbfWg3ri/IL4nFiTJUhpoBBohxHX28qTgQVk/YVGIq/mCwRhATxEoXx2si
Mk9wIeKXoUyKMw==
-----END CERTIFICATE-----