Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          rtCsYT8Szxfu0xCVRxyQwmRgRKpYg3zE3tDUdzDDOiM=
Subject key identifier:   8E:A4:D4:1F:6D:5C:43:C8:86:B5:B3:CA:BC:08:31:6A:C9:7F:83:08
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       0197B7EA47C7D673CAED262EFF24F773BAA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          09C6
Signing time:             Sat 28 Jun 2025 19:01:13 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:13 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:13 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: tdSGRkLCCMFPTlx4BAnYXoPgy/5h0d39Q6DvcVzHKZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:47:c7:d6:73:ca:ed:26:2e:ff:24:f7:73:ba:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: Jun 28 19:01:13 2025 GMT
            Not After : Jun 29 19:01:13 2025 GMT
        Subject: CN=8ea4d41f6d5c43c886b5b3cabc08316ac97f8308
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:82:aa:27:67:e7:f8:9d:50:ea:74:70:f0:d4:
                    78:04:47:56:18:c7:51:f1:10:e4:0a:19:69:6e:b5:
                    5d:76:3f:82:bd:dd:be:24:4a:b3:76:69:51:68:39:
                    d3:a9:f6:3d:9f:ac:65:35:ff:8e:be:f0:18:bf:6f:
                    ad:0d:4e:fb:f4:d1:fb:21:7f:2c:1f:cc:a8:9c:8f:
                    d4:c6:60:3c:02:33:02:d6:67:d3:04:0b:61:8c:5a:
                    75:8c:cc:e4:63:5b:81:f0:7f:6e:c2:17:30:35:16:
                    44:37:77:f3:2f:55:73:b0:76:0f:d3:8f:66:23:33:
                    4a:d4:28:7e:bf:36:90:94:14:b3:8c:fe:6b:dd:cd:
                    29:7e:6d:b3:35:1e:04:11:bf:3d:85:1e:e5:f4:61:
                    e2:d3:2b:db:2d:09:77:20:78:d2:12:42:51:01:e8:
                    f6:ca:3a:75:1c:21:de:90:9b:e8:60:a8:92:10:b5:
                    81:41:fb:07:81:7b:9a:52:15:35:2d:93:03:78:1f:
                    44:98:3f:9d:d0:b9:ba:b5:e3:59:1d:8d:c3:30:b7:
                    3c:ce:7f:d8:6b:ce:77:13:d7:6f:ca:f9:59:e7:28:
                    49:92:a4:a5:d5:f6:68:7e:2e:2a:45:0a:f0:0c:9d:
                    15:66:f8:fd:4e:24:28:9e:32:82:61:cd:3d:ec:bd:
                    6d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:A4:D4:1F:6D:5C:43:C8:86:B5:B3:CA:BC:08:31:6A:C9:7F:83:08
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:88:88:b6:7d:07:da:02:a3:43:fa:e0:46:58:e2:98:6b:f1:
         34:f2:23:6b:86:f5:1e:7b:7b:37:c9:9b:51:cc:6f:2e:c4:33:
         21:b6:6f:76:5d:8d:f8:f6:e8:8f:e4:67:a9:10:13:4a:79:60:
         30:85:eb:80:e9:53:8b:14:d2:88:1a:d0:15:18:a4:01:57:f9:
         fc:e9:f6:ba:58:f5:4f:d2:3b:ed:5a:21:35:75:fc:91:2a:b3:
         bc:22:cb:df:76:0b:cc:ba:5b:87:b5:76:4c:48:23:f8:4e:f0:
         8a:94:b7:41:61:fc:6f:9d:ce:c9:c3:11:57:7b:08:d6:a3:27:
         d7:26:ce:48:65:32:a5:48:7a:b4:d5:69:00:de:ee:73:69:72:
         a0:e1:fa:ba:e5:9e:5b:1f:4e:5d:48:f1:97:cb:f1:d0:95:1c:
         c9:c9:4f:06:25:cf:54:5b:22:9d:5b:55:02:cf:da:c7:e7:04:
         5a:25:3c:36:6b:73:d3:e2:7b:e5:05:ca:2b:c3:db:fe:9a:7d:
         7c:20:8c:6b:39:72:d9:e9:84:bc:d1:32:6a:5f:83:2c:6e:0f:
         83:9e:c2:91:70:8f:78:cd:eb:04:bb:96:19:df:ee:ad:16:71:
         96:45:90:ee:5e:b2:79:c2:b7:a7:2c:37:c3:a8:48:5c:7b:61:
         b0:5e:33:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36kfH1nPK7SYu/yT3c7qhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjUwNjI4MTkwMTEzWhcNMjUwNjI5MTkwMTEzWjAzMTEwLwYDVQQD
Eyg4ZWE0ZDQxZjZkNWM0M2M4ODZiNWIzY2FiYzA4MzE2YWM5N2Y4MzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IKqJ2fn+J1Q6nRw8NR4BEdWGMdR
8RDkChlpbrVddj+Cvd2+JEqzdmlRaDnTqfY9n6xlNf+OvvAYv2+tDU779NH7IX8s
H8yonI/UxmA8AjMC1mfTBAthjFp1jMzkY1uB8H9uwhcwNRZEN3fzL1VzsHYP049m
IzNK1Ch+vzaQlBSzjP5r3c0pfm2zNR4EEb89hR7l9GHi0yvbLQl3IHjSEkJRAej2
yjp1HCHekJvoYKiSELWBQfsHgXuaUhU1LZMDeB9EmD+d0Lm6teNZHY3DMLc8zn/Y
a853E9dvyvlZ5yhJkqSl1fZofi4qRQrwDJ0VZvj9TiQonjKCYc097L1tbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6k1B9tXEPIhrWzyrwIMWrJf4MIMB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh4iItn0H
2gKjQ/rgRljimGvxNPIja4b1Hnt7N8mbUcxvLsQzIbZvdl2N+Pboj+RnqRATSnlg
MIXrgOlTixTSiBrQFRikAVf5/On2ulj1T9I77VohNXX8kSqzvCLL33YLzLpbh7V2
TEgj+E7wipS3QWH8b53OycMRV3sI1qMn1ybOSGUypUh6tNVpAN7uc2lyoOH6uuWe
Wx9OXUjxl8vx0JUcyclPBiXPVFsinVtVAs/ax+cEWiU8Nmtz0+J75QXKK8Pb/pp9
fCCMazly2emEvNEyal+DLG4Pg57CkXCPeM3rBLuWGd/urRZxlkWQ7l6yecK3pyw3
w6hIXHthsF4zEA==
-----END CERTIFICATE-----