Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File:                     OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier:          exWpf1TTXvkHpnf1XaFZrsKR6nIzb2aIiLRr5Zu/t88=
Subject key identifier:   22:7C:A0:DF:43:44:6E:80:A5:32:12:FA:F4:20:20:1F:2D:ED:1F:3D
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer:       /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial:       0199FBEBCAFA5F19095E9A22FADF0898E3F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:38 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:38 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:38 +0000
Files and hashes:         1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: qghIEbGvMftH4CmmS5M/yWtmrzZHIDwUDJ8Y/fNBgwQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:ca:fa:5f:19:09:5e:9a:22:fa:df:08:98:e3:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
        Validity
            Not Before: Oct 19 10:02:38 2025 GMT
            Not After : Oct 20 10:02:38 2025 GMT
        Subject: CN=227ca0df43446e80a53212faf420201f2ded1f3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:28:66:a5:83:cf:c7:fe:2e:11:64:dd:8b:8f:
                    90:fe:b3:8e:81:0d:df:3c:ca:8e:6f:be:7e:8f:9c:
                    5a:44:65:fc:39:23:cb:91:e8:a1:f5:f2:8a:f2:11:
                    c1:e3:e3:72:2e:39:70:d4:06:c2:c4:3a:ab:ed:22:
                    1e:af:43:b1:61:51:ea:17:37:23:5b:c9:bb:5d:56:
                    8c:8c:46:4d:49:80:49:f5:6f:d8:22:ab:e4:bd:60:
                    57:df:66:80:f2:6f:a6:41:af:0c:eb:66:9c:3b:2a:
                    aa:51:71:9f:4e:af:53:d5:e3:f5:ee:b2:46:5d:83:
                    cf:47:92:8e:9d:6c:74:ce:41:03:b2:57:a0:ae:36:
                    80:c3:2a:3f:a1:16:8a:42:8c:41:dc:bd:29:9e:b7:
                    ed:ac:16:d8:d9:39:4e:60:2d:8a:3f:30:dc:39:62:
                    08:aa:99:a7:67:00:c2:d5:8a:d9:5e:4a:cf:94:48:
                    98:21:1e:d6:60:b9:c4:b1:e9:51:d8:ae:cc:81:38:
                    dc:51:5c:06:49:19:4e:27:1e:0a:c7:cf:73:29:0c:
                    e3:2d:85:fe:bd:db:ed:13:6f:e2:81:63:59:21:d3:
                    f7:a4:00:32:82:87:b6:56:3b:d9:8f:f2:cd:b6:58:
                    39:87:62:af:dc:0c:35:72:94:72:8b:c7:66:65:91:
                    16:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:7C:A0:DF:43:44:6E:80:A5:32:12:FA:F4:20:20:1F:2D:ED:1F:3D
            X509v3 Authority Key Identifier:
                keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:0b:95:23:e9:15:66:bf:40:5b:16:4c:c4:4b:25:30:fe:f5:
         92:52:a8:f6:a6:11:be:f0:4b:5a:86:f3:a1:77:d4:5d:a7:7f:
         6a:b2:57:59:c7:79:2e:ee:fb:5b:98:d8:a9:45:f7:32:b7:b9:
         a7:be:23:90:1d:c2:fc:4a:11:9f:a8:a1:0c:6b:45:f9:b0:32:
         3c:c4:eb:59:21:52:4a:b9:7a:b9:39:5c:56:13:94:26:c8:65:
         d0:d8:dc:4f:ee:45:d5:26:ff:a1:6f:18:cb:a1:90:47:87:43:
         c2:19:ee:a7:ad:5e:ea:cb:7f:ef:fc:87:6d:89:24:04:0b:1a:
         b4:12:de:dc:4d:f9:22:e7:56:0d:16:77:9d:31:50:ca:28:83:
         77:14:2d:fb:d4:45:47:44:05:8e:ca:ac:75:d6:92:c8:db:f4:
         09:1c:33:d5:e4:b8:0b:03:ea:e6:ed:8b:b1:b3:9c:d9:78:f7:
         5c:3a:ff:d1:f0:41:dd:e1:29:31:2b:f7:b0:ef:60:03:a1:dd:
         a4:4f:84:77:96:db:bf:d3:80:32:57:6b:0f:23:45:ae:0d:6c:
         05:b5:a8:2f:19:6c:fc:58:e5:6c:78:a2:f2:62:cf:84:cb:f1:
         2e:3b:13:e7:be:13:a4:b4:1d:18:27:fe:da:98:13:15:99:88:
         70:c7:48:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn768r6XxkJXpoi+t8ImOP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjUxMDE5MTAwMjM4WhcNMjUxMDIwMTAwMjM4WjAzMTEwLwYDVQQD
EygyMjdjYTBkZjQzNDQ2ZTgwYTUzMjEyZmFmNDIwMjAxZjJkZWQxZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoihmpYPPx/4uEWTdi4+Q/rOOgQ3f
PMqOb75+j5xaRGX8OSPLkeih9fKK8hHB4+NyLjlw1AbCxDqr7SIer0OxYVHqFzcj
W8m7XVaMjEZNSYBJ9W/YIqvkvWBX32aA8m+mQa8M62acOyqqUXGfTq9T1eP17rJG
XYPPR5KOnWx0zkEDslegrjaAwyo/oRaKQoxB3L0pnrftrBbY2TlOYC2KPzDcOWII
qpmnZwDC1YrZXkrPlEiYIR7WYLnEselR2K7MgTjcUVwGSRlOJx4Kx89zKQzjLYX+
vdvtE2/igWNZIdP3pAAygoe2VjvZj/LNtlg5h2Kv3Aw1cpRyi8dmZZEWAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJ8oN9DRG6ApTIS+vQgIB8t7R89MB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABQuVI+kV
Zr9AWxZMxEslMP71klKo9qYRvvBLWobzoXfUXad/arJXWcd5Lu77W5jYqUX3Mre5
p74jkB3C/EoRn6ihDGtF+bAyPMTrWSFSSrl6uTlcVhOUJshl0NjcT+5F1Sb/oW8Y
y6GQR4dDwhnup61e6st/7/yHbYkkBAsatBLe3E35IudWDRZ3nTFQyiiDdxQt+9RF
R0QFjsqsddaSyNv0CRwz1eS4CwPq5u2LsbOc2Xj3XDr/0fBB3eEpMSv3sO9gA6Hd
pE+Ed5bbv9OAMldrDyNFrg1sBbWoLxls/FjlbHii8mLPhMvxLjsT574TpLQdGCf+
2pgTFZmIcMdIPg==
-----END CERTIFICATE-----