Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          qso+mX2nbwM/uwWvh1M488fpcS4b5F8MQ1SuJqUyS4s=
Subject key identifier:   A6:1C:A1:92:56:27:2A:E5:EA:95:5D:37:08:EE:43:63:D9:BE:06:A9
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       0198D5BBCE0361A9DE85C4B86B139EBEAAD0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          031B
Signing time:             Sat 23 Aug 2025 07:01:51 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:51 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:51 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: 2TtFU5P55+6nE/0ocahy2WPv0fmrhEttEiaq9tw01aQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:ce:03:61:a9:de:85:c4:b8:6b:13:9e:be:aa:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Aug 23 07:01:51 2025 GMT
            Not After : Aug 24 07:01:51 2025 GMT
        Subject: CN=a61ca19256272ae5ea955d3708ee4363d9be06a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:28:5b:41:8f:c7:09:7a:ca:36:15:bb:76:62:
                    dc:3c:d0:29:f5:80:92:2a:03:63:b7:d2:36:91:99:
                    5d:40:8b:d7:bd:d3:0a:09:e7:94:b6:25:1e:cd:9c:
                    e3:32:80:b5:69:02:87:34:63:81:57:d0:13:18:43:
                    69:44:07:c4:a5:dc:44:f0:6f:cd:52:9a:06:91:22:
                    c9:76:fa:41:b4:af:28:60:f4:33:5e:c1:cc:74:48:
                    66:56:66:da:c1:dc:27:ef:3c:3b:6e:d1:18:8a:30:
                    3c:92:5d:ba:93:be:dc:d8:97:85:b7:12:fd:d1:72:
                    f4:a7:55:50:1d:03:54:48:84:a2:10:b1:ee:0e:bf:
                    d5:5f:c7:b5:eb:e3:de:92:a4:40:f5:2e:45:b3:fe:
                    ce:44:3f:34:0b:6f:a6:d4:d2:0b:cb:1f:84:50:9b:
                    20:04:a3:57:2f:ec:d3:73:d5:49:fa:99:49:24:5d:
                    f5:55:69:f5:86:80:62:8c:92:7f:a2:ef:88:54:b0:
                    0c:50:49:4c:0d:a1:24:81:04:fc:ed:c3:c8:01:d3:
                    9b:56:d2:f4:39:39:e5:d6:02:40:88:9b:f8:18:28:
                    83:6f:de:50:66:de:c5:14:09:e3:fd:e1:8c:8e:78:
                    0c:f3:56:77:f5:72:a7:15:f1:26:08:ef:53:d5:08:
                    90:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:1C:A1:92:56:27:2A:E5:EA:95:5D:37:08:EE:43:63:D9:BE:06:A9
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:f8:45:df:a5:c2:03:a2:d0:1b:74:e7:a9:60:6a:44:6e:6e:
         a5:1f:ac:69:c9:fb:7b:51:0a:ab:45:1d:60:4c:c5:d7:84:00:
         14:11:e0:d9:7c:be:f1:e2:e9:c5:f2:5a:b8:bb:57:fe:84:10:
         ca:1d:ea:19:ac:7b:c0:c3:6d:9c:c3:f0:23:b1:78:f4:a6:1e:
         61:30:81:71:e7:37:f6:bc:0b:60:16:f8:50:2a:34:a1:16:c8:
         90:f3:1c:e2:09:8b:9c:9d:23:14:81:20:62:ef:d3:37:4f:99:
         05:99:d8:ad:fb:57:d2:f8:71:e4:3e:57:63:55:e2:c0:88:2d:
         4c:a3:46:70:38:98:7e:21:04:c4:f6:1a:91:f1:8d:fe:51:76:
         7c:f8:d1:d2:e4:de:2a:ff:20:db:cb:b6:23:78:b0:55:dc:e3:
         13:25:e4:65:af:4b:96:0d:76:aa:89:1c:67:fa:62:20:4f:01:
         af:a1:71:67:51:d7:64:6d:6f:df:36:8c:e2:d8:e2:fa:2f:bf:
         9b:46:7e:a8:84:b3:72:03:c4:2b:54:d0:0f:b1:c1:9e:99:a0:
         d2:ba:95:b5:d0:6c:09:62:f4:d3:34:57:f0:ba:21:1a:3f:28:
         9e:0b:ed:ec:13:54:24:1c:4a:aa:d4:eb:74:01:83:08:3e:e6:
         5b:1c:a8:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu84DYanehcS4axOevqrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjUwODIzMDcwMTUxWhcNMjUwODI0MDcwMTUxWjAzMTEwLwYDVQQD
EyhhNjFjYTE5MjU2MjcyYWU1ZWE5NTVkMzcwOGVlNDM2M2Q5YmUwNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoShbQY/HCXrKNhW7dmLcPNAp9YCS
KgNjt9I2kZldQIvXvdMKCeeUtiUezZzjMoC1aQKHNGOBV9ATGENpRAfEpdxE8G/N
UpoGkSLJdvpBtK8oYPQzXsHMdEhmVmbawdwn7zw7btEYijA8kl26k77c2JeFtxL9
0XL0p1VQHQNUSISiELHuDr/VX8e16+PekqRA9S5Fs/7ORD80C2+m1NILyx+EUJsg
BKNXL+zTc9VJ+plJJF31VWn1hoBijJJ/ou+IVLAMUElMDaEkgQT87cPIAdObVtL0
OTnl1gJAiJv4GCiDb95QZt7FFAnj/eGMjngM81Z39XKnFfEmCO9T1QiQEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYcoZJWJyrl6pVdNwjuQ2PZvgapMB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAPhF36XC
A6LQG3TnqWBqRG5upR+sacn7e1EKq0UdYEzF14QAFBHg2Xy+8eLpxfJauLtX/oQQ
yh3qGax7wMNtnMPwI7F49KYeYTCBcec39rwLYBb4UCo0oRbIkPMc4gmLnJ0jFIEg
Yu/TN0+ZBZnYrftX0vhx5D5XY1XiwIgtTKNGcDiYfiEExPYakfGN/lF2fPjR0uTe
Kv8g28u2I3iwVdzjEyXkZa9Llg12qokcZ/piIE8Br6FxZ1HXZG1v3zaM4tji+i+/
m0Z+qISzcgPEK1TQD7HBnpmg0rqVtdBsCWL00zRX8LohGj8ongvt7BNUJBxKqtTr
dAGDCD7mWxyoGg==
-----END CERTIFICATE-----