Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
File:                     OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft (raw, json)
Hash identifier:          Asgf7QL3am6kQ2pWkXiStNgXIJskt5k7PAwgy59ylh0=
Subject key identifier:   22:95:12:4C:B1:13:20:2B:2F:1C:F7:CD:6B:B5:30:DB:4E:78:C3:8E
Authority key identifier: 38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5
Certificate issuer:       /CN=389dd4126f8be07af454497ca0f5665295482ad5
Certificate serial:       0199FFC8803E9B6261EA36A89178C1497F4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
Manifest number:          0640
Signing time:             Mon 20 Oct 2025 04:02:33 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:33 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:33 +0000
Files and hashes:         1: OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl (hash: 97h+zrGO1XeTEenp6M4c6EhzqRkelpetSlVqa0d/tQ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:80:3e:9b:62:61:ea:36:a8:91:78:c1:49:7f:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389dd4126f8be07af454497ca0f5665295482ad5
        Validity
            Not Before: Oct 20 04:02:33 2025 GMT
            Not After : Oct 21 04:02:33 2025 GMT
        Subject: CN=2295124cb113202b2f1cf7cd6bb530db4e78c38e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:fb:b7:05:12:7d:4e:7c:21:f1:80:23:db:51:
                    88:ef:fc:17:a1:a0:74:13:8f:69:6f:3b:6e:b7:47:
                    c3:9a:92:13:a9:10:63:b7:7f:ea:96:ba:21:7d:e9:
                    6f:f0:dc:1b:23:66:8d:62:e3:59:83:d5:6a:6b:47:
                    cb:1d:34:9c:78:0b:97:bd:58:f7:f7:18:c8:37:51:
                    60:e9:3b:87:49:ca:3c:a9:0e:f6:b5:8f:5f:68:84:
                    9a:6a:d1:11:33:33:1b:63:e9:99:6b:a4:6b:4f:e8:
                    84:57:9e:72:a2:b5:ed:ad:b3:3d:cb:23:af:5a:95:
                    c2:ee:11:03:4b:5d:6c:bf:4c:89:d8:25:87:a1:67:
                    6c:d7:09:7f:57:e0:28:6c:68:4d:4c:88:ed:22:95:
                    a6:75:c9:d9:9a:de:aa:e5:4a:fc:a0:f0:6e:c0:21:
                    8d:1e:38:86:ce:d9:a2:c3:43:c6:ed:15:06:98:35:
                    2d:07:3f:72:12:57:8f:5a:e2:b8:e2:ac:27:57:de:
                    45:e6:41:10:3c:cf:dc:3c:08:0b:ad:b4:fa:2d:10:
                    f5:35:8a:71:b1:df:60:43:89:a3:92:02:c5:f8:75:
                    4f:b4:1b:fe:8a:fc:56:06:d8:ae:ad:80:e4:89:c7:
                    dc:b6:d9:df:2c:87:f7:54:e2:b7:fc:b5:7f:2a:ac:
                    79:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:95:12:4C:B1:13:20:2B:2F:1C:F7:CD:6B:B5:30:DB:4E:78:C3:8E
            X509v3 Authority Key Identifier:
                keyid:38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:ba:4b:4a:a3:b1:44:af:98:b1:b3:6b:52:fb:30:0f:4d:22:
         4d:d6:65:db:4a:5b:e3:e8:d0:1c:f4:5c:1f:52:69:d1:30:9a:
         b0:bc:5a:6d:75:ab:3d:f3:de:a3:84:3c:74:3c:a5:67:cb:3e:
         97:13:85:4f:cc:e3:c1:ba:a0:c0:7f:36:4e:19:5a:f8:7b:ea:
         c6:b6:31:c3:6e:6d:44:ac:23:34:f3:cc:71:75:86:79:79:62:
         57:7f:d2:2b:22:08:9b:14:3a:ba:ab:9e:fc:5b:98:1d:aa:e1:
         b0:93:c4:84:43:a1:4b:3a:92:d0:b0:73:84:a1:00:62:b3:68:
         02:9d:33:65:26:7f:e1:50:db:f5:2b:ee:b9:5d:d3:f6:68:48:
         1d:81:1d:99:f1:6d:e1:7c:d4:3c:82:dd:8e:27:5b:ad:d8:4b:
         48:5e:38:89:07:37:3f:e8:1c:32:e3:81:64:16:2a:e0:35:d4:
         f4:cb:ec:06:28:54:1c:d3:00:9d:3b:fe:a6:50:e6:b1:38:79:
         9a:80:63:b2:19:d9:24:8c:2e:75:a1:0c:03:67:bb:39:2f:4c:
         c6:00:bd:ff:60:f3:51:05:56:9e:8a:83:eb:5f:29:5a:ce:cd:
         2e:a1:64:7a:2c:89:d8:13:8f:5a:ad:de:23:f1:0e:b6:c1:28:
         92:6b:72:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yIA+m2Jh6jaokXjBSX9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWRkNDEyNmY4YmUwN2FmNDU0NDk3Y2EwZjU2NjUyOTU0
ODJhZDUwHhcNMjUxMDIwMDQwMjMzWhcNMjUxMDIxMDQwMjMzWjAzMTEwLwYDVQQD
EygyMjk1MTI0Y2IxMTMyMDJiMmYxY2Y3Y2Q2YmI1MzBkYjRlNzhjMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvu3BRJ9Tnwh8YAj21GI7/wXoaB0
E49pbztut0fDmpITqRBjt3/qlrohfelv8NwbI2aNYuNZg9Vqa0fLHTSceAuXvVj3
9xjIN1Fg6TuHSco8qQ72tY9faISaatERMzMbY+mZa6RrT+iEV55yorXtrbM9yyOv
WpXC7hEDS11sv0yJ2CWHoWds1wl/V+AobGhNTIjtIpWmdcnZmt6q5Ur8oPBuwCGN
HjiGztmiw0PG7RUGmDUtBz9yElePWuK44qwnV95F5kEQPM/cPAgLrbT6LRD1NYpx
sd9gQ4mjkgLF+HVPtBv+ivxWBtiurYDkicfcttnfLIf3VOK3/LV/Kqx5MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKVEkyxEyArLxz3zWu1MNtOeMOOMB8GA1UdIwQY
MBaAFDid1BJvi+B69FRJfKD1ZlKVSCrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2Mt
NWM1NWVjMjIxZTEyLzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2MtNWM1NWVjMjIxZTEy
LzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW7pLSqOx
RK+YsbNrUvswD00iTdZl20pb4+jQHPRcH1Jp0TCasLxabXWrPfPeo4Q8dDylZ8s+
lxOFT8zjwbqgwH82Thla+HvqxrYxw25tRKwjNPPMcXWGeXliV3/SKyIImxQ6uque
/FuYHarhsJPEhEOhSzqS0LBzhKEAYrNoAp0zZSZ/4VDb9SvuuV3T9mhIHYEdmfFt
4XzUPILdjidbrdhLSF44iQc3P+gcMuOBZBYq4DXU9MvsBihUHNMAnTv+plDmsTh5
moBjshnZJIwudaEMA2e7OS9MxgC9/2DzUQVWnoqD618pWs7NLqFkeiyJ2BOPWq3e
I/EOtsEokmty0Q==
-----END CERTIFICATE-----