Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
File:                     oewv8gIW07xkdbhQpGXjYvTs7s0.mft (raw, json)
Hash identifier:          /5ui59JIgHR8FB/4igL/w6XCk+YF21/1iHRTBXJP/xE=
Subject key identifier:   19:90:F7:AE:19:D2:F4:10:21:DD:52:FD:24:0B:9B:48:CE:28:13:F3
Authority key identifier: A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD
Certificate issuer:       /CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
Certificate serial:       0198D54E16E38DDBB8A0F19BBF9C7A57DCA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
Manifest number:          02CB
Signing time:             Sat 23 Aug 2025 05:02:01 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:01 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:01 +0000
Files and hashes:         1: oewv8gIW07xkdbhQpGXjYvTs7s0.crl (hash: xSWP2FgoZ+sLxwBYfpkV+bUxkAt7ejM8a6wAZxgaXY0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:16:e3:8d:db:b8:a0:f1:9b:bf:9c:7a:57:dc:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
        Validity
            Not Before: Aug 23 05:02:01 2025 GMT
            Not After : Aug 24 05:02:01 2025 GMT
        Subject: CN=1990f7ae19d2f41021dd52fd240b9b48ce2813f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:b4:57:67:71:f5:71:6e:6a:08:af:59:c0:d3:
                    d6:a4:63:01:f0:4c:20:fd:20:d2:d1:fb:a1:b5:21:
                    4d:d6:d4:25:e7:10:1f:bf:c4:d8:fb:c8:23:e9:84:
                    ef:5d:04:da:99:93:42:9d:37:95:f0:da:b0:a8:d3:
                    34:cd:32:bc:ed:8e:e0:70:20:67:35:a9:59:9a:e1:
                    a4:1b:d3:d8:28:c6:03:bb:53:01:02:54:01:64:0f:
                    3a:c9:f5:4e:44:1f:c3:91:30:a6:4f:36:a3:3a:bd:
                    84:b6:63:53:23:05:78:52:3a:7d:ca:5b:9c:fa:60:
                    94:3f:d6:b2:93:fc:c8:83:6a:c4:a2:70:b9:ea:9c:
                    75:55:81:28:ed:ef:ce:fb:59:c5:82:d6:69:8a:2c:
                    57:78:a3:55:1c:a8:ee:cb:4e:d1:3b:20:a3:aa:30:
                    cf:15:d3:cf:da:89:f0:cb:b2:7c:97:64:37:bb:31:
                    6e:89:c5:31:04:b7:c2:e6:7a:ce:fc:12:d7:61:37:
                    0a:68:e3:a1:8e:8b:bd:ca:f9:39:d7:ae:60:39:6f:
                    36:aa:da:29:b2:b6:12:76:ba:9b:51:6b:c1:29:59:
                    d2:26:4d:a4:c5:cf:d2:6d:d3:37:bc:41:38:48:20:
                    15:64:e7:fb:ec:8e:30:51:47:1f:ab:cb:eb:d4:f4:
                    07:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:90:F7:AE:19:D2:F4:10:21:DD:52:FD:24:0B:9B:48:CE:28:13:F3
            X509v3 Authority Key Identifier:
                keyid:A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:8b:16:2f:6e:f2:e8:cc:23:39:ac:06:b1:0d:61:74:d4:4c:
         d2:f7:f9:35:d2:01:61:91:2e:d6:ff:80:f5:58:9a:ac:e3:d5:
         f3:2d:83:f7:f7:6d:09:74:c9:5a:75:06:0c:63:61:ba:46:21:
         f3:e9:bc:38:ba:be:bc:92:61:ca:d6:a5:3f:bd:a4:8f:78:1e:
         53:6c:8a:ba:38:3f:ec:27:a3:15:1d:34:2d:d8:5c:c5:f1:22:
         1e:fb:79:5d:8e:0d:02:6f:fc:1b:23:66:b7:e5:20:a5:8b:8a:
         cb:ea:7e:b8:3f:56:5e:29:7d:46:18:b0:4b:2e:eb:db:20:be:
         10:36:60:8b:5f:ec:64:df:5d:98:68:69:e6:0b:e1:15:ba:fe:
         96:3e:e0:7f:2a:59:4c:84:90:a9:86:e7:8f:1e:c8:ce:df:11:
         77:d6:e4:83:8e:1b:75:99:04:e2:ef:5f:ac:13:7a:76:c2:64:
         0b:0c:40:e8:8e:cc:8f:35:ba:1c:0d:2c:d6:9e:e1:f9:b0:93:
         82:8e:be:14:b0:47:29:7b:ce:c7:65:98:19:0c:d9:63:25:ba:
         8d:24:a1:1a:19:47:60:55:1d:59:9d:ee:73:c4:5a:7f:ac:00:
         0b:ac:ae:3d:4e:bc:19:44:7a:dd:e6:de:a5:41:bf:36:90:45:
         82:fe:8a:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVThbjjdu4oPGbv5x6V9yoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZWMyZmYyMDIxNmQzYmM2NDc1Yjg1MGE0NjVlMzYyZjRl
Y2VlY2QwHhcNMjUwODIzMDUwMjAxWhcNMjUwODI0MDUwMjAxWjAzMTEwLwYDVQQD
EygxOTkwZjdhZTE5ZDJmNDEwMjFkZDUyZmQyNDBiOWI0OGNlMjgxM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbRXZ3H1cW5qCK9ZwNPWpGMB8Ewg
/SDS0fuhtSFN1tQl5xAfv8TY+8gj6YTvXQTamZNCnTeV8NqwqNM0zTK87Y7gcCBn
NalZmuGkG9PYKMYDu1MBAlQBZA86yfVORB/DkTCmTzajOr2EtmNTIwV4Ujp9yluc
+mCUP9ayk/zIg2rEonC56px1VYEo7e/O+1nFgtZpiixXeKNVHKjuy07ROyCjqjDP
FdPP2onwy7J8l2Q3uzFuicUxBLfC5nrO/BLXYTcKaOOhjou9yvk5165gOW82qtop
srYSdrqbUWvBKVnSJk2kxc/SbdM3vEE4SCAVZOf77I4wUUcfq8vr1PQHGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmQ964Z0vQQId1S/SQLm0jOKBPzMB8GA1UdIwQY
MBaAFKHsL/ICFtO8ZHW4UKRl42L07O7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMt
NTA3NTYzODg1NDAzLzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMtNTA3NTYzODg1NDAz
LzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZIsWL27y
6MwjOawGsQ1hdNRM0vf5NdIBYZEu1v+A9ViarOPV8y2D9/dtCXTJWnUGDGNhukYh
8+m8OLq+vJJhytalP72kj3geU2yKujg/7CejFR00LdhcxfEiHvt5XY4NAm/8GyNm
t+UgpYuKy+p+uD9WXil9RhiwSy7r2yC+EDZgi1/sZN9dmGhp5gvhFbr+lj7gfypZ
TISQqYbnjx7Izt8Rd9bkg44bdZkE4u9frBN6dsJkCwxA6I7MjzW6HA0s1p7h+bCT
go6+FLBHKXvOx2WYGQzZYyW6jSShGhlHYFUdWZ3uc8Raf6wAC6yuPU68GUR63ebe
pUG/NpBFgv6KBw==
-----END CERTIFICATE-----