Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
File:                     oMWM0HH3gLesNAwBROsE-1DMu_E.mft (raw, json)
Hash identifier:          kb3W1u5Fx760K1WKdTDF8SvHAWekunD1/3VCoVa6uPY=
Subject key identifier:   39:54:19:14:8B:08:0B:F6:51:97:68:89:E9:5E:D2:A5:3C:40:A5:4E
Authority key identifier: A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1
Certificate issuer:       /CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
Certificate serial:       0199FAD7B36EB96C7479F1A24D27449F5A4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
Manifest number:          16D2
Signing time:             Sun 19 Oct 2025 05:01:04 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:04 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:04 +0000
Files and hashes:         1: oMWM0HH3gLesNAwBROsE-1DMu_E.crl (hash: xCtKkULvMFYh9RrPrFpflPY7iLifHFlH1ZglzBpQWv8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:b3:6e:b9:6c:74:79:f1:a2:4d:27:44:9f:5a:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0c58cd071f780b7ac340c0144eb04fb50ccbbf1
        Validity
            Not Before: Oct 19 05:01:04 2025 GMT
            Not After : Oct 20 05:01:04 2025 GMT
        Subject: CN=395419148b080bf651976889e95ed2a53c40a54e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:0c:b7:a1:88:71:e0:29:74:26:3d:17:f8:7b:
                    f4:4a:fd:24:85:c9:dd:58:4f:18:f3:7b:de:94:3e:
                    d4:ce:24:6f:c7:c0:bd:61:e8:01:67:e7:2f:bf:e6:
                    60:e9:bd:bd:f1:a4:cd:72:1a:90:d0:02:b2:4b:72:
                    e3:f4:5e:66:9a:40:53:45:2d:de:65:36:4c:d5:ac:
                    09:e2:52:31:64:70:5e:7c:b7:c3:24:a1:a4:84:6c:
                    b0:8c:37:b6:c8:21:e7:57:2c:7b:86:64:f8:8c:85:
                    16:56:da:5b:cb:b4:c0:6f:27:ee:63:f9:74:8c:aa:
                    1d:4d:b6:3a:c1:08:b1:ab:51:6c:31:22:b6:00:b1:
                    14:e6:28:98:a0:ca:bd:46:e0:01:68:e6:e9:f6:f4:
                    88:e6:d7:bd:99:3d:3b:6d:80:4d:e2:1e:8a:f3:7c:
                    ff:b7:a0:6b:b3:7a:36:39:a7:1b:9b:e1:7e:9b:1d:
                    f4:86:e2:97:64:b1:3e:df:1c:af:3a:df:ba:6d:b0:
                    ca:d3:af:f5:a7:90:c8:05:1f:19:a1:26:ee:6c:47:
                    c0:d8:2a:59:f2:b6:28:70:2c:92:24:98:f5:6c:7a:
                    e7:25:4f:1b:f9:2e:51:6e:5b:b2:6b:67:38:0c:db:
                    26:8b:1e:25:25:57:9c:dd:9f:14:97:e4:9f:a7:43:
                    ed:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:54:19:14:8B:08:0B:F6:51:97:68:89:E9:5E:D2:A5:3C:40:A5:4E
            X509v3 Authority Key Identifier:
