Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.mft
File:                     kOphmXVeYwDwQCwqCO1DegpzAB4.mft (raw, json)
Hash identifier:          JdC4kRooZm7r2F7klroeO4YtoEF+2pTOSEoNgy0OXaU=
Subject key identifier:   AA:B6:2C:CA:75:2D:FE:46:62:DB:FE:1C:5A:1B:D1:11:52:E2:C4:7B
Authority key identifier: 90:EA:61:99:75:5E:63:00:F0:40:2C:2A:08:ED:43:7A:0A:73:00:1E
Certificate issuer:       /CN=90ea6199755e6300f0402c2a08ed437a0a73001e
Certificate serial:       0199FE47230662EB2FB6F5CD138D17C53EEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kOphmXVeYwDwQCwqCO1DegpzAB4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.mft
Manifest number:          16E2
Signing time:             Sun 19 Oct 2025 21:01:38 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:38 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:38 +0000
Files and hashes:         1: kOphmXVeYwDwQCwqCO1DegpzAB4.crl (hash: N675ifzvCxgXeoc8eehVjFbk8EsvGQ1j3VmjkTLpZqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kOphmXVeYwDwQCwqCO1DegpzAB4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:23:06:62:eb:2f:b6:f5:cd:13:8d:17:c5:3e:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90ea6199755e6300f0402c2a08ed437a0a73001e
        Validity
            Not Before: Oct 19 21:01:38 2025 GMT
            Not After : Oct 20 21:01:38 2025 GMT
        Subject: CN=aab62cca752dfe4662dbfe1c5a1bd11152e2c47b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:61:5e:d5:3e:8b:f4:27:3c:38:1f:f5:9f:86:
                    32:cf:93:f1:24:94:ae:5c:9a:e1:74:b8:86:7b:25:
                    22:be:9d:77:5b:67:72:2d:8b:81:67:53:92:68:4e:
                    e0:e7:e5:a0:62:ec:cf:a0:05:93:89:66:67:fc:21:
                    71:1f:93:22:d7:48:b9:2c:93:84:c7:88:bc:0f:95:
                    a0:53:62:65:17:73:92:14:5c:b3:d8:5b:7a:52:fd:
                    d4:55:24:bf:04:64:a4:e6:66:c4:c3:a6:68:c1:83:
                    d5:a8:29:9d:79:b2:e8:4f:a8:5f:f5:1a:39:ce:b3:
                    6b:f6:11:e4:cd:eb:d4:65:cd:c6:88:36:ad:c0:23:
                    32:7c:62:ac:7d:7e:20:87:e2:ea:b7:8d:af:ef:25:
                    69:64:3a:3d:15:a4:74:41:e7:bf:e2:3d:6a:e7:d0:
                    fa:62:40:68:4a:9c:f9:8c:d8:5b:f2:43:1f:0f:fe:
                    57:38:f0:72:33:58:49:33:3b:5a:20:93:84:11:9b:
                    2e:b2:ee:b6:97:83:1a:a6:39:e9:23:b3:40:de:01:
                    7a:4f:0f:70:19:5a:ff:2e:bd:83:e8:b0:7e:f5:89:
                    8b:9f:b6:d2:8d:0b:d4:bc:ba:31:36:22:14:29:58:
                    94:d8:1e:a6:ba:97:01:82:cc:28:9b:74:18:6b:ca:
                    97:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:B6:2C:CA:75:2D:FE:46:62:DB:FE:1C:5A:1B:D1:11:52:E2:C4:7B
            X509v3 Authority Key Identifier:
                keyid:90:EA:61:99:75:5E:63:00:F0:40:2C:2A:08:ED:43:7A:0A:73:00:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kOphmXVeYwDwQCwqCO1DegpzAB4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6d2a8f-cf90-46fb-8259-c39808d03a18/1/kOphmXVeYwDwQCwqCO1DegpzAB4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:ae:7b:b0:8a:28:df:1d:5c:87:aa:0a:8e:b9:91:29:4a:87:
         60:ba:dc:f4:9a:ff:4a:16:c3:86:57:3e:e6:29:02:94:d8:ea:
         b3:29:9e:93:7f:ad:0f:74:06:7a:08:4e:46:4d:57:43:fd:57:
         aa:98:b3:9e:85:57:22:b7:3c:6b:e8:43:98:a4:e5:d6:fc:4e:
         23:db:80:0b:2f:5a:d0:b3:f4:25:e1:7b:76:48:50:48:05:0f:
         39:9d:7d:16:31:11:ab:e8:14:48:50:89:3a:a5:d7:d9:72:23:
         ce:81:c3:1f:5a:20:01:11:e4:ad:3c:13:9e:51:92:11:67:bd:
         ca:d4:14:88:46:10:11:7f:db:1d:30:8f:83:42:f3:2d:7e:11:
         b8:37:ec:19:c7:83:80:3e:9f:72:d4:d9:04:ad:3d:e4:db:c1:
         8c:e4:d0:7f:30:4d:96:48:54:7c:ec:cb:48:f1:ce:3e:d3:ea:
         34:31:6b:21:85:f0:d6:29:db:4f:11:61:a8:5d:7d:81:59:dc:
         7a:e0:61:ec:a1:b9:2c:2c:be:e2:1f:34:16:fa:6f:7a:64:d3:
         bf:d3:45:48:5c:bc:7a:d3:0e:34:84:dd:33:f0:5d:aa:29:a2:
         e1:34:8c:42:9e:7b:9c:44:f0:21:44:2e:2b:59:86:f1:37:da:
         b6:5e:53:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RyMGYusvtvXNE40XxT7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZWE2MTk5NzU1ZTYzMDBmMDQwMmMyYTA4ZWQ0MzdhMGE3
MzAwMWUwHhcNMjUxMDE5MjEwMTM4WhcNMjUxMDIwMjEwMTM4WjAzMTEwLwYDVQQD
EyhhYWI2MmNjYTc1MmRmZTQ2NjJkYmZlMWM1YTFiZDExMTUyZTJjNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmFe1T6L9Cc8OB/1n4Yyz5PxJJSu
XJrhdLiGeyUivp13W2dyLYuBZ1OSaE7g5+WgYuzPoAWTiWZn/CFxH5Mi10i5LJOE
x4i8D5WgU2JlF3OSFFyz2Ft6Uv3UVSS/BGSk5mbEw6ZowYPVqCmdebLoT6hf9Ro5
zrNr9hHkzevUZc3GiDatwCMyfGKsfX4gh+Lqt42v7yVpZDo9FaR0Qee/4j1q59D6
YkBoSpz5jNhb8kMfD/5XOPByM1hJMztaIJOEEZsusu62l4MapjnpI7NA3gF6Tw9w
GVr/Lr2D6LB+9YmLn7bSjQvUvLoxNiIUKViU2B6mupcBgswom3QYa8qX4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKq2LMp1Lf5GYtv+HFob0RFS4sR7MB8GA1UdIwQY
MBaAFJDqYZl1XmMA8EAsKgjtQ3oKcwAeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva09waG1YVmVZd0R3UUN3cUNPMURlZ3B6QUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ZDJhOGYtY2Y5MC00NmZiLTgyNTkt
YzM5ODA4ZDAzYTE4LzEva09waG1YVmVZd0R3UUN3cUNPMURlZ3B6QUI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ZDJhOGYtY2Y5MC00NmZiLTgyNTktYzM5ODA4ZDAzYTE4
LzEva09waG1YVmVZd0R3UUN3cUNPMURlZ3B6QUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXK57sIoo
3x1ch6oKjrmRKUqHYLrc9Jr/ShbDhlc+5ikClNjqsymek3+tD3QGeghORk1XQ/1X
qpiznoVXIrc8a+hDmKTl1vxOI9uACy9a0LP0JeF7dkhQSAUPOZ19FjERq+gUSFCJ
OqXX2XIjzoHDH1ogARHkrTwTnlGSEWe9ytQUiEYQEX/bHTCPg0LzLX4RuDfsGceD
gD6fctTZBK095NvBjOTQfzBNlkhUfOzLSPHOPtPqNDFrIYXw1inbTxFhqF19gVnc
euBh7KG5LCy+4h80FvpvemTTv9NFSFy8etMONITdM/Bdqimi4TSMQp57nETwIUQu
K1mG8Tfatl5TGg==
-----END CERTIFICATE-----