Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
File:                     o2osPu23l22c4wRYHyNTL-y0bn8.mft (raw, json)
Hash identifier:          P/p5AUQyMGrkkhESD5GGBbzoQqP/oiI4K+QOHSRJmjo=
Subject key identifier:   69:AE:E7:FF:9F:A0:80:46:11:DB:10:91:0B:A1:75:A8:53:61:A1:6E
Authority key identifier: A3:6A:2C:3E:ED:B7:97:6D:9C:E3:04:58:1F:23:53:2F:EC:B4:6E:7F
Certificate issuer:       /CN=a36a2c3eedb7976d9ce304581f23532fecb46e7f
Certificate serial:       0198D6CD9C2CA6CB1BF4539623205F9EC9A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 12:00:55 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:55 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:55 +0000
Files and hashes:         1: o2osPu23l22c4wRYHyNTL-y0bn8.crl (hash: zD2cDVRlHO/fOu2hkGARj+pDGpHuplbRKOTzFu80gr8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:9c:2c:a6:cb:1b:f4:53:96:23:20:5f:9e:c9:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a36a2c3eedb7976d9ce304581f23532fecb46e7f
        Validity
            Not Before: Aug 23 12:00:55 2025 GMT
            Not After : Aug 24 12:00:55 2025 GMT
        Subject: CN=69aee7ff9fa0804611db10910ba175a85361a16e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:db:c6:50:7e:39:68:1c:60:44:12:3b:65:84:
                    e9:f7:54:40:14:46:1a:1e:b3:40:67:f9:39:e9:d1:
                    b8:28:15:90:f4:ac:ba:66:db:40:b1:48:b6:55:ec:
                    6d:ba:10:c3:eb:e4:23:ed:c4:33:f6:56:2a:ce:7e:
                    f7:86:c1:15:db:87:b1:c8:18:62:eb:5d:8d:f2:49:
                    50:df:46:13:30:ed:1f:cb:a2:c8:d2:63:b4:a4:94:
                    b5:ec:9a:2b:2b:90:3f:9d:1b:03:7e:b3:89:8f:56:
                    62:29:07:fa:09:82:3c:13:93:1b:23:bb:6c:39:e0:
                    f0:a9:ea:c5:3c:f2:fa:19:37:be:89:2f:3d:8a:13:
                    4d:59:30:a6:d7:8b:39:e1:36:dd:65:bc:8f:83:06:
                    52:5a:02:e4:fa:54:d6:a0:14:e2:fe:70:3f:be:b4:
                    1f:bb:a5:c4:d4:40:d3:50:7a:e7:f2:e3:08:e2:cf:
                    f5:59:2a:dc:d6:bb:9a:ab:d9:a6:1a:27:ab:45:1b:
                    a2:aa:92:2e:39:4d:72:c7:f9:44:be:db:1d:1a:72:
                    8c:af:4d:d5:93:a8:8c:96:9f:83:e1:6a:4e:58:70:
                    89:58:4e:ad:2f:81:93:42:9b:62:64:a8:42:57:a6:
                    32:1d:a4:9f:6d:e3:9a:fa:76:7c:74:d9:91:68:9b:
                    0a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:AE:E7:FF:9F:A0:80:46:11:DB:10:91:0B:A1:75:A8:53:61:A1:6E
            X509v3 Authority Key Identifier:
