Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          OeJwq8PyBUiboobu48vroZfB1nqJRRKpSHkf54wWuYQ=
Subject key identifier:   1F:AC:51:EE:18:C7:A5:BE:67:D0:89:AD:6F:16:A6:82:6F:68:56:64
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       0198D54EA56981EDF782B346E85FC465B700
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 05:02:37 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:37 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:37 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: qQZMQpGPHzpy8YccSBHPcfRGluFN6q/f0grBPvRN6kk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:a5:69:81:ed:f7:82:b3:46:e8:5f:c4:65:b7:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Aug 23 05:02:37 2025 GMT
            Not After : Aug 24 05:02:37 2025 GMT
        Subject: CN=1fac51ee18c7a5be67d089ad6f16a6826f685664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7d:28:ec:e2:3f:86:e4:36:91:e0:e5:cd:27:
                    25:aa:5a:b0:c3:d5:1f:46:6f:c5:81:c5:12:6f:66:
                    32:c5:04:89:67:75:b0:e0:09:04:d7:7c:00:33:fb:
                    a9:17:06:1a:4a:b5:50:d4:90:6c:5d:65:37:46:2d:
                    39:d3:76:1f:59:6f:b5:55:a6:af:24:ef:a0:ed:7c:
                    f6:13:24:a9:2c:4f:0b:b6:38:05:f1:d0:e4:cb:e0:
                    3d:66:b8:01:50:d9:23:19:6c:72:eb:15:37:fe:e6:
                    83:4d:d2:71:bb:fa:2c:4f:3d:53:db:cc:ea:6f:ae:
                    3e:aa:65:db:0f:db:e7:dc:d5:00:69:cf:57:25:d8:
                    a5:91:4b:8e:d5:99:0e:50:77:ae:04:05:b3:34:a9:
                    44:70:7e:04:16:51:ae:86:d8:59:5c:75:b0:37:99:
                    2f:83:ce:1b:a2:84:5c:a0:52:7b:ae:da:65:a2:08:
                    03:d1:c8:c7:d1:ba:9a:0f:6c:ab:b0:ac:a3:17:dc:
                    7d:a8:71:d3:bd:37:63:4b:a9:2b:dd:a6:20:51:89:
                    29:1f:b2:8a:0e:88:0e:c5:ae:61:ef:a0:95:5c:f9:
                    54:54:df:dd:15:2b:59:5d:da:8d:0d:27:d3:b4:65:
                    c0:6c:47:43:3d:0e:52:d8:33:c5:8f:70:8b:6a:e1:
                    31:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:AC:51:EE:18:C7:A5:BE:67:D0:89:AD:6F:16:A6:82:6F:68:56:64
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:9f:53:b9:3d:ba:e5:0c:5b:da:09:40:ed:d6:20:80:13:11:
         f3:c0:e6:d2:27:e9:51:ae:42:09:cd:2b:38:7c:5f:f0:4c:4d:
         3d:80:5e:b6:81:14:4a:ec:86:f9:1e:68:16:31:c5:67:68:7e:
         23:55:44:19:9b:1c:03:5f:f5:15:42:8b:d0:5c:3c:44:c4:ed:
         06:bd:31:dd:8d:3e:be:27:31:ab:40:f3:8f:52:26:d1:ab:b5:
         86:1f:f9:a5:84:59:01:f0:ad:a1:41:22:9b:3d:3d:f0:f6:2c:
         07:63:36:ae:3c:fe:63:cb:a9:1b:ec:b7:16:3b:02:53:be:d6:
         0a:e9:d4:60:76:f7:e6:0e:82:c9:85:c9:2d:ba:99:94:bb:ac:
         94:7a:6a:5f:fd:6c:e8:96:7a:6b:06:88:59:e5:b9:32:a4:85:
         18:7d:a7:b5:14:bf:70:5a:13:b9:8c:b8:70:de:f9:13:6f:0e:
         50:b3:71:33:33:83:e9:6d:89:62:90:37:0b:3b:e3:e3:47:2b:
         a3:27:ac:93:ac:20:3b:29:1d:fb:65:d3:05:97:77:39:b0:af:
         15:bf:e4:02:14:d9:46:bc:b7:bb:cc:e9:9f:c9:65:2f:7a:b8:
         61:b1:e9:50:29:2d:9d:10:66:8d:73:43:b2:60:44:d4:a7:0a:
         12:ca:28:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTqVpge33grNG6F/EZbcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjUwODIzMDUwMjM3WhcNMjUwODI0MDUwMjM3WjAzMTEwLwYDVQQD
EygxZmFjNTFlZTE4YzdhNWJlNjdkMDg5YWQ2ZjE2YTY4MjZmNjg1NjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn30o7OI/huQ2keDlzSclqlqww9Uf
Rm/FgcUSb2YyxQSJZ3Ww4AkE13wAM/upFwYaSrVQ1JBsXWU3Ri0503YfWW+1Vaav
JO+g7Xz2EySpLE8LtjgF8dDky+A9ZrgBUNkjGWxy6xU3/uaDTdJxu/osTz1T28zq
b64+qmXbD9vn3NUAac9XJdilkUuO1ZkOUHeuBAWzNKlEcH4EFlGuhthZXHWwN5kv
g84booRcoFJ7rtploggD0cjH0bqaD2yrsKyjF9x9qHHTvTdjS6kr3aYgUYkpH7KK
DogOxa5h76CVXPlUVN/dFStZXdqNDSfTtGXAbEdDPQ5S2DPFj3CLauExyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+sUe4Yx6W+Z9CJrW8WpoJvaFZkMB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIZ9TuT26
5Qxb2glA7dYggBMR88Dm0ifpUa5CCc0rOHxf8ExNPYBetoEUSuyG+R5oFjHFZ2h+
I1VEGZscA1/1FUKL0Fw8RMTtBr0x3Y0+vicxq0Dzj1Im0au1hh/5pYRZAfCtoUEi
mz098PYsB2M2rjz+Y8upG+y3FjsCU77WCunUYHb35g6CyYXJLbqZlLuslHpqX/1s
6JZ6awaIWeW5MqSFGH2ntRS/cFoTuYy4cN75E28OULNxMzOD6W2JYpA3Czvj40cr
oyesk6wgOykd+2XTBZd3ObCvFb/kAhTZRry3u8zpn8llL3q4YbHpUCktnRBmjXND
smBE1KcKEsooJQ==
-----END CERTIFICATE-----