Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          U95En4/BwTrArawvyVF7aofc8lQwEdk3YFWIanFAFgk=
Subject key identifier:   6E:61:24:3C:C7:05:49:8B:1A:98:71:02:64:22:12:87:A7:F7:43:91
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       0199FEEBDF5CA1367F02EC57502D70E299E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          0665
Signing time:             Mon 20 Oct 2025 00:01:35 +0000
Manifest this update:     Mon 20 Oct 2025 00:01:35 +0000
Manifest next update:     Tue 21 Oct 2025 00:01:35 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: wIRAGgs/BnQbkC3oPMXhl2mxlvTMU8LiovWcq4Ez15c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:eb:df:5c:a1:36:7f:02:ec:57:50:2d:70:e2:99:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Oct 20 00:01:35 2025 GMT
            Not After : Oct 21 00:01:35 2025 GMT
        Subject: CN=6e61243cc705498b1a98710264221287a7f74391
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a1:3e:10:5e:a2:f2:df:5e:95:97:af:88:d0:
                    3c:cc:23:eb:90:73:7d:e4:78:8f:d6:15:68:a6:26:
                    f6:9e:df:14:31:ce:0f:73:49:5c:c9:a3:2b:20:00:
                    64:93:c1:bf:d3:45:3b:98:80:db:9b:65:2b:96:71:
                    ff:09:6d:e4:cf:2b:18:a2:b8:5e:2f:75:8d:54:ac:
                    f9:28:7c:da:f6:7a:78:83:29:6e:59:16:e6:b9:c6:
                    e0:3c:78:3f:19:2a:b2:6d:d1:f8:fd:c8:3d:e6:d4:
                    a2:c9:f9:bd:12:10:7e:86:09:cd:bc:d8:8b:b6:09:
                    ec:8d:9d:c9:b4:0b:c9:6d:ad:a4:be:c0:50:c4:63:
                    74:29:0c:8e:2d:47:2f:b1:84:cb:c5:62:92:08:e6:
                    b9:bc:28:70:83:b1:60:9e:c9:3d:d5:8d:23:e1:ce:
                    19:d8:c3:ba:67:6f:66:d8:87:50:e6:23:8f:f8:12:
                    29:28:99:ad:75:e7:f8:a7:33:34:9e:14:b9:ff:1c:
                    10:3e:6a:cc:26:a2:79:c4:48:05:62:4d:66:32:94:
                    8d:b5:9b:93:de:d9:e9:89:02:53:7b:ba:27:b9:32:
                    46:17:19:19:51:38:d2:db:84:d7:89:e9:cc:66:b9:
                    93:70:fe:8c:d0:b2:d9:f6:96:02:8c:15:fb:0f:b7:
                    be:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:61:24:3C:C7:05:49:8B:1A:98:71:02:64:22:12:87:A7:F7:43:91
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:b7:e7:2b:48:11:92:b0:79:85:e8:23:27:03:04:b3:6b:98:
         63:9f:52:e1:5c:e5:cb:1b:9c:e3:54:12:a0:66:65:df:19:da:
         53:2f:cd:3e:05:d3:b3:89:ef:f7:2c:2b:18:a0:35:93:66:75:
         e2:6d:78:cb:bd:93:8e:09:3f:3d:45:c3:cc:53:24:8c:1c:b7:
         57:34:8c:0a:e2:f1:cf:43:e6:99:bb:25:fb:a7:bd:4a:a9:3c:
         a5:aa:53:ec:d6:35:72:74:6a:aa:52:1f:c8:91:c0:7f:5d:6b:
         1a:fc:9f:8a:35:70:6e:21:f9:4f:b6:9a:f6:56:62:27:4f:9f:
         ed:be:e8:11:fc:19:39:0d:bb:8d:67:7d:5c:e8:f6:71:90:2c:
         28:4b:b4:f3:79:32:97:df:02:38:c0:e9:84:26:af:ae:e5:7c:
         cd:4a:f4:0e:48:ba:9e:47:85:74:9d:23:c5:f2:1e:73:7c:35:
         b3:f3:67:4c:68:96:b7:25:5d:43:20:33:b0:e6:26:c6:76:01:
         4c:19:99:a2:fe:09:2b:4e:ba:8f:d6:30:5b:06:47:aa:a8:f7:
         ce:65:ce:dc:f1:cc:47:9a:bf:b1:a3:8a:56:1b:94:af:1c:4a:
         50:64:97:a8:6a:8a:16:cd:0a:82:f6:27:48:9c:8f:37:4c:ce:
         81:b6:47:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+699coTZ/AuxXUC1w4pnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUxMDIwMDAwMTM1WhcNMjUxMDIxMDAwMTM1WjAzMTEwLwYDVQQD
Eyg2ZTYxMjQzY2M3MDU0OThiMWE5ODcxMDI2NDIyMTI4N2E3Zjc0MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aE+EF6i8t9elZeviNA8zCPrkHN9
5HiP1hVopib2nt8UMc4Pc0lcyaMrIABkk8G/00U7mIDbm2UrlnH/CW3kzysYorhe
L3WNVKz5KHza9np4gyluWRbmucbgPHg/GSqybdH4/cg95tSiyfm9EhB+hgnNvNiL
tgnsjZ3JtAvJba2kvsBQxGN0KQyOLUcvsYTLxWKSCOa5vChwg7Fgnsk91Y0j4c4Z
2MO6Z29m2IdQ5iOP+BIpKJmtdef4pzM0nhS5/xwQPmrMJqJ5xEgFYk1mMpSNtZuT
3tnpiQJTe7onuTJGFxkZUTjS24TXienMZrmTcP6M0LLZ9pYCjBX7D7e+bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG5hJDzHBUmLGphxAmQiEoen90ORMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLfnK0gR
krB5hegjJwMEs2uYY59S4Vzlyxuc41QSoGZl3xnaUy/NPgXTs4nv9ywrGKA1k2Z1
4m14y72Tjgk/PUXDzFMkjBy3VzSMCuLxz0Pmmbsl+6e9Sqk8papT7NY1cnRqqlIf
yJHAf11rGvyfijVwbiH5T7aa9lZiJ0+f7b7oEfwZOQ27jWd9XOj2cZAsKEu083ky
l98COMDphCavruV8zUr0Dki6nkeFdJ0jxfIec3w1s/NnTGiWtyVdQyAzsOYmxnYB
TBmZov4JK066j9YwWwZHqqj3zmXO3PHMR5q/saOKVhuUrxxKUGSXqGqKFs0KgvYn
SJyPN0zOgbZH6g==
-----END CERTIFICATE-----