Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
File:                     Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft (raw, json)
Hash identifier:          2rF3OazbmSZpAadqPTqNCPOSv7otXHMwZ/vdeGhAc8I=
Subject key identifier:   41:8D:71:75:D3:0E:5F:49:DA:EE:EB:4C:F2:CB:82:29:45:12:12:1F
Authority key identifier: 3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33
Certificate issuer:       /CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
Certificate serial:       0198D8505F17665A017A6B01C3C27D04AF20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
Manifest number:          0A57
Signing time:             Sat 23 Aug 2025 19:03:22 +0000
Manifest this update:     Sat 23 Aug 2025 19:03:22 +0000
Manifest next update:     Sun 24 Aug 2025 19:03:22 +0000
Files and hashes:         1: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl (hash: yPe4VFWWc17knNuqsrgJ2tfsQQe3JogWXeWkgyKdYlU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 19:03:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:50:5f:17:66:5a:01:7a:6b:01:c3:c2:7d:04:af:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
        Validity
            Not Before: Aug 23 19:03:22 2025 GMT
            Not After : Aug 24 19:03:22 2025 GMT
        Subject: CN=418d7175d30e5f49daeeeb4cf2cb82294512121f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7e:1b:c6:19:41:4d:7a:75:c9:29:3d:19:dd:
                    ca:f0:0c:3b:24:ac:12:88:a2:c4:6c:f6:f9:b4:14:
                    b5:8d:c9:b4:1a:92:8a:e8:51:a2:c1:e0:fb:21:80:
                    10:12:36:51:6c:04:c8:54:21:a6:81:53:2f:18:b4:
                    de:89:54:cd:d4:4a:23:da:84:78:af:9f:0e:df:e2:
                    54:4d:ad:42:02:dc:89:a9:7b:c9:65:2a:43:7d:8e:
                    e6:2f:3f:e4:b4:02:ef:74:34:b3:d2:c6:57:79:0e:
                    a4:5b:78:79:9b:94:f6:ce:d9:b0:90:68:f9:96:f9:
                    9e:ed:26:c2:86:22:24:89:b2:f5:c3:74:a5:f8:e2:
                    e1:88:77:18:38:03:b9:37:6d:8e:04:ec:ba:32:b8:
                    77:89:d9:32:29:a5:68:02:36:e9:40:2e:a7:cf:2a:
                    dc:5e:fe:da:81:a4:34:cf:c8:27:b0:53:04:68:48:
                    68:a2:fa:f6:b2:2d:9c:68:c1:5d:d6:23:1d:27:dc:
                    63:95:2b:5a:25:78:4b:6e:24:3c:d5:94:e7:c0:8e:
                    6b:dc:5f:60:4b:15:f4:62:b8:9e:a5:91:26:97:f1:
                    eb:d1:9d:b1:67:04:5b:2d:2a:22:1a:4f:5f:57:12:
                    f9:b0:d6:a8:e2:62:65:3e:00:2b:72:78:52:7e:33:
                    e2:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:8D:71:75:D3:0E:5F:49:DA:EE:EB:4C:F2:CB:82:29:45:12:12:1F
            X509v3 Authority Key Identifier:
                keyid:3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:33:ab:fb:74:85:86:2f:4b:bd:29:2e:72:bc:36:59:82:3b:
         5b:da:9c:95:40:bb:aa:8d:6d:b6:13:01:87:38:33:03:fe:e5:
         ad:5d:c3:a3:e3:42:81:bd:2f:5f:a8:2a:c2:b9:1c:ee:b4:83:
         4e:78:34:e4:5b:4a:26:58:6a:75:cb:88:74:b8:de:cd:b0:ff:
         57:24:62:b2:4c:cb:0e:56:2a:f7:71:62:5d:ee:dd:04:f2:63:
         a8:9e:ee:c2:7e:5a:c9:9d:76:7e:cc:b0:2b:cd:75:19:8b:c1:
         86:fb:9d:cb:53:43:85:c6:93:11:88:0f:76:76:fd:21:70:7f:
         b7:68:9f:f8:66:95:0f:50:f7:89:98:3d:bb:24:c0:a3:54:03:
         c6:02:f3:13:69:e2:c8:2e:e9:62:f7:a6:82:46:17:22:32:64:
         62:6e:2e:12:cd:96:33:ea:b1:9f:fb:47:7b:76:a3:99:0b:e3:
         30:a9:1f:16:6a:9c:e1:1d:2c:f0:b3:51:df:77:f3:3e:ec:d4:
         91:cd:96:26:55:ef:4d:fe:f1:81:46:33:c7:c7:88:c5:0f:8e:
         10:25:d4:16:62:7f:72:3b:5c:65:a0:24:37:77:ed:90:0e:9c:
         a3:e2:1e:3c:2e:6e:3c:ee:6a:a0:31:26:c8:78:ce:28:d0:2e:
         c2:cc:68:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYUF8XZloBemsBw8J9BK8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWYzMWIzNjgyNjg3OWM3ZWJjMTEyYzYyOTQxYTFjZDNh
MmJiMzMwHhcNMjUwODIzMTkwMzIyWhcNMjUwODI0MTkwMzIyWjAzMTEwLwYDVQQD
Eyg0MThkNzE3NWQzMGU1ZjQ5ZGFlZWViNGNmMmNiODIyOTQ1MTIxMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn4bxhlBTXp1ySk9Gd3K8Aw7JKwS
iKLEbPb5tBS1jcm0GpKK6FGiweD7IYAQEjZRbATIVCGmgVMvGLTeiVTN1Eoj2oR4
r58O3+JUTa1CAtyJqXvJZSpDfY7mLz/ktALvdDSz0sZXeQ6kW3h5m5T2ztmwkGj5
lvme7SbChiIkibL1w3Sl+OLhiHcYOAO5N22OBOy6Mrh3idkyKaVoAjbpQC6nzyrc
Xv7agaQ0z8gnsFMEaEhoovr2si2caMFd1iMdJ9xjlStaJXhLbiQ81ZTnwI5r3F9g
SxX0YriepZEml/Hr0Z2xZwRbLSoiGk9fVxL5sNao4mJlPgArcnhSfjPiXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGNcXXTDl9J2u7rTPLLgilFEhIfMB8GA1UdIwQY
MBaAFDrvMbNoJoecfrwRLGKUGhzTorszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMt
ZDlhZjcxMGJhMWRlLzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMtZDlhZjcxMGJhMWRl
LzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADjOr+3SF
hi9LvSkucrw2WYI7W9qclUC7qo1tthMBhzgzA/7lrV3Do+NCgb0vX6gqwrkc7rSD
Tng05FtKJlhqdcuIdLjezbD/VyRiskzLDlYq93FiXe7dBPJjqJ7uwn5ayZ12fsyw
K811GYvBhvudy1NDhcaTEYgPdnb9IXB/t2if+GaVD1D3iZg9uyTAo1QDxgLzE2ni
yC7pYvemgkYXIjJkYm4uEs2WM+qxn/tHe3ajmQvjMKkfFmqc4R0s8LNR33fzPuzU
kc2WJlXvTf7xgUYzx8eIxQ+OECXUFmJ/cjtcZaAkN3ftkA6co+IePC5uPO5qoDEm
yHjOKNAuwsxoBw==
-----END CERTIFICATE-----