                keyid:A0:C5:8C:D0:71:F7:80:B7:AC:34:0C:01:44:EB:04:FB:50:CC:BB:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oMWM0HH3gLesNAwBROsE-1DMu_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6c9722-2608-44af-8c79-66b2f99c0b45/1/oMWM0HH3gLesNAwBROsE-1DMu_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:0e:fd:2e:49:32:53:e8:b8:7f:59:ab:93:61:48:3a:85:1b:
         08:dc:63:95:be:c5:df:38:31:06:69:d0:1b:7a:87:80:3f:9e:
         15:d9:f9:25:0c:c2:e8:5b:f2:60:c4:85:65:77:8c:0b:6c:7d:
         14:2d:f9:51:27:a4:e0:bc:d3:b8:44:7f:d7:6f:52:6c:37:c4:
         7a:99:45:26:dd:32:d1:42:0e:75:12:b4:a7:85:fc:3a:2a:af:
         2f:27:3b:8e:6a:3f:6f:bf:51:8c:9b:aa:77:fc:44:cc:90:6f:
         28:6a:4f:e1:52:7b:a5:e3:1a:d5:d1:07:fb:66:5b:3a:9b:9b:
         47:e1:78:48:94:90:71:29:88:3a:24:7e:5a:20:17:3d:28:05:
         f0:24:60:00:95:29:4e:57:35:3f:51:47:3e:f7:ae:c1:4b:e7:
         5a:f2:32:13:b2:f3:1a:e3:46:20:40:af:34:c6:a0:14:e7:9d:
         0a:33:35:0b:bd:9f:06:8d:58:b2:61:02:dd:88:d2:bc:e6:6f:
         8b:85:a2:dd:21:0f:ac:16:79:fe:35:9a:fe:9a:9d:ea:22:58:
         13:08:66:15:ac:b6:d8:7c:76:34:43:f6:ca:ae:74:13:34:bf:
         a5:95:fb:74:05:b5:df:50:4d:ab:0a:09:25:fe:fe:0d:2e:87:
         21:28:39:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn617NuuWx0efGiTSdEn1pNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYzU4Y2QwNzFmNzgwYjdhYzM0MGMwMTQ0ZWIwNGZiNTBj
Y2JiZjEwHhcNMjUxMDE5MDUwMTA0WhcNMjUxMDIwMDUwMTA0WjAzMTEwLwYDVQQD
EygzOTU0MTkxNDhiMDgwYmY2NTE5NzY4ODllOTVlZDJhNTNjNDBhNTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAy3oYhx4Cl0Jj0X+Hv0Sv0khcnd
WE8Y83velD7UziRvx8C9YegBZ+cvv+Zg6b298aTNchqQ0AKyS3Lj9F5mmkBTRS3e
ZTZM1awJ4lIxZHBefLfDJKGkhGywjDe2yCHnVyx7hmT4jIUWVtpby7TAbyfuY/l0
jKodTbY6wQixq1FsMSK2ALEU5iiYoMq9RuABaObp9vSI5te9mT07bYBN4h6K83z/
t6Brs3o2Oacbm+F+mx30huKXZLE+3xyvOt+6bbDK06/1p5DIBR8ZoSbubEfA2CpZ
8rYocCySJJj1bHrnJU8b+S5Rbluya2c4DNsmix4lJVec3Z8Ul+Sfp0PtswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDlUGRSLCAv2UZdoiele0qU8QKVOMB8GA1UdIwQY
MBaAFKDFjNBx94C3rDQMAUTrBPtQzLvxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzkt
NjZiMmY5OWMwYjQ1LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82Yzk3MjItMjYwOC00NGFmLThjNzktNjZiMmY5OWMwYjQ1
LzEvb01XTTBISDNnTGVzTkF3QlJPc0UtMURNdV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdA79Lkky
U+i4f1mrk2FIOoUbCNxjlb7F3zgxBmnQG3qHgD+eFdn5JQzC6FvyYMSFZXeMC2x9
FC35USek4LzTuER/129SbDfEeplFJt0y0UIOdRK0p4X8OiqvLyc7jmo/b79RjJuq
d/xEzJBvKGpP4VJ7peMa1dEH+2ZbOpubR+F4SJSQcSmIOiR+WiAXPSgF8CRgAJUp
Tlc1P1FHPveuwUvnWvIyE7LzGuNGIECvNMagFOedCjM1C72fBo1YsmEC3YjSvOZv
i4Wi3SEPrBZ5/jWa/pqd6iJYEwhmFay22Hx2NEP2yq50EzS/pZX7dAW131BNqwoJ
Jf7+DS6HISg5jg==
-----END CERTIFICATE-----