Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          IVMrVlUmGkyLJOIsP9L3xGhwSjesovksNPmQdTBW9EI=
Subject key identifier:   65:64:22:33:7E:13:FB:C8:83:3E:6C:C7:27:3B:DB:8A:3D:F4:06:E8
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       0199FBEBD435270F704CDB9E13162B8091C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          13DB
Signing time:             Sun 19 Oct 2025 10:02:40 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:40 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:40 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: ITROsRaa3mTQm+45vltS/gNOLzrywzu6+zEFDpS7w/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:d4:35:27:0f:70:4c:db:9e:13:16:2b:80:91:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Oct 19 10:02:40 2025 GMT
            Not After : Oct 20 10:02:40 2025 GMT
        Subject: CN=656422337e13fbc8833e6cc7273bdb8a3df406e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:8d:d2:5a:b7:08:9b:f6:0c:74:63:9c:63:69:
                    9f:fc:17:4d:50:59:36:97:cd:44:b9:75:49:09:58:
                    db:d1:fa:7a:98:8d:6b:a1:49:be:e2:5b:e5:08:98:
                    41:7c:cb:d4:6a:f9:f2:84:34:d3:1a:cb:b5:d5:87:
                    7c:fe:aa:d8:c9:93:c8:29:ff:67:a7:d6:91:65:1f:
                    d5:7f:e1:18:5f:65:15:11:92:be:22:64:7f:79:00:
                    b8:da:ee:18:3f:97:b0:b3:4f:ac:8c:0e:b8:27:f7:
                    0a:fb:fc:1c:b1:54:bf:e4:44:03:c5:4f:cb:5a:b3:
                    b8:21:66:08:c8:e2:61:ba:90:4c:86:93:59:61:ee:
                    b7:a5:9e:3c:9a:6b:5d:12:db:08:5c:dd:e7:9c:5d:
                    89:a8:28:a4:3a:3a:84:59:24:93:41:d0:4c:6e:dd:
                    d0:c6:4d:2e:6a:ff:86:bd:41:03:75:d3:e5:f5:32:
                    4b:a9:4d:75:fd:f5:61:bf:71:3d:f5:ce:ba:81:2b:
                    1d:c8:c3:ae:03:fd:49:f4:45:fe:b3:7c:a9:9b:13:
                    e2:a6:dd:0f:de:cf:7b:30:6b:c6:61:bf:db:5c:46:
                    ac:ef:2b:f0:9a:5b:3e:8b:cc:76:e3:4d:75:3d:fa:
                    ef:d2:14:2e:75:05:04:72:05:99:7f:a2:bf:4b:31:
                    01:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:64:22:33:7E:13:FB:C8:83:3E:6C:C7:27:3B:DB:8A:3D:F4:06:E8
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:e9:1a:83:8d:2b:a7:d6:51:ac:ab:eb:de:37:d0:cf:b2:2e:
         3c:28:ef:8c:97:c8:1d:75:2d:9b:4c:bf:2a:27:70:bb:78:b6:
         59:8d:a2:d0:5b:77:87:af:a2:c7:88:5f:49:f9:ae:85:3c:5b:
         90:09:00:6b:8f:13:d6:5b:89:ba:f8:40:98:64:33:5a:19:47:
         65:65:5c:34:1f:56:42:32:40:ce:14:17:1d:de:c6:ee:a0:79:
         63:68:67:5e:fc:85:4b:20:74:b6:d8:d3:6e:8f:a1:cc:ee:1f:
         80:85:84:84:53:b6:2e:67:77:a7:8c:72:04:d7:83:5d:0f:ce:
         9d:35:18:c5:61:7e:1e:f1:45:99:ff:01:62:08:74:9f:a7:4d:
         4c:ee:a7:e1:b2:97:d1:c6:20:bc:ec:c1:34:dc:b2:01:48:63:
         f2:fa:2e:b3:db:cc:93:59:8c:05:59:73:b9:14:cc:95:38:7f:
         71:19:b1:77:c5:26:83:f4:ad:81:70:ed:a2:e8:ba:5b:b4:7c:
         05:e4:20:59:8e:12:cd:eb:37:e7:61:6d:ed:2f:e7:77:73:a2:
         8b:93:2b:ca:8b:4a:92:74:02:d9:73:3b:59:8f:2a:4b:52:8b:
         db:e5:0f:43:0e:9c:12:42:03:19:48:b5:cd:ec:c7:ab:5f:a7:
         52:6b:8a:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn769Q1Jw9wTNueExYrgJHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjUxMDE5MTAwMjQwWhcNMjUxMDIwMTAwMjQwWjAzMTEwLwYDVQQD
Eyg2NTY0MjIzMzdlMTNmYmM4ODMzZTZjYzcyNzNiZGI4YTNkZjQwNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo3SWrcIm/YMdGOcY2mf/BdNUFk2
l81EuXVJCVjb0fp6mI1roUm+4lvlCJhBfMvUavnyhDTTGsu11Yd8/qrYyZPIKf9n
p9aRZR/Vf+EYX2UVEZK+ImR/eQC42u4YP5ews0+sjA64J/cK+/wcsVS/5EQDxU/L
WrO4IWYIyOJhupBMhpNZYe63pZ48mmtdEtsIXN3nnF2JqCikOjqEWSSTQdBMbt3Q
xk0uav+GvUEDddPl9TJLqU11/fVhv3E99c66gSsdyMOuA/1J9EX+s3ypmxPipt0P
3s97MGvGYb/bXEas7yvwmls+i8x24011Pfrv0hQudQUEcgWZf6K/SzEBXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVkIjN+E/vIgz5sxyc724o99AboMB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuOkag40r
p9ZRrKvr3jfQz7IuPCjvjJfIHXUtm0y/Kidwu3i2WY2i0Ft3h6+ix4hfSfmuhTxb
kAkAa48T1luJuvhAmGQzWhlHZWVcNB9WQjJAzhQXHd7G7qB5Y2hnXvyFSyB0ttjT
bo+hzO4fgIWEhFO2Lmd3p4xyBNeDXQ/OnTUYxWF+HvFFmf8BYgh0n6dNTO6n4bKX
0cYgvOzBNNyyAUhj8vous9vMk1mMBVlzuRTMlTh/cRmxd8Umg/StgXDtoui6W7R8
BeQgWY4Szes352Ft7S/nd3Oii5MryotKknQC2XM7WY8qS1KL2+UPQw6cEkIDGUi1
zezHq1+nUmuK0w==
-----END CERTIFICATE-----