Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
File:                     OXsxr3cA59mVkO39nVhKG1A46tc.mft (raw, json)
Hash identifier:          VjAWcGDewnaoeQT6+LWSH7ykRtIuR+p8eZWIYyAP7P4=
Subject key identifier:   F1:C8:7F:0C:5B:BC:66:C9:9E:67:DF:C9:70:8B:23:CE:0A:BF:17:D7
Authority key identifier: 39:7B:31:AF:77:00:E7:D9:95:90:ED:FD:9D:58:4A:1B:50:38:EA:D7
Certificate issuer:       /CN=397b31af7700e7d99590edfd9d584a1b5038ead7
Certificate serial:       0199FCFD6749B2290B944A4CFC6AD8CBF1B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
Manifest number:          0197
Signing time:             Sun 19 Oct 2025 15:01:29 +0000
Manifest this update:     Sun 19 Oct 2025 15:01:29 +0000
Manifest next update:     Mon 20 Oct 2025 15:01:29 +0000
Files and hashes:         1: OXsxr3cA59mVkO39nVhKG1A46tc.crl (hash: GBQKrW+xZ9lWepZt/wFEW3EITkSjG32p715p5HJuPy8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:fd:67:49:b2:29:0b:94:4a:4c:fc:6a:d8:cb:f1:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397b31af7700e7d99590edfd9d584a1b5038ead7
        Validity
            Not Before: Oct 19 15:01:29 2025 GMT
            Not After : Oct 20 15:01:29 2025 GMT
        Subject: CN=f1c87f0c5bbc66c99e67dfc9708b23ce0abf17d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:60:90:79:7b:88:2f:f1:85:37:e9:63:d2:51:
                    61:37:54:8d:1c:83:f6:c6:81:38:c1:4a:2a:ca:89:
                    ae:63:64:57:e9:81:10:72:02:75:44:8b:94:0d:90:
                    90:80:4b:e7:ff:23:51:1b:96:a2:b9:ef:e7:12:74:
                    a4:fd:fb:93:7c:c6:63:f7:5f:38:13:19:d7:bf:44:
                    12:e4:9a:40:7a:db:a9:e2:bd:83:00:9b:88:85:e9:
                    e6:68:9e:bb:9b:db:7d:77:75:8b:67:27:67:e3:a9:
                    57:42:70:25:25:60:55:0e:51:20:2b:0e:60:d8:91:
                    5c:27:ad:cb:89:88:90:f8:5b:e1:c3:ea:8b:ad:4c:
                    0b:43:a0:cc:a9:9d:7e:8b:ec:3e:08:ab:43:c5:13:
                    db:be:8b:a6:a2:c0:1b:2a:3b:94:c4:98:5a:b8:bf:
                    26:c8:8b:96:24:3e:25:c5:c0:93:fe:ed:1f:3f:49:
                    ab:cf:21:83:50:6b:96:f0:8c:4e:0e:aa:59:59:ec:
                    8f:47:0a:c9:54:6f:c8:ac:fe:03:cd:ad:44:92:74:
                    d7:53:87:5b:43:2a:df:bb:2b:04:d4:19:21:48:fe:
                    ac:3b:6a:fc:0f:29:c9:43:d2:08:2f:a8:34:74:fe:
                    a1:ec:c9:7b:9c:42:52:2a:78:47:c3:9b:42:ed:91:
                    73:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:C8:7F:0C:5B:BC:66:C9:9E:67:DF:C9:70:8B:23:CE:0A:BF:17:D7
            X509v3 Authority Key Identifier:
