Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          s7jNRZ4RjYF2PPG3fy5G+C5TDIFDTViJj8un2tRc3q0=
Subject key identifier:   97:AC:3C:F7:68:77:9E:53:CF:C9:21:64:23:5E:5E:C5:E3:DD:B1:FC
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       0198D472EDE4F9EB2988EAA9854D430C46A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          1342
Signing time:             Sat 23 Aug 2025 01:02:38 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:38 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:38 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: VylLBq6KGQ49a2OZ0d4mlnG71AkueQMGPkZ8ELJyjOY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:ed:e4:f9:eb:29:88:ea:a9:85:4d:43:0c:46:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Aug 23 01:02:38 2025 GMT
            Not After : Aug 24 01:02:38 2025 GMT
        Subject: CN=97ac3cf768779e53cfc92164235e5ec5e3ddb1fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:57:ac:d5:96:d3:bb:d6:52:94:d7:4e:17:8e:
                    27:b8:e2:a3:de:de:c6:3e:7d:ae:88:92:80:1e:10:
                    ef:22:04:44:c2:20:41:7e:6f:b7:5d:da:65:e8:01:
                    83:d7:be:ad:3b:5f:da:09:0e:7c:c1:fe:67:b7:74:
                    4e:9e:ab:24:72:41:db:0f:d3:d7:76:c0:f9:37:30:
                    5c:25:11:ee:55:11:6e:ea:b8:c5:1d:a7:0b:ff:fd:
                    7c:9f:ff:73:d8:ec:a0:f9:e7:53:43:a9:e7:0a:14:
                    bb:3d:50:86:a3:7e:af:a9:20:21:f8:44:06:ae:9f:
                    e1:f6:d8:f5:64:69:99:b4:1e:c2:57:9a:4b:b9:fd:
                    f4:79:ae:8a:1e:58:e8:38:b4:6c:42:ea:64:ca:e9:
                    73:27:d3:df:33:82:40:a9:48:81:74:ad:72:01:cb:
                    66:08:45:d1:83:12:7c:bf:e2:8a:cc:ae:2e:11:02:
                    1c:31:d1:54:6c:6c:e3:a4:1f:92:d4:20:aa:3a:64:
                    07:22:27:d8:f7:83:bc:b5:13:83:72:ae:72:02:24:
                    e4:f4:e8:a9:dd:5d:33:35:5e:a1:a3:31:00:33:e3:
                    6a:89:76:d2:d5:59:8c:3e:48:bb:49:c1:91:9d:db:
                    4f:6d:b1:35:4b:a0:d2:15:41:c3:ed:7b:aa:dc:49:
                    9f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:AC:3C:F7:68:77:9E:53:CF:C9:21:64:23:5E:5E:C5:E3:DD:B1:FC
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:8d:12:d2:0a:93:62:fa:f5:71:23:ee:23:3e:d8:c7:d8:c7:
         3a:56:12:5f:e7:1b:99:39:bf:b6:49:d0:46:a2:6f:57:4b:09:
         6e:4b:68:cd:2c:72:2c:c7:00:c5:f2:5a:c4:e1:c5:38:06:dc:
         24:4d:de:02:96:f9:d4:0f:6e:ec:77:8d:aa:6d:1e:c6:61:a2:
         24:cd:2c:2e:55:92:e0:13:8e:88:5b:d3:11:e2:2a:bb:94:c1:
         c2:9b:45:db:ea:5a:2e:a8:9c:7d:03:8b:9c:27:b9:1c:de:71:
         49:80:5e:c4:bd:06:e2:8f:3d:d7:fb:b2:49:8e:16:f2:73:b0:
         64:32:65:52:74:b6:63:58:8d:36:77:65:fc:c8:58:05:53:71:
         8d:04:48:b9:d6:1f:47:14:b8:44:cb:41:f9:de:bf:16:a4:04:
         f9:81:dc:a8:2c:ed:3c:04:ca:ad:65:6c:0c:62:fe:9e:28:4c:
         bb:a0:65:86:9c:62:2c:a3:06:40:32:da:de:ad:94:06:eb:13:
         46:e4:72:39:88:46:fa:dd:9d:ea:92:89:9b:0c:ff:d0:1c:9b:
         07:87:f6:ca:bd:60:b8:e0:68:a8:f6:fe:32:81:7a:81:54:9b:
         ce:b4:38:36:c0:9c:40:21:4a:f1:e2:51:c9:72:a1:0d:bc:6e:
         89:19:2d:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcu3k+espiOqphU1DDEajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjUwODIzMDEwMjM4WhcNMjUwODI0MDEwMjM4WjAzMTEwLwYDVQQD
Eyg5N2FjM2NmNzY4Nzc5ZTUzY2ZjOTIxNjQyMzVlNWVjNWUzZGRiMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVes1ZbTu9ZSlNdOF44nuOKj3t7G
Pn2uiJKAHhDvIgREwiBBfm+3Xdpl6AGD176tO1/aCQ58wf5nt3ROnqskckHbD9PX
dsD5NzBcJRHuVRFu6rjFHacL//18n/9z2Oyg+edTQ6nnChS7PVCGo36vqSAh+EQG
rp/h9tj1ZGmZtB7CV5pLuf30ea6KHljoOLRsQupkyulzJ9PfM4JAqUiBdK1yActm
CEXRgxJ8v+KKzK4uEQIcMdFUbGzjpB+S1CCqOmQHIifY94O8tRODcq5yAiTk9Oip
3V0zNV6hozEAM+NqiXbS1VmMPki7ScGRndtPbbE1S6DSFUHD7Xuq3EmfcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJesPPdod55Tz8khZCNeXsXj3bH8MB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwY0S0gqT
Yvr1cSPuIz7Yx9jHOlYSX+cbmTm/tknQRqJvV0sJbktozSxyLMcAxfJaxOHFOAbc
JE3eApb51A9u7HeNqm0exmGiJM0sLlWS4BOOiFvTEeIqu5TBwptF2+paLqicfQOL
nCe5HN5xSYBexL0G4o891/uySY4W8nOwZDJlUnS2Y1iNNndl/MhYBVNxjQRIudYf
RxS4RMtB+d6/FqQE+YHcqCztPATKrWVsDGL+nihMu6BlhpxiLKMGQDLa3q2UBusT
RuRyOYhG+t2d6pKJmwz/0BybB4f2yr1guOBoqPb+MoF6gVSbzrQ4NsCcQCFK8eJR
yXKhDbxuiRktgw==
-----END CERTIFICATE-----