Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          u2l9PIr1fkAJGEadD+VM2LMJbBv/WSaH0hs9xctk7vw=
Subject key identifier:   C3:95:9B:D7:28:FC:3C:8F:3C:B2:BE:A4:3D:C0:97:40:61:5E:DB:44
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       0198D6CDF47051B9259B86C075CF789B5750
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          1395
Signing time:             Sat 23 Aug 2025 12:01:18 +0000
Manifest this update:     Sat 23 Aug 2025 12:01:18 +0000
Manifest next update:     Sun 24 Aug 2025 12:01:18 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: QXdg0vrk3U0/R4Yjg4PMhqapC7It5ePLOIXzD63OFRQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:f4:70:51:b9:25:9b:86:c0:75:cf:78:9b:57:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Aug 23 12:01:18 2025 GMT
            Not After : Aug 24 12:01:18 2025 GMT
        Subject: CN=c3959bd728fc3c8f3cb2bea43dc09740615edb44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:24:01:ce:bf:aa:f6:f7:8c:43:df:ac:c2:b5:
                    34:f8:19:91:26:00:b7:79:a0:98:da:62:18:0b:2d:
                    9e:5c:2c:9e:96:5a:34:bd:67:6a:93:b8:71:3a:9e:
                    f0:89:f7:70:46:85:72:62:a8:15:4f:66:5f:69:0f:
                    8b:c6:c5:6f:66:0f:57:9b:4d:31:fd:6d:53:8e:fc:
                    1e:5f:f9:b6:e0:ae:f8:8b:2a:15:5c:20:24:3c:2b:
                    64:e7:e2:45:db:5d:1b:f1:b5:0e:b4:de:df:c9:72:
                    3f:37:bf:a7:5d:95:2c:7d:98:1d:52:35:2e:f5:b2:
                    36:44:0c:6e:9c:8c:fa:94:d7:fb:22:11:ac:5e:54:
                    86:fd:47:e7:f9:a5:b4:ff:42:52:b4:65:1c:e5:58:
                    72:6b:0d:dd:51:68:ea:28:23:a4:5f:10:17:d7:4f:
                    0a:0d:ec:0c:6c:4b:50:9c:ad:0a:a9:75:ae:44:d1:
                    8d:a3:a5:c5:27:9a:96:a0:6a:bc:9b:a4:26:85:50:
                    ca:69:f9:e2:1a:72:95:ab:82:36:24:fb:fb:9b:1b:
                    0e:12:4e:7b:82:e5:3f:77:83:a2:20:97:90:0c:45:
                    07:3b:78:7a:21:e7:9d:2a:3a:f5:8e:70:56:79:79:
                    27:ac:50:6d:c9:5b:ea:b7:dc:06:76:6b:96:b4:db:
                    1f:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:95:9B:D7:28:FC:3C:8F:3C:B2:BE:A4:3D:C0:97:40:61:5E:DB:44
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:35:28:71:2d:59:12:05:88:ed:06:8b:83:ab:d6:c7:ef:35:
         fd:34:2d:83:aa:97:af:7f:74:15:4f:a1:eb:c1:5a:05:52:78:
         31:7e:7b:d3:eb:82:57:cb:5c:e6:9e:38:77:39:38:45:2b:ba:
         b8:a0:19:d2:fd:34:66:94:6d:1d:4b:5c:a6:f1:4d:82:7d:dc:
         8f:9a:81:89:cc:36:69:76:de:f7:b8:cc:f1:c1:1f:33:34:0e:
         f1:fe:a6:62:79:7c:a9:c9:99:be:24:35:22:36:47:57:1a:6e:
         18:fb:be:23:ca:da:57:07:d9:27:23:7c:61:fd:27:dc:ec:01:
         79:5b:3e:f3:32:8a:ac:ae:cf:dd:69:b2:9e:29:60:69:9c:6e:
         ac:cf:d0:0c:e9:52:31:1c:ec:55:d1:9c:2d:31:72:2f:81:c1:
         ca:6d:3b:d4:90:20:22:13:72:1e:0f:29:13:cf:50:96:b9:04:
         f7:88:53:fd:93:a1:c8:59:79:0c:26:1f:96:6f:0c:6a:f8:f9:
         ae:33:72:fb:56:01:50:87:18:a6:1c:bb:30:39:7c:f5:f6:ac:
         f0:4a:51:4e:c8:ad:c9:fa:3a:c7:92:e9:c4:3c:69:d4:cb:e5:
         e5:b1:e5:31:37:e3:30:6b:06:c9:e9:92:06:d5:b6:7b:b7:6d:
         77:90:fa:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzfRwUbklm4bAdc94m1dQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjUwODIzMTIwMTE4WhcNMjUwODI0MTIwMTE4WjAzMTEwLwYDVQQD
EyhjMzk1OWJkNzI4ZmMzYzhmM2NiMmJlYTQzZGMwOTc0MDYxNWVkYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCQBzr+q9veMQ9+swrU0+BmRJgC3
eaCY2mIYCy2eXCyello0vWdqk7hxOp7wifdwRoVyYqgVT2ZfaQ+LxsVvZg9Xm00x
/W1TjvweX/m24K74iyoVXCAkPCtk5+JF210b8bUOtN7fyXI/N7+nXZUsfZgdUjUu
9bI2RAxunIz6lNf7IhGsXlSG/Ufn+aW0/0JStGUc5Vhyaw3dUWjqKCOkXxAX108K
DewMbEtQnK0KqXWuRNGNo6XFJ5qWoGq8m6QmhVDKafniGnKVq4I2JPv7mxsOEk57
guU/d4OiIJeQDEUHO3h6IeedKjr1jnBWeXknrFBtyVvqt9wGdmuWtNsfQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOVm9co/DyPPLK+pD3Al0BhXttEMB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfzUocS1Z
EgWI7QaLg6vWx+81/TQtg6qXr390FU+h68FaBVJ4MX570+uCV8tc5p44dzk4RSu6
uKAZ0v00ZpRtHUtcpvFNgn3cj5qBicw2aXbe97jM8cEfMzQO8f6mYnl8qcmZviQ1
IjZHVxpuGPu+I8raVwfZJyN8Yf0n3OwBeVs+8zKKrK7P3WmynilgaZxurM/QDOlS
MRzsVdGcLTFyL4HBym071JAgIhNyHg8pE89QlrkE94hT/ZOhyFl5DCYflm8Mavj5
rjNy+1YBUIcYphy7MDl89fas8EpRTsityfo6x5LpxDxp1Mvl5bHlMTfjMGsGyemS
BtW2e7dtd5D6Rw==
-----END CERTIFICATE-----