                keyid:39:7B:31:AF:77:00:E7:D9:95:90:ED:FD:9D:58:4A:1B:50:38:EA:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXsxr3cA59mVkO39nVhKG1A46tc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/0d9d3b-d790-4ae8-a23d-b202e05ac84a/1/OXsxr3cA59mVkO39nVhKG1A46tc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:2b:3b:2d:3f:8b:c4:51:1b:c8:91:c8:b2:d4:b7:38:cb:ce:
         a4:19:a0:8d:b6:e1:29:61:83:ec:a4:7a:7c:31:92:12:e8:3e:
         11:30:6b:ae:2c:6d:79:22:5e:2c:6a:bc:ef:af:be:29:3c:2c:
         d5:ef:98:d7:b1:2b:4b:34:a1:84:ab:9d:02:81:de:88:72:09:
         53:ff:5d:8b:80:0f:73:e4:79:8e:dd:89:e6:8b:07:3c:e6:99:
         1f:cd:4e:58:0c:1e:37:3e:62:da:8c:ed:ee:8c:e2:f3:5e:2a:
         14:5a:e5:fe:e3:1d:9d:64:48:63:21:4a:9d:ad:e1:37:b4:bb:
         d6:f5:20:e7:0e:c2:70:34:ae:ed:7b:9d:b3:a4:e2:b0:b9:f7:
         10:ab:d0:2b:9e:8c:b1:c1:1b:b0:d0:eb:fb:f8:ef:08:70:37:
         9c:24:a6:91:a4:da:7f:d4:0a:9b:c2:28:4d:13:06:f6:5c:91:
         a4:3b:a7:8d:e9:e1:a9:80:5c:cd:e4:07:3d:a5:ba:2a:09:8d:
         fb:de:9a:15:86:90:9b:11:92:42:23:af:ce:28:17:d4:bc:19:
         3a:00:be:e7:57:57:d0:e0:f9:11:75:4a:67:26:2a:81:7a:fd:
         43:a0:c5:ed:01:51:52:e0:60:c6:55:d0:60:6b:93:ac:38:a6:
         95:76:22:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/WdJsikLlEpM/GrYy/GxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2IzMWFmNzcwMGU3ZDk5NTkwZWRmZDlkNTg0YTFiNTAz
OGVhZDcwHhcNMjUxMDE5MTUwMTI5WhcNMjUxMDIwMTUwMTI5WjAzMTEwLwYDVQQD
EyhmMWM4N2YwYzViYmM2NmM5OWU2N2RmYzk3MDhiMjNjZTBhYmYxN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWCQeXuIL/GFN+lj0lFhN1SNHIP2
xoE4wUoqyomuY2RX6YEQcgJ1RIuUDZCQgEvn/yNRG5aiue/nEnSk/fuTfMZj9184
ExnXv0QS5JpAetup4r2DAJuIhenmaJ67m9t9d3WLZydn46lXQnAlJWBVDlEgKw5g
2JFcJ63LiYiQ+Fvhw+qLrUwLQ6DMqZ1+i+w+CKtDxRPbvoumosAbKjuUxJhauL8m
yIuWJD4lxcCT/u0fP0mrzyGDUGuW8IxODqpZWeyPRwrJVG/IrP4Dza1EknTXU4db
QyrfuysE1BkhSP6sO2r8DynJQ9IIL6g0dP6h7Ml7nEJSKnhHw5tC7ZFzWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPHIfwxbvGbJnmffyXCLI84KvxfXMB8GA1UdIwQY
MBaAFDl7Ma93AOfZlZDt/Z1YShtQOOrXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wZDlkM2ItZDc5MC00YWU4LWEyM2Qt
YjIwMmUwNWFjODRhLzEvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8wZDlkM2ItZDc5MC00YWU4LWEyM2QtYjIwMmUwNWFjODRh
LzEvT1hzeHIzY0E1OW1Wa08zOW5WaEtHMUE0NnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAris7LT+L
xFEbyJHIstS3OMvOpBmgjbbhKWGD7KR6fDGSEug+ETBrrixteSJeLGq876++KTws
1e+Y17ErSzShhKudAoHeiHIJU/9di4APc+R5jt2J5osHPOaZH81OWAweNz5i2ozt
7ozi814qFFrl/uMdnWRIYyFKna3hN7S71vUg5w7CcDSu7Xuds6TisLn3EKvQK56M
scEbsNDr+/jvCHA3nCSmkaTaf9QKm8IoTRMG9lyRpDunjenhqYBczeQHPaW6KgmN
+96aFYaQmxGSQiOvzigX1LwZOgC+51dX0OD5EXVKZyYqgXr9Q6DF7QFRUuBgxlXQ
YGuTrDimlXYiwA==
-----END CERTIFICATE-----