Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
File:                     Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft (raw, json)
Hash identifier:          m5Nmev6C6A5al00AyLq41glaUjax4uXf+FGUeYxHkls=
Subject key identifier:   13:1C:4A:C7:21:68:05:0A:98:5A:44:8D:E1:9C:5B:F5:8E:23:75:CF
Authority key identifier: 3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33
Certificate issuer:       /CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
Certificate serial:       0199FBEB4EC5A08B49CD1CD2BA69D801540F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
Manifest number:          0AEE
Signing time:             Sun 19 Oct 2025 10:02:06 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:06 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:06 +0000
Files and hashes:         1: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl (hash: EDfX+j9yyU/iaId8uNS9reqG9ztY3LOD/Uas3VGVKWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:4e:c5:a0:8b:49:cd:1c:d2:ba:69:d8:01:54:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
        Validity
            Not Before: Oct 19 10:02:06 2025 GMT
            Not After : Oct 20 10:02:06 2025 GMT
        Subject: CN=131c4ac72168050a985a448de19c5bf58e2375cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:16:5a:1d:2a:d6:9a:40:a6:d3:6d:c0:87:19:
                    52:94:d6:95:43:9a:27:62:ab:65:f2:6e:70:65:f1:
                    6f:f8:9e:0f:77:4d:a7:6e:fc:94:83:a2:c4:9f:2e:
                    8a:3a:86:6a:bc:65:ca:c0:2b:b7:42:59:dd:d6:06:
                    d4:47:e8:f6:d6:90:ac:13:42:d4:ec:72:38:56:ff:
                    3c:10:a6:d7:2a:2f:86:36:77:c9:6e:13:a7:7b:58:
                    a0:e6:e6:62:b1:a9:3e:32:b0:ce:b2:d0:dd:e7:4a:
                    37:58:48:81:b8:57:00:83:85:ab:de:f1:ef:a4:b6:
                    7d:03:54:8f:1c:f1:c1:f2:8a:f9:a2:6f:60:a1:5b:
                    e2:0a:23:5b:cd:fd:fb:2e:db:e1:2e:d9:00:b2:75:
                    25:af:b2:60:35:5e:d6:c6:15:bc:5e:80:c6:40:61:
                    ca:e3:87:07:c3:16:73:7b:2e:23:0c:37:b7:71:34:
                    aa:42:78:29:9c:0f:11:17:06:42:5f:66:55:bc:64:
                    78:8b:05:bb:ca:71:6f:28:a5:bf:b4:1b:11:3d:27:
                    c6:43:cb:b6:59:b6:e9:b1:48:66:a4:45:8b:de:d4:
                    7f:c3:99:ec:2e:fa:a4:b2:f4:40:b2:59:9e:1c:c6:
                    b3:70:8e:b8:be:bd:a6:1f:e1:0a:7c:b7:79:61:90:
                    8d:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:1C:4A:C7:21:68:05:0A:98:5A:44:8D:E1:9C:5B:F5:8E:23:75:CF
            X509v3 Authority Key Identifier:
                keyid:3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:26:2e:7b:a8:68:58:f9:64:da:c4:7e:eb:da:3e:5a:7f:0e:
         7d:dc:47:28:b8:c2:a5:57:81:8e:f6:a1:8e:f2:0a:5b:57:b8:
         ab:13:60:68:8a:6b:96:45:3f:8d:4d:6a:b2:48:7c:f7:5e:11:
         03:fd:bd:e2:44:95:14:a7:3b:4b:3b:93:f3:76:dd:e5:01:f3:
         ab:af:fd:8c:8b:3d:1f:f1:da:ba:cd:73:27:c0:34:3a:16:56:
         43:f5:a8:97:63:18:1c:8e:4c:1d:94:00:ca:63:0f:cf:e5:82:
         c0:16:ab:bc:ba:a1:5f:1d:4b:e0:8f:e4:52:a0:86:4f:d3:eb:
         28:6a:c8:31:4f:ee:84:54:49:f4:4f:cf:50:9b:9f:fc:81:be:
         b3:58:42:b0:ed:58:44:de:10:ff:7e:96:65:d4:e0:f6:b0:a9:
         46:ae:4f:27:8b:7d:65:49:d8:32:25:05:21:d7:9d:2b:81:c8:
         5e:30:24:e1:36:47:d8:e5:df:10:28:d0:71:17:2a:d0:fd:43:
         61:fe:4f:08:17:ca:08:d5:e9:70:3b:e2:a0:6c:aa:b2:98:bf:
         6b:1c:4e:e2:61:8c:a5:7a:4f:a8:31:a5:a1:c0:d8:d2:d0:2c:
         be:1b:f8:05:1e:78:6d:8d:28:42:a7:8d:d5:bc:ba:b1:27:0f:
         48:6a:8c:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7607FoItJzRzSumnYAVQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWYzMWIzNjgyNjg3OWM3ZWJjMTEyYzYyOTQxYTFjZDNh
MmJiMzMwHhcNMjUxMDE5MTAwMjA2WhcNMjUxMDIwMTAwMjA2WjAzMTEwLwYDVQQD
EygxMzFjNGFjNzIxNjgwNTBhOTg1YTQ0OGRlMTljNWJmNThlMjM3NWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhZaHSrWmkCm023AhxlSlNaVQ5on
Yqtl8m5wZfFv+J4Pd02nbvyUg6LEny6KOoZqvGXKwCu3Qlnd1gbUR+j21pCsE0LU
7HI4Vv88EKbXKi+GNnfJbhOne1ig5uZisak+MrDOstDd50o3WEiBuFcAg4Wr3vHv
pLZ9A1SPHPHB8or5om9goVviCiNbzf37LtvhLtkAsnUlr7JgNV7WxhW8XoDGQGHK
44cHwxZzey4jDDe3cTSqQngpnA8RFwZCX2ZVvGR4iwW7ynFvKKW/tBsRPSfGQ8u2
WbbpsUhmpEWL3tR/w5nsLvqksvRAslmeHMazcI64vr2mH+EKfLd5YZCN+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMcSschaAUKmFpEjeGcW/WOI3XPMB8GA1UdIwQY
MBaAFDrvMbNoJoecfrwRLGKUGhzTorszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMt
ZDlhZjcxMGJhMWRlLzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMtZDlhZjcxMGJhMWRl
LzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADyYue6ho
WPlk2sR+69o+Wn8OfdxHKLjCpVeBjvahjvIKW1e4qxNgaIprlkU/jU1qskh8914R
A/294kSVFKc7SzuT83bd5QHzq6/9jIs9H/Haus1zJ8A0OhZWQ/Wol2MYHI5MHZQA
ymMPz+WCwBarvLqhXx1L4I/kUqCGT9PrKGrIMU/uhFRJ9E/PUJuf/IG+s1hCsO1Y
RN4Q/36WZdTg9rCpRq5PJ4t9ZUnYMiUFIdedK4HIXjAk4TZH2OXfECjQcRcq0P1D
Yf5PCBfKCNXpcDvioGyqspi/axxO4mGMpXpPqDGlocDY0tAsvhv4BR54bY0oQqeN
1by6sScPSGqMKw==
-----END CERTIFICATE-----