Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          cO+GdA+dPQWgi+UUeEr7yjRd1SYrmrpM8Unnao8sfTU=
Subject key identifier:   1F:56:D8:AB:85:A1:5E:83:65:56:40:E1:8A:A9:31:87:1B:84:F5:C9
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       0198D7057CE23EC3478A7BD412647629768E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0CDA
Signing time:             Sat 23 Aug 2025 13:01:57 +0000
Manifest this update:     Sat 23 Aug 2025 13:01:57 +0000
Manifest next update:     Sun 24 Aug 2025 13:01:57 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: Tj/DTBfBVvlQw8GOwFQXhKfQ1a373ml70TaVAIzg/e0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:7c:e2:3e:c3:47:8a:7b:d4:12:64:76:29:76:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Aug 23 13:01:57 2025 GMT
            Not After : Aug 24 13:01:57 2025 GMT
        Subject: CN=1f56d8ab85a15e83655640e18aa931871b84f5c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:87:7c:7c:e4:fa:0d:03:9f:d6:0e:0b:28:ee:
                    bd:69:29:c5:34:f2:3c:af:52:b7:0a:e8:6a:49:c0:
                    63:e2:aa:e0:71:e5:a3:ec:21:0f:f0:1d:83:c1:4d:
                    a7:1e:8b:72:26:eb:78:fa:44:b5:28:98:2a:2d:58:
                    84:04:df:76:89:13:f1:ae:4c:8d:25:32:d4:88:e6:
                    11:49:a0:55:ea:55:89:e4:c5:27:12:22:f4:1b:78:
                    64:41:2d:e2:e2:93:27:f4:cf:4f:bf:11:3b:e6:da:
                    5a:7e:4e:da:36:4b:a0:6b:15:fb:a8:33:ea:27:0e:
                    15:59:bc:36:bb:ee:a9:33:11:24:1c:2e:49:b2:5e:
                    c2:b2:69:37:a6:08:bc:83:0c:97:83:63:47:4d:d8:
                    f4:3d:dd:d8:7e:9e:d9:25:1a:2e:98:22:34:f7:60:
                    22:28:73:86:bf:a5:db:a3:33:e4:bb:8a:f4:b2:e4:
                    78:d1:93:8c:ea:e0:40:b6:23:a4:0f:f1:b6:b5:f1:
                    c6:d8:90:ae:3b:f2:ee:56:64:f7:65:25:cf:13:4b:
                    fe:c3:89:06:50:bf:dc:af:e5:9d:67:e6:09:df:b1:
                    bf:79:89:77:2e:18:e7:24:21:66:6e:3d:71:c7:0d:
                    68:f8:b4:86:cb:0d:a6:50:cb:c0:9d:64:59:00:67:
                    5d:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:56:D8:AB:85:A1:5E:83:65:56:40:E1:8A:A9:31:87:1B:84:F5:C9
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:77:30:fc:d4:70:1d:71:de:ec:77:b6:e1:a8:61:29:d6:d1:
         64:3a:94:45:d9:92:1e:96:25:23:41:a7:60:97:50:b1:ba:2f:
         70:09:5d:35:02:0e:75:61:a1:43:ae:2d:e3:2d:bd:a8:75:89:
         53:1b:eb:76:55:1a:eb:7f:91:99:4f:5f:e3:26:62:b0:9b:56:
         60:e3:5b:97:df:bc:67:c8:bd:1c:0b:f1:e5:37:4d:92:8b:2d:
         c6:3d:05:82:8d:38:83:2e:d6:cf:28:3f:aa:26:4a:ec:7b:e8:
         c2:14:bc:ab:77:d3:6b:fa:02:93:1c:29:50:d0:78:b9:4b:16:
         a9:00:23:7e:74:13:54:cb:f3:b3:f3:52:1c:56:f8:31:09:74:
         12:22:3b:82:52:0f:a8:f6:01:7e:7f:f3:5f:d3:be:f8:06:d8:
         94:e2:4b:18:78:7a:92:df:22:c3:9e:81:d0:72:72:06:c9:93:
         23:6d:74:9f:e0:0b:fa:9a:2b:30:3a:f8:21:7e:12:af:a2:46:
         2e:c5:1c:75:36:93:dc:84:62:c5:02:a0:4a:f7:33:a9:8e:c0:
         da:24:83:cc:7b:ad:f5:d0:9a:f6:33:9b:21:7c:63:0b:43:8b:
         f8:e9:54:ff:6a:67:f8:a2:31:07:35:a3:16:99:a9:71:9c:70:
         8f:47:12:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBXziPsNHinvUEmR2KXaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUwODIzMTMwMTU3WhcNMjUwODI0MTMwMTU3WjAzMTEwLwYDVQQD
EygxZjU2ZDhhYjg1YTE1ZTgzNjU1NjQwZTE4YWE5MzE4NzFiODRmNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYd8fOT6DQOf1g4LKO69aSnFNPI8
r1K3CuhqScBj4qrgceWj7CEP8B2DwU2nHotyJut4+kS1KJgqLViEBN92iRPxrkyN
JTLUiOYRSaBV6lWJ5MUnEiL0G3hkQS3i4pMn9M9PvxE75tpafk7aNkugaxX7qDPq
Jw4VWbw2u+6pMxEkHC5Jsl7Csmk3pgi8gwyXg2NHTdj0Pd3Yfp7ZJRoumCI092Ai
KHOGv6XbozPku4r0suR40ZOM6uBAtiOkD/G2tfHG2JCuO/LuVmT3ZSXPE0v+w4kG
UL/cr+WdZ+YJ37G/eYl3LhjnJCFmbj1xxw1o+LSGyw2mUMvAnWRZAGddMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9W2KuFoV6DZVZA4YqpMYcbhPXJMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL3cw/NRw
HXHe7He24ahhKdbRZDqURdmSHpYlI0GnYJdQsbovcAldNQIOdWGhQ64t4y29qHWJ
UxvrdlUa63+RmU9f4yZisJtWYONbl9+8Z8i9HAvx5TdNkostxj0Fgo04gy7Wzyg/
qiZK7HvowhS8q3fTa/oCkxwpUNB4uUsWqQAjfnQTVMvzs/NSHFb4MQl0EiI7glIP
qPYBfn/zX9O++AbYlOJLGHh6kt8iw56B0HJyBsmTI210n+AL+porMDr4IX4Sr6JG
LsUcdTaT3IRixQKgSvczqY7A2iSDzHut9dCa9jObIXxjC0OL+OlU/2pn+KIxBzWj
FpmpcZxwj0cSSw==
-----END CERTIFICATE-----