Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          neATz2Po761zZFm9LPTfOcCEex0wkN2DXO14xWroAWY=
Subject key identifier:   19:16:E5:23:03:5F:5A:15:8D:39:E6:AE:F7:72:5F:05:33:3F:A1:2E
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       0198D5BB90FD19304721F1EDE8B0B0D345B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0A59
Signing time:             Sat 23 Aug 2025 07:01:35 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:35 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:35 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: l+gtwbiJGie179O5blG4Zc4Zhnhe6gA0Hd8Vg714PJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:90:fd:19:30:47:21:f1:ed:e8:b0:b0:d3:45:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Aug 23 07:01:35 2025 GMT
            Not After : Aug 24 07:01:35 2025 GMT
        Subject: CN=1916e523035f5a158d39e6aef7725f05333fa12e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5b:51:9e:53:6b:c1:30:a7:62:b6:95:4b:23:
                    41:7d:d0:34:ed:8f:9f:cd:02:fc:94:c5:13:68:b8:
                    70:f6:c1:dd:c3:e1:6e:cc:6f:27:65:cb:6a:1c:63:
                    03:e7:5a:b7:e7:38:2e:1d:52:23:b3:33:58:a5:a7:
                    fd:74:96:ef:7d:a5:a3:1a:34:8e:dc:96:c5:05:f6:
                    cd:b0:71:01:28:29:38:6b:44:33:e9:bc:cc:88:57:
                    18:0b:4f:42:ea:61:19:76:2e:fe:8d:f2:ae:02:de:
                    2c:d4:2a:4e:cb:98:ea:3b:29:7d:83:42:bd:d2:a5:
                    11:f3:91:9d:cf:7c:99:84:02:d7:22:aa:ca:42:f9:
                    72:ae:67:75:e7:ce:d9:3b:70:1e:fc:0e:c1:99:00:
                    18:8a:07:f8:9c:90:4a:73:46:97:d5:96:75:3f:f3:
                    8f:29:d5:76:92:5b:c7:c8:7f:0a:d2:7e:cf:a4:40:
                    52:a8:84:85:89:52:39:9e:71:39:73:7a:84:0b:f7:
                    9a:19:a1:3f:29:87:02:7f:87:26:de:bf:98:9b:3f:
                    57:19:70:89:e0:41:61:27:b8:5f:cb:9e:b3:70:e4:
                    e9:ca:48:1e:54:08:db:05:0d:90:30:2a:15:df:67:
                    b4:e4:ff:3c:95:af:82:33:e2:a1:d0:23:f1:59:eb:
                    9c:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:16:E5:23:03:5F:5A:15:8D:39:E6:AE:F7:72:5F:05:33:3F:A1:2E
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:13:fd:5f:64:6e:28:a4:e1:c7:c5:13:c0:17:0c:21:ca:ad:
         89:cc:3d:91:5e:e8:92:82:55:4d:b2:01:6b:a4:a6:84:dd:50:
         79:8b:34:e0:99:be:c3:68:7a:e3:cf:45:20:4f:39:4b:81:34:
         c5:00:16:e3:50:8c:e5:d0:2a:4a:53:5f:7d:b9:a5:b9:db:8c:
         ce:82:4d:c1:be:31:6b:08:da:c2:d0:50:d3:aa:79:a6:0e:45:
         29:33:e4:92:ca:16:1b:97:cf:cc:e9:8c:f6:c2:ab:ef:f3:31:
         9f:07:91:9f:3c:12:2f:5c:34:d8:3f:63:e5:94:a8:23:e2:0e:
         71:da:c5:9c:89:c0:ac:ca:09:fa:1a:2b:86:65:14:2c:39:9c:
         3b:d6:89:9f:bf:24:06:f3:5b:8c:e8:a4:01:71:cb:1d:77:03:
         df:76:2c:53:91:6f:1a:b6:d6:62:4e:fa:5e:63:6c:4c:08:7a:
         9c:f0:29:7b:9b:10:0a:6f:ff:da:8a:d6:aa:48:96:b5:35:07:
         e1:08:f1:bb:3d:0f:a2:70:66:e2:24:5a:a1:44:63:f4:0b:b4:
         a7:01:00:7f:35:74:49:a3:b1:c5:8c:40:00:a3:40:95:72:08:
         45:2d:eb:bf:4e:61:b4:6f:1c:29:37:6c:f8:b0:e1:a6:83:7f:
         90:fa:48:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu5D9GTBHIfHt6LCw00W2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjUwODIzMDcwMTM1WhcNMjUwODI0MDcwMTM1WjAzMTEwLwYDVQQD
EygxOTE2ZTUyMzAzNWY1YTE1OGQzOWU2YWVmNzcyNWYwNTMzM2ZhMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnltRnlNrwTCnYraVSyNBfdA07Y+f
zQL8lMUTaLhw9sHdw+FuzG8nZctqHGMD51q35zguHVIjszNYpaf9dJbvfaWjGjSO
3JbFBfbNsHEBKCk4a0Qz6bzMiFcYC09C6mEZdi7+jfKuAt4s1CpOy5jqOyl9g0K9
0qUR85Gdz3yZhALXIqrKQvlyrmd1587ZO3Ae/A7BmQAYigf4nJBKc0aX1ZZ1P/OP
KdV2klvHyH8K0n7PpEBSqISFiVI5nnE5c3qEC/eaGaE/KYcCf4cm3r+Ymz9XGXCJ
4EFhJ7hfy56zcOTpykgeVAjbBQ2QMCoV32e05P88la+CM+Kh0CPxWeuc2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBkW5SMDX1oVjTnmrvdyXwUzP6EuMB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYBP9X2Ru
KKThx8UTwBcMIcqticw9kV7okoJVTbIBa6SmhN1QeYs04Jm+w2h6489FIE85S4E0
xQAW41CM5dAqSlNffbmluduMzoJNwb4xawjawtBQ06p5pg5FKTPkksoWG5fPzOmM
9sKr7/MxnweRnzwSL1w02D9j5ZSoI+IOcdrFnInArMoJ+horhmUULDmcO9aJn78k
BvNbjOikAXHLHXcD33YsU5FvGrbWYk76XmNsTAh6nPApe5sQCm//2orWqkiWtTUH
4Qjxuz0PonBm4iRaoURj9Au0pwEAfzV0SaOxxYxAAKNAlXIIRS3rv05htG8cKTds
+LDhpoN/kPpIBw==
-----END CERTIFICATE-----