Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          e236GDkR0wbcjJ+RPVA2s17gmvERPH41QHiXH37wp4Y=
Subject key identifier:   2D:F1:A9:AB:2F:60:84:9A:0F:D9:88:F1:E1:FF:B8:7D:C7:E7:B2:7A
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       0198D5BC1FA0920177784D0120F8965E7A3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          0A5A
Signing time:             Sat 23 Aug 2025 07:02:12 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:12 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:12 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: A3mTbaVMqU/awwqIDe+8mhUbD2B2v+Rdhi56YlT1uJ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:1f:a0:92:01:77:78:4d:01:20:f8:96:5e:7a:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: Aug 23 07:02:12 2025 GMT
            Not After : Aug 24 07:02:12 2025 GMT
        Subject: CN=2df1a9ab2f60849a0fd988f1e1ffb87dc7e7b27a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b6:73:f6:6e:e9:d9:4c:3c:5f:3e:39:02:7f:
                    de:5b:ff:e2:e4:fc:3e:ad:79:40:be:a0:de:54:0b:
                    98:d9:ac:e9:39:91:2b:2c:6c:b8:f8:4d:51:32:f2:
                    45:59:c1:d4:f7:8a:67:07:c1:cd:f0:5c:6e:35:ba:
                    62:be:23:eb:ac:0c:69:e8:2c:6f:f2:8e:33:84:76:
                    bc:fe:8d:10:18:8c:4f:ec:5b:10:96:00:ff:69:9d:
                    35:1a:83:36:1f:88:cf:3d:72:88:12:6e:a5:64:5e:
                    aa:d2:74:92:66:f7:5f:4a:be:37:7e:ef:c5:41:28:
                    be:81:c9:30:b2:47:9a:87:d4:e6:1b:7d:87:0e:a0:
                    f0:92:b7:c5:ed:99:da:99:a9:4e:dd:2f:d8:d6:e1:
                    c1:8c:a7:86:c3:7e:8e:22:b7:9d:d7:45:c9:b7:74:
                    78:d9:a5:6a:d8:51:1c:84:ec:59:82:e9:19:34:a1:
                    ca:65:a0:b4:44:72:a8:c9:a0:9a:7a:ee:5f:a7:5a:
                    1a:32:af:e7:15:f1:a9:e5:81:ed:6f:b8:85:3e:a1:
                    6e:b9:8b:41:56:60:1b:6d:da:06:99:8e:d9:3e:13:
                    b3:85:6f:08:a1:01:b2:3e:50:4d:f0:b2:e4:0a:8b:
                    13:59:f8:08:ff:90:fb:a4:81:42:48:ec:f2:f4:81:
                    ad:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:F1:A9:AB:2F:60:84:9A:0F:D9:88:F1:E1:FF:B8:7D:C7:E7:B2:7A
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:58:37:8d:27:60:d4:d8:25:3c:2d:8d:ac:61:28:a5:69:ab:
         e8:b0:10:69:c8:b5:43:d5:ce:af:58:b9:29:3b:93:47:61:08:
         6c:70:ab:ef:ff:4b:39:bd:0e:a4:79:f4:3d:c4:40:32:ef:c5:
         9e:eb:d3:2d:e0:d8:16:a2:dc:a1:4b:31:a2:4a:93:05:d0:a6:
         12:17:62:8c:d8:52:a6:8f:67:a1:34:76:8e:ef:ef:87:43:d4:
         2d:b8:28:ec:29:18:42:05:eb:11:34:af:3d:a8:67:12:d9:e0:
         0a:e7:cd:fb:54:72:e3:9e:a3:cd:bd:9a:e8:cc:c0:87:39:be:
         3f:e7:77:16:12:42:77:c5:b1:dd:f6:bf:74:2a:3d:49:8d:ba:
         19:cd:23:a6:28:8a:db:8a:03:da:d0:24:14:57:53:50:9c:5f:
         0b:2e:87:d0:d0:bb:af:7b:68:1b:31:9c:d4:a5:07:51:74:bd:
         6a:1a:1d:d1:43:31:dc:65:4e:33:e0:a4:93:82:2b:dd:82:dc:
         70:88:4c:ee:b9:20:83:9d:70:06:95:6b:75:e1:f8:f9:08:e7:
         d9:ab:5a:6d:91:06:66:0d:c2:4d:1f:2e:16:4d:a5:c3:9a:49:
         17:a5:7d:48:71:31:97:ba:90:68:36:d7:f0:c1:2e:3f:0f:ec:
         17:47:3c:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvB+gkgF3eE0BIPiWXno9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjUwODIzMDcwMjEyWhcNMjUwODI0MDcwMjEyWjAzMTEwLwYDVQQD
EygyZGYxYTlhYjJmNjA4NDlhMGZkOTg4ZjFlMWZmYjg3ZGM3ZTdiMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrZz9m7p2Uw8Xz45An/eW//i5Pw+
rXlAvqDeVAuY2azpOZErLGy4+E1RMvJFWcHU94pnB8HN8FxuNbpiviPrrAxp6Cxv
8o4zhHa8/o0QGIxP7FsQlgD/aZ01GoM2H4jPPXKIEm6lZF6q0nSSZvdfSr43fu/F
QSi+gckwskeah9TmG32HDqDwkrfF7ZnamalO3S/Y1uHBjKeGw36OIred10XJt3R4
2aVq2FEchOxZgukZNKHKZaC0RHKoyaCaeu5fp1oaMq/nFfGp5YHtb7iFPqFuuYtB
VmAbbdoGmY7ZPhOzhW8IoQGyPlBN8LLkCosTWfgI/5D7pIFCSOzy9IGtpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3xqasvYISaD9mI8eH/uH3H57J6MB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL1g3jSdg
1NglPC2NrGEopWmr6LAQaci1Q9XOr1i5KTuTR2EIbHCr7/9LOb0OpHn0PcRAMu/F
nuvTLeDYFqLcoUsxokqTBdCmEhdijNhSpo9noTR2ju/vh0PULbgo7CkYQgXrETSv
PahnEtngCufN+1Ry456jzb2a6MzAhzm+P+d3FhJCd8Wx3fa/dCo9SY26Gc0jpiiK
24oD2tAkFFdTUJxfCy6H0NC7r3toGzGc1KUHUXS9ahod0UMx3GVOM+Ckk4Ir3YLc
cIhM7rkgg51wBpVrdeH4+Qjn2atabZEGZg3CTR8uFk2lw5pJF6V9SHExl7qQaDbX
8MEuPw/sF0c8Ng==
-----END CERTIFICATE-----