                keyid:A3:6A:2C:3E:ED:B7:97:6D:9C:E3:04:58:1F:23:53:2F:EC:B4:6E:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:19:c9:bd:31:84:9c:b0:84:30:f3:e6:58:26:51:7c:03:e7:
         14:81:9e:e1:f4:16:75:d2:ee:37:2c:99:1b:86:b8:07:61:93:
         dd:67:3c:47:57:94:0c:aa:c4:c3:dc:4d:ce:43:5f:1f:2c:58:
         1f:0b:39:8d:09:98:02:3f:35:bd:d7:4e:c9:b9:ef:89:e4:79:
         a7:8e:e2:e5:91:02:68:ef:46:29:6a:a9:ed:f2:36:cb:58:2d:
         5b:8a:ab:2d:85:1c:06:db:48:0d:6f:b9:4b:4e:50:2d:32:7f:
         52:8e:c9:36:fd:4a:6a:ac:53:37:17:77:fb:c6:53:6a:28:53:
         92:83:88:e4:46:e9:24:96:ff:2e:fe:20:2c:fc:87:7e:ab:68:
         52:fe:55:79:ba:64:64:4e:37:4f:97:9a:50:75:91:c6:48:c7:
         af:18:6d:12:12:b2:a6:76:65:1d:11:a9:6b:11:33:00:b6:64:
         3b:7c:9b:ef:56:1c:35:55:75:07:f8:37:aa:c2:60:71:7c:71:
         10:a2:14:17:37:81:1d:ed:91:db:4d:a6:e4:7f:63:b9:9c:c8:
         dd:4c:36:e5:ac:3d:47:fc:b6:5d:e9:71:b1:8a:ce:60:a7:fc:
         77:1c:90:03:ed:db:01:92:f4:78:22:dd:55:2e:4c:e7:88:9c:
         d1:d8:01:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzZwspssb9FOWIyBfnsmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmEyYzNlZWRiNzk3NmQ5Y2UzMDQ1ODFmMjM1MzJmZWNi
NDZlN2YwHhcNMjUwODIzMTIwMDU1WhcNMjUwODI0MTIwMDU1WjAzMTEwLwYDVQQD
Eyg2OWFlZTdmZjlmYTA4MDQ2MTFkYjEwOTEwYmExNzVhODUzNjFhMTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9vGUH45aBxgRBI7ZYTp91RAFEYa
HrNAZ/k56dG4KBWQ9Ky6ZttAsUi2VextuhDD6+Qj7cQz9lYqzn73hsEV24exyBhi
612N8klQ30YTMO0fy6LI0mO0pJS17JorK5A/nRsDfrOJj1ZiKQf6CYI8E5MbI7ts
OeDwqerFPPL6GTe+iS89ihNNWTCm14s54TbdZbyPgwZSWgLk+lTWoBTi/nA/vrQf
u6XE1EDTUHrn8uMI4s/1WSrc1ruaq9mmGierRRuiqpIuOU1yx/lEvtsdGnKMr03V
k6iMlp+D4WpOWHCJWE6tL4GTQptiZKhCV6YyHaSfbeOa+nZ8dNmRaJsKpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGmu5/+foIBGEdsQkQuhdahTYaFuMB8GA1UdIwQY
MBaAFKNqLD7tt5dtnOMEWB8jUy/stG5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi85MTg1ZTItYjkyOS00MjM2LWE5OGIt
ZGRlMTkyM2JhNzI0LzEvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi85MTg1ZTItYjkyOS00MjM2LWE5OGItZGRlMTkyM2JhNzI0
LzEvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhhnJvTGE
nLCEMPPmWCZRfAPnFIGe4fQWddLuNyyZG4a4B2GT3Wc8R1eUDKrEw9xNzkNfHyxY
Hws5jQmYAj81vddOybnvieR5p47i5ZECaO9GKWqp7fI2y1gtW4qrLYUcBttIDW+5
S05QLTJ/Uo7JNv1KaqxTNxd3+8ZTaihTkoOI5EbpJJb/Lv4gLPyHfqtoUv5Vebpk
ZE43T5eaUHWRxkjHrxhtEhKypnZlHRGpaxEzALZkO3yb71YcNVV1B/g3qsJgcXxx
EKIUFzeBHe2R202m5H9juZzI3Uw25aw9R/y2XelxsYrOYKf8dxyQA+3bAZL0eCLd
VS5M54ic0dgBCg==
-----END CERTIFICATE-----