Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          lr4WVvZRXrUT9whvlKfP75peV6ekRsLgRishwA7J8Vk=
Subject key identifier:   6A:D5:DF:B5:83:9D:10:DA:3A:98:30:FD:F8:99:9D:C7:58:19:60:3D
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       0199FD345B57098465A54A20AE313C776C5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          0B34
Signing time:             Sun 19 Oct 2025 16:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:30 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: 7WHnaWe1UaXcUmFSIH2w5CQwIMzYMQCJbEx9qmCuTOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:5b:57:09:84:65:a5:4a:20:ae:31:3c:77:6c:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: Oct 19 16:01:30 2025 GMT
            Not After : Oct 20 16:01:30 2025 GMT
        Subject: CN=6ad5dfb5839d10da3a9830fdf8999dc75819603d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:b7:51:a6:36:48:7d:d2:8c:67:26:48:b1:a1:
                    f3:e4:7b:82:17:20:ee:ce:88:29:be:4d:28:dc:53:
                    a6:bb:8b:21:f0:6a:63:09:29:fd:78:01:2e:48:f4:
                    9d:23:a0:35:b8:56:2d:9e:33:a0:aa:e7:01:32:3b:
                    50:37:bb:83:fa:24:5e:a7:ec:d1:16:a3:a4:7b:e9:
                    b4:d3:ba:c3:65:9d:ab:c9:97:12:c0:66:a2:a1:17:
                    34:5c:ff:ab:23:ef:8f:de:3c:4d:08:bb:c7:54:12:
                    7f:25:1f:7c:d2:cd:79:06:e1:b4:59:b5:4f:d7:98:
                    aa:02:34:36:f2:04:0e:bb:69:ce:42:3e:35:89:11:
                    bc:fe:dc:03:52:a1:0f:bb:d3:23:9c:f5:68:bf:cd:
                    b9:c6:10:79:2f:b0:ce:9c:ca:c7:15:df:3a:da:60:
                    44:d9:2b:cd:91:44:66:50:7a:e1:9a:6c:e5:b1:39:
                    87:ee:79:3b:61:c7:d7:e7:7b:ac:ee:d0:bb:a7:df:
                    3e:8a:92:61:52:9c:3e:5e:7a:12:ee:c6:13:df:03:
                    e0:4a:d0:3c:75:41:2b:7b:37:97:f6:c3:83:53:1d:
                    56:f0:ab:d3:d1:03:54:56:4f:23:4d:03:69:eb:c1:
                    d3:4e:e2:dd:41:e4:c7:9c:57:32:3d:05:58:b4:9f:
                    e6:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:D5:DF:B5:83:9D:10:DA:3A:98:30:FD:F8:99:9D:C7:58:19:60:3D
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:11:bb:13:98:10:01:bf:c7:26:74:a3:bd:67:23:0b:7c:ea:
         91:3b:9a:db:67:1f:65:99:26:56:42:54:85:74:87:2e:e1:e1:
         a9:fc:68:79:fd:e4:23:cd:85:fe:83:e8:a1:cc:db:29:47:a1:
         1e:bd:1e:9e:d8:ee:7c:d4:6a:8a:64:00:0e:e2:da:51:3c:d5:
         1d:0e:23:74:18:57:0e:03:ec:4b:13:b1:28:a1:ee:21:b3:82:
         b9:8b:c3:54:eb:94:ab:29:1d:4b:70:da:43:c2:0a:52:b7:c4:
         de:8c:2d:37:7b:a6:d9:1d:da:2a:60:54:d6:03:3d:76:ba:65:
         5a:8a:28:2d:a9:cc:1c:01:67:dd:20:a4:b1:33:c4:0f:fd:8a:
         0b:cf:c0:eb:0e:27:d9:17:2e:2c:96:63:8f:89:5b:19:3c:22:
         0b:e2:c7:f6:b9:c5:54:aa:d9:fc:2d:ab:38:29:27:66:8d:cc:
         66:09:58:5e:a1:c2:28:bf:f9:b1:07:7f:b2:d2:1a:80:2f:6c:
         49:98:0d:ce:9c:80:66:76:6e:4b:3c:66:a7:51:39:90:95:2c:
         a4:c4:56:52:c3:22:d1:93:53:22:ee:f4:b1:1a:54:2c:fe:79:
         0b:3c:43:35:ff:36:1e:55:9e:27:4b:fd:ec:7d:37:ba:c2:b0:
         1d:ef:36:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NFtXCYRlpUogrjE8d2xfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjUxMDE5MTYwMTMwWhcNMjUxMDIwMTYwMTMwWjAzMTEwLwYDVQQD
Eyg2YWQ1ZGZiNTgzOWQxMGRhM2E5ODMwZmRmODk5OWRjNzU4MTk2MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7dRpjZIfdKMZyZIsaHz5HuCFyDu
zogpvk0o3FOmu4sh8GpjCSn9eAEuSPSdI6A1uFYtnjOgqucBMjtQN7uD+iRep+zR
FqOke+m007rDZZ2ryZcSwGaioRc0XP+rI++P3jxNCLvHVBJ/JR980s15BuG0WbVP
15iqAjQ28gQOu2nOQj41iRG8/twDUqEPu9MjnPVov825xhB5L7DOnMrHFd862mBE
2SvNkURmUHrhmmzlsTmH7nk7YcfX53us7tC7p98+ipJhUpw+XnoS7sYT3wPgStA8
dUErezeX9sODUx1W8KvT0QNUVk8jTQNp68HTTuLdQeTHnFcyPQVYtJ/m1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrV37WDnRDaOpgw/fiZncdYGWA9MB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmRG7E5gQ
Ab/HJnSjvWcjC3zqkTua22cfZZkmVkJUhXSHLuHhqfxoef3kI82F/oPooczbKUeh
Hr0entjufNRqimQADuLaUTzVHQ4jdBhXDgPsSxOxKKHuIbOCuYvDVOuUqykdS3Da
Q8IKUrfE3owtN3um2R3aKmBU1gM9drplWoooLanMHAFn3SCksTPED/2KC8/A6w4n
2RcuLJZjj4lbGTwiC+LH9rnFVKrZ/C2rOCknZo3MZglYXqHCKL/5sQd/stIagC9s
SZgNzpyAZnZuSzxmp1E5kJUspMRWUsMi0ZNTIu70sRpULP55CzxDNf82HlWeJ0v9
7H03usKwHe82wQ==
-----END CERTIFICATE-----