Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          5IJ38aeSFufbo7TGeVmqJUdr492rsBPl3lk797G3fAk=
Subject key identifier:   92:79:89:09:7D:99:3E:1F:9C:71:D1:A5:8F:DF:9B:EA:A0:B6:88:76
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       0199FCC69F5591C1E8BE79C7DFF8C364DB8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 14:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:39 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: Usu8XMPXGOl91LYR0QFMr8KEUBRncYHAes3h+w8b3lk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 14:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:9f:55:91:c1:e8:be:79:c7:df:f8:c3:64:db:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Oct 19 14:01:39 2025 GMT
            Not After : Oct 20 14:01:39 2025 GMT
        Subject: CN=927989097d993e1f9c71d1a58fdf9beaa0b68876
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:ba:a8:d7:51:6c:a0:bc:13:e4:15:6a:ce:73:
                    81:fb:2a:dd:63:e5:d3:cc:03:8e:cf:74:28:94:d5:
                    56:1f:a1:f0:59:a5:0f:d4:65:2e:41:5c:8e:5e:4c:
                    c1:9a:6f:58:06:95:a7:2e:ed:0f:b3:46:ff:e8:32:
                    bb:8c:64:0a:ea:55:92:a1:f1:89:37:f7:9a:4c:75:
                    10:9f:b6:ea:ad:51:dc:34:c8:e7:92:3a:04:e5:99:
                    2a:f9:7c:ca:26:85:a4:8d:39:f1:fd:4c:3b:0c:84:
                    d5:b5:5f:71:50:70:2f:27:c7:fe:ff:c6:9d:41:9d:
                    63:0c:6d:1f:d4:7c:1b:84:78:57:3c:3f:63:3c:94:
                    50:e6:36:79:4c:66:0f:5d:79:da:7c:ae:a2:7e:e2:
                    2f:bb:4e:3e:b1:ae:18:27:ff:7f:ab:c4:96:f4:bf:
                    41:5a:b8:e1:81:b5:df:d4:a0:9f:38:39:36:c1:0b:
                    8a:d3:c8:8f:65:5b:29:1e:b3:96:2b:13:a2:fc:66:
                    b6:e0:a9:95:39:93:c9:e4:82:e6:50:dc:f1:1e:d2:
                    26:57:08:ae:c8:41:cd:02:23:6e:95:b3:7f:4f:bf:
                    6b:54:e5:9c:91:44:72:8c:fe:64:72:4d:e9:59:7e:
                    73:ad:4e:62:39:1a:af:37:ea:f4:3f:29:c7:38:2c:
                    fa:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:79:89:09:7D:99:3E:1F:9C:71:D1:A5:8F:DF:9B:EA:A0:B6:88:76
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:f5:42:4a:da:b1:b9:93:c8:67:c5:65:4d:b3:0e:f8:eb:23:
         45:3b:22:8a:d9:79:5f:71:38:8f:e2:e6:54:19:82:75:d2:77:
         c2:a8:f2:c4:09:0b:61:b8:39:46:d8:b7:d5:e0:b9:e8:b5:b6:
         9c:17:f1:5e:17:ad:56:9c:74:2e:70:15:7b:00:4b:c0:66:b0:
         f8:29:9b:be:24:73:28:e7:94:c8:4b:3a:2c:d8:77:4a:d3:bb:
         f1:3e:8d:f8:b3:06:4d:68:2c:9d:fc:57:f8:a0:7a:fa:b1:19:
         d4:99:b9:1e:ac:be:65:f2:25:7d:ba:ae:a2:98:94:b2:5e:b6:
         ce:61:99:d7:bd:84:26:76:42:cb:65:ac:51:13:6c:90:62:f6:
         13:3c:ca:b7:60:06:1c:af:58:5a:fb:22:2d:ff:f2:e0:59:d7:
         c2:6c:de:7a:00:d2:48:85:ba:ee:25:5e:b8:1e:45:75:4d:1c:
         d9:81:3d:b8:01:fe:e8:25:8b:c2:85:b4:e3:3e:45:9e:66:2e:
         15:2e:10:d5:2f:14:aa:2c:f6:4e:d9:e5:9f:3d:bd:3f:5e:f9:
         3d:16:aa:70:95:c4:9c:f8:2a:d2:4f:e4:fe:38:b7:bb:4c:1e:
         23:7e:92:15:76:8e:37:19:04:c9:08:9f:f6:ae:6b:05:c5:28:
         4e:76:e9:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xp9VkcHovnnH3/jDZNuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjUxMDE5MTQwMTM5WhcNMjUxMDIwMTQwMTM5WjAzMTEwLwYDVQQD
Eyg5Mjc5ODkwOTdkOTkzZTFmOWM3MWQxYTU4ZmRmOWJlYWEwYjY4ODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rqo11FsoLwT5BVqznOB+yrdY+XT
zAOOz3QolNVWH6HwWaUP1GUuQVyOXkzBmm9YBpWnLu0Ps0b/6DK7jGQK6lWSofGJ
N/eaTHUQn7bqrVHcNMjnkjoE5Zkq+XzKJoWkjTnx/Uw7DITVtV9xUHAvJ8f+/8ad
QZ1jDG0f1HwbhHhXPD9jPJRQ5jZ5TGYPXXnafK6ifuIvu04+sa4YJ/9/q8SW9L9B
WrjhgbXf1KCfODk2wQuK08iPZVspHrOWKxOi/Ga24KmVOZPJ5ILmUNzxHtImVwiu
yEHNAiNulbN/T79rVOWckURyjP5kck3pWX5zrU5iORqvN+r0PynHOCz6IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJ5iQl9mT4fnHHRpY/fm+qgtoh2MB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADfVCStqx
uZPIZ8VlTbMO+OsjRTsiitl5X3E4j+LmVBmCddJ3wqjyxAkLYbg5Rti31eC56LW2
nBfxXhetVpx0LnAVewBLwGaw+CmbviRzKOeUyEs6LNh3StO78T6N+LMGTWgsnfxX
+KB6+rEZ1Jm5Hqy+ZfIlfbquopiUsl62zmGZ172EJnZCy2WsURNskGL2EzzKt2AG
HK9YWvsiLf/y4FnXwmzeegDSSIW67iVeuB5FdU0c2YE9uAH+6CWLwoW04z5FnmYu
FS4Q1S8Uqiz2Ttnlnz29P175PRaqcJXEnPgq0k/k/ji3u0weI36SFXaONxkEyQif
9q5rBcUoTnbpCQ==
-----END CERTIFICATE-----