Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File:                     Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier:          1pO1q3Rzj+leuWkMR3Cbts2YMcoPcOAkcOiT9/Vy1LI=
Subject key identifier:   5A:BA:55:68:56:01:F3:27:B1:50:52:3F:A9:6D:A1:09:64:0C:3C:EB
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer:       /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial:       0199FC58A2AEF283953831A17F12CE0E2608
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 12:01:31 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:31 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:31 +0000
Files and hashes:         1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: RzMAYxeiLuDqEAI6VkjOmaqzQoY0YvX+X32AorpUdWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:a2:ae:f2:83:95:38:31:a1:7f:12:ce:0e:26:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
        Validity
            Not Before: Oct 19 12:01:31 2025 GMT
            Not After : Oct 20 12:01:31 2025 GMT
        Subject: CN=5aba55685601f327b150523fa96da109640c3ceb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:5e:c1:9d:ae:d2:6c:64:02:d0:6e:99:4d:58:
                    22:b8:f2:7d:2f:2b:aa:00:6f:6b:2e:5a:6d:f8:6d:
                    2d:62:a3:65:e5:be:bd:9f:7b:42:36:6d:5e:ff:76:
                    20:a0:ef:9d:49:ce:85:19:a3:95:50:14:41:82:25:
                    e3:24:d8:25:80:a8:3a:31:26:49:da:a9:c5:13:20:
                    5a:51:ad:22:ab:60:18:ab:3f:ca:53:ab:41:eb:d8:
                    55:d5:b6:ce:c2:89:b9:53:34:71:b3:a5:b6:23:4b:
                    73:30:dc:f9:bd:a6:ce:d0:d8:02:f2:d0:c2:29:c3:
                    df:af:45:b6:45:28:f7:4c:1f:40:b6:a8:2b:8d:29:
                    78:ed:da:db:b5:7a:2c:c6:a5:a8:00:72:8c:4b:9a:
                    db:c5:e7:ea:44:3e:5b:27:f3:6a:d0:7b:93:ce:19:
                    63:b3:bc:0f:bb:92:db:df:33:f5:9e:bc:2f:3b:0d:
                    86:24:77:58:3e:1a:0a:36:07:92:59:c5:54:57:9f:
                    3a:e6:43:58:95:28:f0:2c:24:e7:22:e4:04:46:05:
                    5d:2c:ad:cd:17:2a:97:94:2d:5d:9d:db:d2:f2:f8:
                    72:82:08:69:d2:a7:8f:4d:4e:88:79:dc:9a:71:6b:
                    6d:e3:b3:66:a8:b3:fc:7a:30:22:47:82:9e:08:b6:
                    2c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:BA:55:68:56:01:F3:27:B1:50:52:3F:A9:6D:A1:09:64:0C:3C:EB
            X509v3 Authority Key Identifier:
                keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:25:3c:07:e5:1b:1a:3e:d6:71:77:68:19:d4:c0:42:c0:a2:
         7b:4b:08:f2:7f:8b:88:65:eb:ad:cd:36:67:61:c0:db:17:d7:
         8c:45:7f:44:09:52:b0:e2:97:ab:da:87:f0:36:3a:25:c8:5c:
         b6:2c:b8:81:b3:90:1f:e3:67:77:0a:2f:0f:45:e0:ef:29:23:
         c0:54:45:b9:f4:06:bd:48:cc:bc:9c:7e:77:41:66:95:2f:4c:
         a6:38:f0:38:a5:2c:2a:61:65:3b:3e:e6:c5:5a:98:3f:e4:5b:
         92:22:fe:07:72:fd:0c:6e:d8:25:e9:79:d3:2a:7c:ba:23:80:
         f8:46:bc:81:34:79:8e:66:6d:f0:65:4d:3b:32:16:53:5a:e6:
         39:39:2c:20:dc:e3:45:28:24:b7:b4:c8:67:09:3d:60:dd:cf:
         ae:8e:5b:be:9a:48:3b:63:63:f1:be:48:6c:3a:72:ca:a3:f9:
         2f:29:1d:a3:f5:2b:23:4e:a8:c8:6b:40:bd:a4:05:e8:18:c6:
         eb:e0:b4:f3:b9:1c:b6:6d:49:09:7b:6b:0a:b9:d4:3c:19:29:
         94:54:7a:bb:08:38:45:c7:11:e9:05:20:2e:72:10:cb:d3:f7:
         f8:a5:a1:64:e2:0e:7c:72:d1:30:93:cf:4c:f3:19:6f:77:bc:
         0f:b7:73:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WKKu8oOVODGhfxLODiYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjUxMDE5MTIwMTMxWhcNMjUxMDIwMTIwMTMxWjAzMTEwLwYDVQQD
Eyg1YWJhNTU2ODU2MDFmMzI3YjE1MDUyM2ZhOTZkYTEwOTY0MGMzY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV7Bna7SbGQC0G6ZTVgiuPJ9Lyuq
AG9rLlpt+G0tYqNl5b69n3tCNm1e/3YgoO+dSc6FGaOVUBRBgiXjJNglgKg6MSZJ
2qnFEyBaUa0iq2AYqz/KU6tB69hV1bbOwom5UzRxs6W2I0tzMNz5vabO0NgC8tDC
KcPfr0W2RSj3TB9AtqgrjSl47drbtXosxqWoAHKMS5rbxefqRD5bJ/Nq0HuTzhlj
s7wPu5Lb3zP1nrwvOw2GJHdYPhoKNgeSWcVUV5865kNYlSjwLCTnIuQERgVdLK3N
FyqXlC1dndvS8vhygghp0qePTU6IedyacWtt47NmqLP8ejAiR4KeCLYsYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFq6VWhWAfMnsVBSP6ltoQlkDDzrMB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXSU8B+Ub
Gj7WcXdoGdTAQsCie0sI8n+LiGXrrc02Z2HA2xfXjEV/RAlSsOKXq9qH8DY6Jchc
tiy4gbOQH+NndwovD0Xg7ykjwFRFufQGvUjMvJx+d0FmlS9MpjjwOKUsKmFlOz7m
xVqYP+RbkiL+B3L9DG7YJel50yp8uiOA+Ea8gTR5jmZt8GVNOzIWU1rmOTksINzj
RSgkt7TIZwk9YN3Pro5bvppIO2Nj8b5IbDpyyqP5Lykdo/UrI06oyGtAvaQF6BjG
6+C087kctm1JCXtrCrnUPBkplFR6uwg4RccR6QUgLnIQy9P3+KWhZOIOfHLRMJPP
TPMZb3e8D7dz5g==
-----END CERTIFICATE-----