Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
File:                     oWkKV2UZ54d6ZAis325pu4RyqhU.mft (raw, json)
Hash identifier:          P9eEsHxR7enbFkd3/6xL5kUOaybBK5pGaxdGYwc0GQc=
Subject key identifier:   33:7A:C4:43:40:2D:79:34:F6:79:3F:28:0E:FA:2E:74:0F:37:FB:A4
Authority key identifier: A1:69:0A:57:65:19:E7:87:7A:64:08:AC:DF:6E:69:BB:84:72:AA:15
Certificate issuer:       /CN=a1690a576519e7877a6408acdf6e69bb8472aa15
Certificate serial:       0198D51641D49D458651CD59BB9C4132BA6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
Manifest number:          053B
Signing time:             Sat 23 Aug 2025 04:01:02 +0000
Manifest this update:     Sat 23 Aug 2025 04:01:02 +0000
Manifest next update:     Sun 24 Aug 2025 04:01:02 +0000
Files and hashes:         1: oWkKV2UZ54d6ZAis325pu4RyqhU.crl (hash: l3mN09ajWj76K8GElrFjivnFzQiiEh3M5J3QAlbXIQw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:41:d4:9d:45:86:51:cd:59:bb:9c:41:32:ba:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1690a576519e7877a6408acdf6e69bb8472aa15
        Validity
            Not Before: Aug 23 04:01:02 2025 GMT
            Not After : Aug 24 04:01:02 2025 GMT
        Subject: CN=337ac443402d7934f6793f280efa2e740f37fba4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7e:9b:93:23:df:85:cf:3d:be:66:90:e5:21:
                    c7:ee:8a:de:39:2b:09:f5:4d:11:07:d2:dd:11:b9:
                    a1:92:d7:28:43:b6:0e:ca:f6:d3:d3:f1:71:4a:f5:
                    1d:85:35:bf:a2:ed:57:59:49:0d:81:10:97:0d:01:
                    82:9d:62:c8:af:e7:57:df:b6:83:c8:32:9d:7b:30:
                    46:96:b6:da:3d:43:84:07:0a:fb:1c:c0:fe:da:ec:
                    b3:80:72:7f:43:3e:15:bb:f8:42:26:46:b0:f5:05:
                    a0:10:c1:45:e1:ad:22:e2:d7:4d:57:3b:d6:ca:a1:
                    ad:2a:86:c4:ec:18:0e:a9:9c:a1:c4:b0:db:9f:2c:
                    b9:0d:f8:ac:cb:69:ce:81:71:be:1b:51:ff:a2:6d:
                    2a:9b:f6:df:6b:b9:54:d5:c1:5f:f5:44:e2:b5:f9:
                    ff:bf:74:3e:4e:3c:0d:d0:cc:12:45:a6:64:e8:54:
                    b1:ee:e9:f7:8d:79:d9:3f:24:19:03:12:03:b3:1b:
                    34:ae:83:6f:3f:9f:99:57:1d:8a:37:78:c7:ab:f8:
                    d2:49:96:51:87:7b:47:ed:75:e1:97:33:64:15:29:
                    6b:a4:4f:11:a2:bd:ec:af:1b:23:a6:ea:9a:be:97:
                    53:85:87:9d:d8:04:8f:dc:71:cd:37:5d:8b:1b:bd:
                    b2:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:7A:C4:43:40:2D:79:34:F6:79:3F:28:0E:FA:2E:74:0F:37:FB:A4
