Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
File:                     OXqyKGxnhx2rRXpygyl_yMaIpK8.mft (raw, json)
Hash identifier:          Sh3qWvIcR/+qR6e85n/CX/Dx/CzAiRVwZqNp9rT1mbw=
Subject key identifier:   C1:B4:BB:34:04:EB:71:64:AC:51:50:60:A0:D2:6A:B0:83:5E:6D:27
Authority key identifier: 39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF
Certificate issuer:       /CN=397ab2286c67871dab457a7283297fc8c688a4af
Certificate serial:       0198D5162DB7A5C84676FC560742CB816201
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 04:00:57 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:57 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:57 +0000
Files and hashes:         1: OXqyKGxnhx2rRXpygyl_yMaIpK8.crl (hash: /FboT5zSkzbeMvm6gpNh/GS9fqo6Pz5pJzUyJr62eik=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:2d:b7:a5:c8:46:76:fc:56:07:42:cb:81:62:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397ab2286c67871dab457a7283297fc8c688a4af
        Validity
            Not Before: Aug 23 04:00:57 2025 GMT
            Not After : Aug 24 04:00:57 2025 GMT
        Subject: CN=c1b4bb3404eb7164ac515060a0d26ab0835e6d27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:07:1b:bb:6f:64:c2:d6:be:f7:18:1a:ea:12:
                    cf:8c:82:d0:43:2c:2c:7f:24:bf:34:96:79:cd:b0:
                    12:00:b4:10:b1:6b:7c:2a:02:a3:9a:85:de:aa:47:
                    6e:33:50:7a:85:9b:41:73:6a:59:a3:48:94:30:8c:
                    9e:7b:c5:a7:c9:65:1a:87:48:c1:72:4e:04:86:84:
                    6e:03:78:9d:77:62:91:90:0b:f4:d4:f8:1e:65:57:
                    30:da:1b:1d:a8:f3:1a:42:3f:e2:3b:b5:42:91:2d:
                    40:4c:d4:07:b7:11:d6:bf:f5:5f:e2:5f:db:aa:17:
                    ab:cf:87:eb:d3:24:6e:30:8a:41:70:5b:1e:11:f4:
                    19:f9:e5:4e:f1:0e:40:b6:03:a2:c4:0f:d3:c1:28:
                    9b:57:4b:c0:02:72:cb:a6:e5:60:79:f5:28:01:bc:
                    f7:be:44:7d:f8:6a:32:8c:64:78:c6:7c:39:3b:c1:
                    65:2a:05:df:d5:a8:b5:d8:c5:23:b7:d2:ac:2e:09:
                    3e:c3:d1:58:fd:8b:4a:db:7b:e8:6a:f6:fb:a6:66:
                    91:2c:e8:74:6a:2a:f2:e6:54:aa:e8:2c:c9:6e:d1:
                    76:44:8f:57:4f:38:a3:ee:f1:57:24:43:dd:32:4a:
                    b6:1a:ab:82:ac:b8:61:eb:bd:94:b2:cc:e1:c4:b6:
                    ca:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:B4:BB:34:04:EB:71:64:AC:51:50:60:A0:D2:6A:B0:83:5E:6D:27
            X509v3 Authority Key Identifier:
                keyid:39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:fb:5f:e9:7d:6e:50:9c:a9:76:56:08:f5:dd:fb:0c:d4:76:
         b0:3f:30:7a:12:5b:90:f9:4c:86:8f:a9:4b:ec:d1:72:bb:c3:
         57:f3:a5:ed:ea:94:69:87:fe:fe:1b:8b:8d:16:1e:10:e5:84:
         a5:4c:6d:d1:00:de:d1:6e:7c:1f:f9:e8:83:d7:15:f0:21:db:
         09:00:d3:64:43:55:49:ad:e3:29:9d:88:91:74:78:14:41:ad:
         2f:4c:49:b0:e1:55:bb:5a:c2:20:e1:48:08:27:ec:60:f4:68:
         e9:a2:fb:fa:59:cc:99:a3:0d:e1:a3:2a:e5:72:62:cd:eb:54:
         46:99:a2:d1:6b:8b:32:df:32:ae:a3:e8:53:89:bc:19:98:35:
         03:fe:11:b1:ec:30:2e:18:0e:ee:9c:f8:a2:f9:d6:68:3a:47:
         94:e4:6a:90:51:9c:64:83:e3:fe:08:37:ec:e8:10:2c:89:c5:
         94:42:85:7b:df:35:87:f2:5d:f9:2f:9c:56:ba:b2:03:c6:23:
         68:d7:49:cd:a6:d0:54:33:91:a3:00:29:80:6c:76:2d:4c:2b:
         c6:36:57:43:ce:1e:83:2c:17:44:2b:be:10:8c:14:ce:98:79:
         89:13:ad:50:0a:75:bd:63:f4:59:9d:a4:ed:4e:9e:fa:e1:59:
         fe:d4:98:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFi23pchGdvxWB0LLgWIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2FiMjI4NmM2Nzg3MWRhYjQ1N2E3MjgzMjk3ZmM4YzY4
OGE0YWYwHhcNMjUwODIzMDQwMDU3WhcNMjUwODI0MDQwMDU3WjAzMTEwLwYDVQQD
EyhjMWI0YmIzNDA0ZWI3MTY0YWM1MTUwNjBhMGQyNmFiMDgzNWU2ZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogcbu29kwta+9xga6hLPjILQQyws
fyS/NJZ5zbASALQQsWt8KgKjmoXeqkduM1B6hZtBc2pZo0iUMIyee8WnyWUah0jB
ck4EhoRuA3idd2KRkAv01PgeZVcw2hsdqPMaQj/iO7VCkS1ATNQHtxHWv/Vf4l/b
qherz4fr0yRuMIpBcFseEfQZ+eVO8Q5AtgOixA/TwSibV0vAAnLLpuVgefUoAbz3
vkR9+GoyjGR4xnw5O8FlKgXf1ai12MUjt9KsLgk+w9FY/YtK23voavb7pmaRLOh0
airy5lSq6CzJbtF2RI9XTzij7vFXJEPdMkq2GquCrLhh672UsszhxLbKTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMG0uzQE63FkrFFQYKDSarCDXm0nMB8GA1UdIwQY
MBaAFDl6sihsZ4cdq0V6coMpf8jGiKSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAt
MzMyM2ZkMDYwYjliLzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAtMzMyM2ZkMDYwYjli
LzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW/tf6X1u
UJypdlYI9d37DNR2sD8wehJbkPlMho+pS+zRcrvDV/Ol7eqUaYf+/huLjRYeEOWE
pUxt0QDe0W58H/nog9cV8CHbCQDTZENVSa3jKZ2IkXR4FEGtL0xJsOFVu1rCIOFI
CCfsYPRo6aL7+lnMmaMN4aMq5XJizetURpmi0WuLMt8yrqPoU4m8GZg1A/4Rseww
LhgO7pz4ovnWaDpHlORqkFGcZIPj/gg37OgQLInFlEKFe981h/Jd+S+cVrqyA8Yj
aNdJzabQVDORowApgGx2LUwrxjZXQ84egywXRCu+EIwUzph5iROtUAp1vWP0WZ2k
7U6e+uFZ/tSYVQ==
-----END CERTIFICATE-----