Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
File:                     ofM7gYxgo6zGnzmgsuDuqrttk-A.mft (raw, json)
Hash identifier:          nSzWjZYCl48Kq+2eEMuGU/4DovDQuSu+MGuG8m6SXjw=
Subject key identifier:   BA:CB:5B:A3:3E:0E:A1:C5:E9:D5:02:EB:19:03:AD:BA:B9:E8:25:E9
Authority key identifier: A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0
Certificate issuer:       /CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
Certificate serial:       0198D5BBFF276956B4A6B5E83D6D668302C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
Manifest number:          1290
Signing time:             Sat 23 Aug 2025 07:02:04 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:04 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:04 +0000
Files and hashes:         1: ofM7gYxgo6zGnzmgsuDuqrttk-A.crl (hash: khPSeJiiQiCoB5f+y6ssgeQJnoZFB65Px2Pb9Om7xBk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:ff:27:69:56:b4:a6:b5:e8:3d:6d:66:83:02:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
        Validity
            Not Before: Aug 23 07:02:04 2025 GMT
            Not After : Aug 24 07:02:04 2025 GMT
        Subject: CN=bacb5ba33e0ea1c5e9d502eb1903adbab9e825e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ec:00:f6:67:29:34:85:0b:cf:b8:df:f1:37:
                    91:25:af:74:50:f3:75:c0:3d:f8:d2:c0:f7:1a:69:
                    43:e8:cc:52:34:c9:80:df:1a:26:35:cb:7f:33:bc:
                    56:10:78:1a:e2:dc:60:22:8e:3c:67:f9:91:28:0c:
                    98:63:c9:32:fc:5f:95:d9:23:98:2f:fb:8e:77:9f:
                    bf:12:50:aa:ee:49:f4:e6:9f:3c:11:d8:00:90:65:
                    4a:23:4e:6d:46:90:00:55:4b:4d:9c:a1:d6:85:bc:
                    b7:96:15:dc:2e:6a:ee:93:12:04:a8:74:ab:a0:b0:
                    c5:82:1b:ec:8a:e5:94:3d:d1:0a:77:50:0d:cd:fd:
                    32:be:94:59:74:e2:d1:7f:2f:04:50:7a:8d:a8:3b:
                    79:bf:56:52:0d:94:9d:0a:91:52:70:8f:aa:da:08:
                    0f:bd:93:ec:50:7e:cd:1a:cf:ad:da:6f:a3:87:88:
                    f9:34:d9:7f:ac:cd:b1:6f:2e:57:b8:04:b3:14:ef:
                    4f:68:4b:2c:56:6d:19:6d:f0:f3:1c:e5:30:50:53:
                    35:9b:4f:91:1c:fe:75:ee:3a:d8:2e:4a:ba:a2:e1:
                    30:b4:68:83:49:c5:92:a4:3b:ce:67:70:5f:b1:24:
                    88:4e:a4:21:bc:d0:8f:b7:26:6c:a2:41:f4:ee:32:
                    ce:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:CB:5B:A3:3E:0E:A1:C5:E9:D5:02:EB:19:03:AD:BA:B9:E8:25:E9
            X509v3 Authority Key Identifier:
                keyid:A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:4e:cd:b7:3c:53:92:10:fc:ea:39:96:7b:c4:d3:de:79:43:
         cb:7c:3e:78:85:88:50:7c:4c:e8:82:21:7c:b4:3f:62:0c:e4:
         4e:6a:45:1d:48:3f:d3:2a:99:75:5d:7a:5d:5e:34:39:e1:91:
         c1:e9:92:94:3e:c6:7d:8a:bf:86:01:bf:2a:de:23:72:9c:ca:
         b6:be:01:63:d8:53:e6:8b:16:22:c4:d6:7e:26:50:f4:4b:bb:
         86:12:78:09:8e:e1:0e:8e:0c:3d:c6:4f:8b:ba:9d:ff:ce:6a:
         23:88:ac:ec:72:40:cf:bd:be:bc:55:bb:f2:a4:1c:10:64:5d:
         03:90:95:ff:3c:13:45:b5:b7:ab:7f:50:6d:3d:30:1c:b5:97:
         4c:ed:01:a7:d3:80:9d:d0:ea:7b:c2:4d:ca:02:c2:79:de:2e:
         bb:09:d6:33:b1:d1:4a:25:12:81:59:3f:0d:29:10:2f:97:cc:
         da:11:cc:14:44:73:88:44:40:0c:c8:63:14:a5:fb:cd:b1:f7:
         8d:25:3a:27:57:d1:e9:39:a6:6e:0d:38:73:eb:b8:c5:0b:cc:
         0d:39:74:7b:17:14:f8:55:cf:8f:59:3c:15:ec:ea:dc:d7:3f:
         e4:f5:bc:8a:09:58:22:df:a3:f0:18:5f:33:19:6e:32:4f:06:
         5f:53:a1:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu/8naVa0prXoPW1mgwLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZjMzYjgxOGM2MGEzYWNjNjlmMzlhMGIyZTBlZWFhYmI2
ZDkzZTAwHhcNMjUwODIzMDcwMjA0WhcNMjUwODI0MDcwMjA0WjAzMTEwLwYDVQQD
EyhiYWNiNWJhMzNlMGVhMWM1ZTlkNTAyZWIxOTAzYWRiYWI5ZTgyNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOwA9mcpNIULz7jf8TeRJa90UPN1
wD340sD3GmlD6MxSNMmA3xomNct/M7xWEHga4txgIo48Z/mRKAyYY8ky/F+V2SOY
L/uOd5+/ElCq7kn05p88EdgAkGVKI05tRpAAVUtNnKHWhby3lhXcLmrukxIEqHSr
oLDFghvsiuWUPdEKd1ANzf0yvpRZdOLRfy8EUHqNqDt5v1ZSDZSdCpFScI+q2ggP
vZPsUH7NGs+t2m+jh4j5NNl/rM2xby5XuASzFO9PaEssVm0ZbfDzHOUwUFM1m0+R
HP517jrYLkq6ouEwtGiDScWSpDvOZ3BfsSSITqQhvNCPtyZsokH07jLO8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrLW6M+DqHF6dUC6xkDrbq56CXpMB8GA1UdIwQY
MBaAFKHzO4GMYKOsxp85oLLg7qq7bZPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQt
ZTE1MmRkZjVhYjA2LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQtZTE1MmRkZjVhYjA2
LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnk7NtzxT
khD86jmWe8TT3nlDy3w+eIWIUHxM6IIhfLQ/YgzkTmpFHUg/0yqZdV16XV40OeGR
wemSlD7GfYq/hgG/Kt4jcpzKtr4BY9hT5osWIsTWfiZQ9Eu7hhJ4CY7hDo4MPcZP
i7qd/85qI4is7HJAz72+vFW78qQcEGRdA5CV/zwTRbW3q39QbT0wHLWXTO0Bp9OA
ndDqe8JNygLCed4uuwnWM7HRSiUSgVk/DSkQL5fM2hHMFERziERADMhjFKX7zbH3
jSU6J1fR6Tmmbg04c+u4xQvMDTl0excU+FXPj1k8Fezq3Nc/5PW8iglYIt+j8Bhf
MxluMk8GX1OhHA==
-----END CERTIFICATE-----