            X509v3 Authority Key Identifier:
                keyid:A1:69:0A:57:65:19:E7:87:7A:64:08:AC:DF:6E:69:BB:84:72:AA:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:bb:28:00:00:89:38:b1:86:01:9c:a6:a3:d0:b6:a6:a3:26:
         49:82:06:99:a0:44:d3:9f:8a:bb:b0:8a:96:61:96:c6:2f:14:
         90:e4:f0:cb:18:0c:2f:d4:99:e6:17:ac:1a:0f:ee:44:f6:4a:
         27:0d:39:71:95:f9:9b:59:be:87:ca:08:cf:00:98:d9:96:a2:
         b6:0c:f6:b4:aa:cb:e3:01:3a:ea:9c:2f:f7:f4:b5:02:59:be:
         4f:82:3a:78:64:16:a6:2b:be:45:37:eb:d2:42:d3:73:68:be:
         ff:b6:f9:6e:1e:a9:ec:86:5e:ea:34:9a:38:79:05:f5:e1:6a:
         a3:4b:24:cf:8a:02:46:f6:69:bf:c0:31:d3:08:02:c0:7d:d5:
         73:f7:91:0a:7b:db:c8:79:b1:95:b3:e0:eb:a6:f4:4f:89:d0:
         a4:9c:b4:d2:11:41:1e:26:26:26:5f:5e:cd:f2:ed:8f:45:95:
         52:ed:c9:86:d5:ef:c5:83:5f:39:2d:45:95:ef:54:2a:21:64:
         74:f8:40:77:fa:cd:9e:ba:c4:05:37:f6:c4:52:23:03:9a:f8:
         3d:79:c3:a3:16:6c:a3:c6:34:a2:ed:4e:db:45:71:87:7c:e5:
         3e:6f:a3:3b:09:f6:0c:ad:9c:83:9b:19:95:7c:3e:8f:ed:73:
         48:32:0a:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFkHUnUWGUc1Zu5xBMrptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjkwYTU3NjUxOWU3ODc3YTY0MDhhY2RmNmU2OWJiODQ3
MmFhMTUwHhcNMjUwODIzMDQwMTAyWhcNMjUwODI0MDQwMTAyWjAzMTEwLwYDVQQD
EygzMzdhYzQ0MzQwMmQ3OTM0ZjY3OTNmMjgwZWZhMmU3NDBmMzdmYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn6bkyPfhc89vmaQ5SHH7oreOSsJ
9U0RB9LdEbmhktcoQ7YOyvbT0/FxSvUdhTW/ou1XWUkNgRCXDQGCnWLIr+dX37aD
yDKdezBGlrbaPUOEBwr7HMD+2uyzgHJ/Qz4Vu/hCJkaw9QWgEMFF4a0i4tdNVzvW
yqGtKobE7BgOqZyhxLDbnyy5Dfisy2nOgXG+G1H/om0qm/bfa7lU1cFf9UTitfn/
v3Q+TjwN0MwSRaZk6FSx7un3jXnZPyQZAxIDsxs0roNvP5+ZVx2KN3jHq/jSSZZR
h3tH7XXhlzNkFSlrpE8Ror3srxsjpuqavpdThYed2ASP3HHNN12LG72ylQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDN6xENALXk09nk/KA76LnQPN/ukMB8GA1UdIwQY
MBaAFKFpCldlGeeHemQIrN9uabuEcqoVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wMTcxNDctYTZjMS00ZjQ4LWE1ZDkt
MmNkZTQwNDVjNDJhLzEvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wMTcxNDctYTZjMS00ZjQ4LWE1ZDktMmNkZTQwNDVjNDJh
LzEvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGLsoAACJ
OLGGAZymo9C2pqMmSYIGmaBE05+Ku7CKlmGWxi8UkOTwyxgML9SZ5hesGg/uRPZK
Jw05cZX5m1m+h8oIzwCY2Zaitgz2tKrL4wE66pwv9/S1Alm+T4I6eGQWpiu+RTfr
0kLTc2i+/7b5bh6p7IZe6jSaOHkF9eFqo0skz4oCRvZpv8Ax0wgCwH3Vc/eRCnvb
yHmxlbPg66b0T4nQpJy00hFBHiYmJl9ezfLtj0WVUu3JhtXvxYNfOS1Fle9UKiFk
dPhAd/rNnrrEBTf2xFIjA5r4PXnDoxZso8Y0ou1O20Vxh3zlPm+jOwn2DK2cg5sZ
lXw+j+1zSDIKDA==
-----END CERTIFICATE-----