Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
File:                     0wUa-GYelCUtF1k103l-nsos2Aw.mft (raw, json)
Hash identifier:          R/Jz45+j9MgS+ij+7AXH/gQr3AcE04PWgEQW0gCOF74=
Subject key identifier:   3C:65:93:9E:3D:6D:87:AF:7B:EC:C1:CE:34:E7:81:AE:97:F7:42:E7
Authority key identifier: D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C
Certificate issuer:       /CN=d3051af8661e94252d175935d3797e9eca2cd80c
Certificate serial:       0198D4DFCFB5EB6E711D8A021C14C5B680E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
Manifest number:          0FB1
Signing time:             Sat 23 Aug 2025 03:01:33 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:33 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:33 +0000
Files and hashes:         1: 0wUa-GYelCUtF1k103l-nsos2Aw.crl (hash: 6baoSzLukiPXO4wym8pu7EOQYkHReAUEoWywKXMn+Qw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:cf:b5:eb:6e:71:1d:8a:02:1c:14:c5:b6:80:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3051af8661e94252d175935d3797e9eca2cd80c
        Validity
            Not Before: Aug 23 03:01:33 2025 GMT
            Not After : Aug 24 03:01:33 2025 GMT
        Subject: CN=3c65939e3d6d87af7becc1ce34e781ae97f742e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f5:4f:0c:71:b7:cd:3d:cc:ef:14:3b:3a:f2:
                    d7:bd:ae:8f:3a:d7:01:6c:2e:11:1e:85:e2:5e:49:
                    40:66:80:bc:0f:ed:70:df:31:7a:c2:f6:c5:53:d3:
                    50:9e:11:74:ce:3e:d6:5b:f8:49:45:f3:84:13:de:
                    d1:61:c2:71:d3:24:4a:fe:01:0a:55:10:36:1c:6d:
                    34:1b:69:12:1c:68:51:f8:87:30:cc:67:f8:97:d1:
                    cf:31:6a:89:2a:25:ad:bd:30:51:61:2f:fb:73:71:
                    15:35:c0:51:fb:98:46:76:d0:e4:de:ff:b2:17:85:
                    18:aa:84:4d:09:a4:d6:a7:69:7c:69:60:08:df:81:
                    ea:45:98:60:2d:ef:75:b8:bc:51:b2:e7:a7:49:9e:
                    6d:bd:e3:e2:3d:44:37:d1:2a:86:ad:66:25:a9:94:
                    88:f9:ad:0d:5e:9d:66:d0:cb:b1:fd:54:b6:21:b2:
                    6a:98:bc:24:aa:9c:b5:28:c8:37:a7:5f:62:15:6d:
                    53:ac:e5:a2:a8:ce:ec:12:5f:da:22:71:a1:4b:a8:
                    f2:15:fc:4f:2e:ac:a2:05:db:09:63:87:f5:18:d1:
                    18:ce:35:bd:88:7d:f6:c2:a3:b6:71:3a:f3:f1:f8:
                    b8:7a:5f:aa:82:0c:d4:83:2c:8e:50:9e:00:43:c9:
                    cf:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:65:93:9E:3D:6D:87:AF:7B:EC:C1:CE:34:E7:81:AE:97:F7:42:E7
            X509v3 Authority Key Identifier:
                keyid:D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:ce:c1:f7:3f:9b:f8:85:02:31:bd:e9:83:e9:11:73:7c:df:
         f2:df:40:3a:df:46:9b:69:a7:85:2b:66:f8:a3:0a:77:7a:2f:
         4e:a1:4e:48:bd:af:64:02:2d:cd:fc:ff:f8:3b:1b:59:65:f5:
         38:8a:b9:5e:5c:82:f1:8d:28:a1:c7:c6:cc:76:7e:41:ec:1f:
         cb:cd:8b:15:c8:f2:6a:7a:53:1b:68:9e:9d:35:9b:58:57:37:
         c5:67:08:97:d6:ab:4b:c0:b9:ec:ec:08:45:89:d7:d3:dc:af:
         6d:76:9b:7c:30:2f:36:68:c1:48:b3:ff:03:53:fb:c8:8d:6b:
         2b:01:c9:96:ca:9e:3b:af:37:68:5d:93:d6:81:46:a3:4f:ff:
         34:44:48:ad:34:21:64:2a:21:84:1b:b5:32:6d:86:0a:42:9b:
         60:4a:4e:08:d0:84:1d:1b:1a:9b:e0:27:38:34:62:c0:d7:9a:
         ce:2d:ea:48:b0:cd:e3:86:1b:f3:f3:f4:07:9a:fe:91:fa:d3:
         99:33:0e:0d:12:7f:ca:81:eb:b4:9c:35:1a:56:f6:ad:c3:0f:
         4f:17:bb:d8:35:f9:54:b5:ca:d8:f8:bf:25:6b:e9:45:a8:f8:
         23:48:76:21:07:65:e1:99:1a:43:66:a5:1c:26:1f:04:88:17:
         b3:3d:3e:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU38+1625xHYoCHBTFtoDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDUxYWY4NjYxZTk0MjUyZDE3NTkzNWQzNzk3ZTllY2Ey
Y2Q4MGMwHhcNMjUwODIzMDMwMTMzWhcNMjUwODI0MDMwMTMzWjAzMTEwLwYDVQQD
EygzYzY1OTM5ZTNkNmQ4N2FmN2JlY2MxY2UzNGU3ODFhZTk3Zjc0MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/VPDHG3zT3M7xQ7OvLXva6POtcB
bC4RHoXiXklAZoC8D+1w3zF6wvbFU9NQnhF0zj7WW/hJRfOEE97RYcJx0yRK/gEK
VRA2HG00G2kSHGhR+IcwzGf4l9HPMWqJKiWtvTBRYS/7c3EVNcBR+5hGdtDk3v+y
F4UYqoRNCaTWp2l8aWAI34HqRZhgLe91uLxRsuenSZ5tvePiPUQ30SqGrWYlqZSI
+a0NXp1m0Mux/VS2IbJqmLwkqpy1KMg3p19iFW1TrOWiqM7sEl/aInGhS6jyFfxP
LqyiBdsJY4f1GNEYzjW9iH32wqO2cTrz8fi4el+qggzUgyyOUJ4AQ8nP+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDxlk549bYeve+zBzjTnga6X90LnMB8GA1UdIwQY
MBaAFNMFGvhmHpQlLRdZNdN5fp7KLNgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEt
YzI2YzNlMjNiYWY2LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEtYzI2YzNlMjNiYWY2
LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF87B9z+b
+IUCMb3pg+kRc3zf8t9AOt9Gm2mnhStm+KMKd3ovTqFOSL2vZAItzfz/+DsbWWX1
OIq5XlyC8Y0oocfGzHZ+Qewfy82LFcjyanpTG2ienTWbWFc3xWcIl9arS8C57OwI
RYnX09yvbXabfDAvNmjBSLP/A1P7yI1rKwHJlsqeO683aF2T1oFGo0//NERIrTQh
ZCohhBu1Mm2GCkKbYEpOCNCEHRsam+AnODRiwNeazi3qSLDN44Yb8/P0B5r+kfrT
mTMODRJ/yoHrtJw1Glb2rcMPTxe72DX5VLXK2Pi/JWvpRaj4I0h2IQdl4ZkaQ2al
HCYfBIgXsz0+Aw==
-----END CERTIFICATE-----