Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          TdcH2pQw3Rztufvrf4nTCqmQILjU4wVgKXXuQ7PKqqU=
Subject key identifier:   6A:1E:13:C4:1D:77:E9:EC:FD:4C:D6:A9:BC:9A:C0:7A:B1:D7:24:37
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       0197B88FF28B16D999C3940B2125AE653D1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          12AF
Signing time:             Sat 28 Jun 2025 22:02:10 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:10 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:10 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: Qp1Q3VdnYvQBSipwFbFaEAPtjVkTUL/LLIzN/u3zVPA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:f2:8b:16:d9:99:c3:94:0b:21:25:ae:65:3d:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Jun 28 22:02:10 2025 GMT
            Not After : Jun 29 22:02:10 2025 GMT
        Subject: CN=6a1e13c41d77e9ecfd4cd6a9bc9ac07ab1d72437
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:6f:c7:de:c3:1f:c7:06:bd:26:f0:82:16:a7:
                    61:1e:6a:2b:27:77:09:67:96:a7:12:77:57:aa:0f:
                    4c:79:06:91:ce:1c:aa:a9:fe:c0:c7:51:cd:e7:05:
                    94:4d:a1:75:ab:e6:e1:69:28:f0:41:00:1d:3b:2e:
                    5d:98:c0:52:5c:c9:1c:54:04:8b:69:3a:43:8e:b1:
                    3e:6f:d9:f1:c9:0d:aa:5a:2f:72:74:3a:17:66:a9:
                    6f:ab:94:78:de:a5:f3:ce:48:3a:ae:b6:7f:b2:73:
                    a5:d3:e2:b1:ae:75:2d:3d:6c:b7:f1:6e:96:70:14:
                    b0:d8:bb:70:6d:48:fd:40:41:75:34:84:a3:ea:57:
                    65:af:ce:46:89:4f:2a:f2:2d:41:96:2f:cb:f0:ff:
                    83:73:e1:7a:2b:a2:f2:8f:20:ee:e5:f6:21:6e:ba:
                    05:bc:23:5f:21:4b:84:18:71:ac:de:ae:04:5f:82:
                    61:d6:40:c7:8f:55:3d:7d:62:9b:fc:58:56:85:31:
                    37:74:30:2e:fd:fc:17:17:10:dd:69:82:0a:0b:55:
                    af:a8:86:eb:df:30:35:45:2d:b9:50:79:65:15:25:
                    a7:41:4b:71:2a:b8:b6:e4:01:32:48:a5:71:38:5c:
                    2c:06:21:34:66:30:05:7b:c0:19:a3:e7:44:9a:e9:
                    9b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:1E:13:C4:1D:77:E9:EC:FD:4C:D6:A9:BC:9A:C0:7A:B1:D7:24:37
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:f6:5d:49:48:81:2b:3b:2f:53:c4:4b:4d:94:7e:f7:bd:25:
         02:4c:cf:75:9c:55:32:22:3b:c8:e0:58:d4:de:3c:0c:14:fe:
         bb:44:30:00:80:c2:c8:0e:b6:f8:59:08:ce:db:8b:5d:e2:9d:
         4c:9f:d7:89:cd:7e:d2:78:a6:16:19:75:60:cd:7d:95:a7:4f:
         60:c2:b0:7e:cd:74:7a:99:9c:67:f6:2b:75:41:0e:53:e6:71:
         c7:7a:2f:d0:1b:22:f9:e0:00:41:75:f5:7e:ee:a7:8a:f8:f8:
         6a:34:5e:be:21:f0:ce:69:8b:d7:92:1f:2d:e2:10:da:fb:19:
         c9:e8:5c:1e:1c:a5:97:ae:b5:ae:ec:e1:c4:16:74:71:7d:c2:
         10:43:d0:17:a8:0a:27:69:ba:f3:e5:f0:53:93:90:b2:28:fd:
         35:a1:eb:1a:c3:46:c8:6a:f1:c7:e6:ec:82:f4:5a:17:c2:75:
         93:f2:5f:5d:30:e2:49:29:43:da:71:8f:0d:64:c6:5f:91:10:
         80:5f:0e:6a:f6:bd:14:13:23:6a:ee:32:33:b5:01:a3:4e:fe:
         e8:fb:db:1b:a5:7c:4b:f3:a2:b0:ae:b6:6f:52:16:8b:71:63:
         ce:a2:3e:87:d3:3e:9d:0a:e0:ac:47:20:5b:e3:b5:7e:14:25:
         84:e5:72:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j/KLFtmZw5QLISWuZT0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjUwNjI4MjIwMjEwWhcNMjUwNjI5MjIwMjEwWjAzMTEwLwYDVQQD
Eyg2YTFlMTNjNDFkNzdlOWVjZmQ0Y2Q2YTliYzlhYzA3YWIxZDcyNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum/H3sMfxwa9JvCCFqdhHmorJ3cJ
Z5anEndXqg9MeQaRzhyqqf7Ax1HN5wWUTaF1q+bhaSjwQQAdOy5dmMBSXMkcVASL
aTpDjrE+b9nxyQ2qWi9ydDoXZqlvq5R43qXzzkg6rrZ/snOl0+KxrnUtPWy38W6W
cBSw2LtwbUj9QEF1NISj6ldlr85GiU8q8i1Bli/L8P+Dc+F6K6LyjyDu5fYhbroF
vCNfIUuEGHGs3q4EX4Jh1kDHj1U9fWKb/FhWhTE3dDAu/fwXFxDdaYIKC1WvqIbr
3zA1RS25UHllFSWnQUtxKri25AEySKVxOFwsBiE0ZjAFe8AZo+dEmumbZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGoeE8Qdd+ns/UzWqbyawHqx1yQ3MB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvZdSUiB
KzsvU8RLTZR+970lAkzPdZxVMiI7yOBY1N48DBT+u0QwAIDCyA62+FkIztuLXeKd
TJ/Xic1+0nimFhl1YM19ladPYMKwfs10epmcZ/YrdUEOU+Zxx3ov0Bsi+eAAQXX1
fu6nivj4ajReviHwzmmL15IfLeIQ2vsZyehcHhyll661ruzhxBZ0cX3CEEPQF6gK
J2m68+XwU5OQsij9NaHrGsNGyGrxx+bsgvRaF8J1k/JfXTDiSSlD2nGPDWTGX5EQ
gF8Oava9FBMjau4yM7UBo07+6PvbG6V8S/OisK62b1IWi3FjzqI+h9M+nQrgrEcg
W+O1fhQlhOVyIg==
-----END CERTIFICATE-----