Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          TqIdY4E0aihgyZOJx47B8oE9sipIOq95reNzPhHSYz8=
Subject key identifier:   E5:B7:A3:61:9F:87:A0:B8:7F:05:79:C7:E1:55:77:B4:C2:F0:82:E7
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       0199FB4596B47E0FF102A36E9ECFEED9463F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0AF1
Signing time:             Sun 19 Oct 2025 07:01:05 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:05 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:05 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: P2th+F/uIFeoeYcKA7osQPg+n6xmfrBKazP3OMrm68g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:96:b4:7e:0f:f1:02:a3:6e:9e:cf:ee:d9:46:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Oct 19 07:01:05 2025 GMT
            Not After : Oct 20 07:01:05 2025 GMT
        Subject: CN=e5b7a3619f87a0b87f0579c7e15577b4c2f082e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:cd:1a:0b:5b:5a:1b:94:84:d0:a1:cb:3f:66:
                    fc:20:3d:0e:3b:73:5a:5a:e7:9c:05:f1:70:38:8b:
                    46:19:fe:dc:3c:f4:c3:bf:03:a6:7d:b5:c7:7b:d3:
                    38:7b:9b:64:84:64:33:9e:ce:23:91:45:e8:0d:9f:
                    75:97:49:db:3f:82:b4:8e:cc:bb:2a:63:4a:76:ca:
                    90:2d:48:66:42:cc:43:1f:b9:14:f4:b4:7b:6b:56:
                    e9:5b:12:3f:3a:da:2c:69:06:89:be:06:8a:54:c4:
                    ca:ec:38:c6:32:5e:3c:7d:2d:aa:0d:8f:d6:c3:f6:
                    e1:b1:f9:8c:55:bd:dc:11:7d:21:c1:4c:24:ff:7a:
                    56:2f:62:d7:ec:2a:37:d5:7d:27:d9:cf:8a:48:14:
                    11:08:01:42:64:aa:6c:23:4d:bc:9f:99:72:b9:e0:
                    fe:62:3c:53:b8:a2:06:20:1a:0a:64:ff:8e:f5:ec:
                    5b:47:e2:d1:10:cb:8d:6a:48:34:11:38:6e:dd:c9:
                    17:89:30:71:72:f1:51:ab:dc:38:cc:02:ea:5d:22:
                    0b:79:cf:84:85:29:20:8d:79:b0:48:08:71:9f:2a:
                    30:33:fb:14:c8:ac:90:64:aa:04:57:4a:36:52:a4:
                    1d:f0:54:43:8a:8b:3a:ed:bc:43:e8:c8:e3:72:03:
                    9e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:B7:A3:61:9F:87:A0:B8:7F:05:79:C7:E1:55:77:B4:C2:F0:82:E7
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:57:be:e0:d2:23:ca:77:88:ce:40:7f:5d:9c:33:21:21:d2:
         17:ad:76:12:a4:e1:57:14:09:6c:c0:e0:fd:86:ee:70:ff:21:
         96:38:fb:45:72:a7:a7:3e:03:d2:42:a2:4c:ce:69:06:a8:b4:
         8a:a6:58:b7:59:58:0a:4f:ef:89:5e:5c:0e:35:ef:f6:60:fc:
         97:60:e2:d0:b6:2f:7a:24:c5:ce:17:74:83:0c:70:31:70:79:
         03:0a:c4:d0:ac:72:83:64:fd:54:1d:14:71:7b:bc:d9:31:c7:
         8a:b1:52:cf:00:7b:20:56:2c:88:aa:e9:e7:39:39:c2:58:0f:
         ad:80:e7:f8:ad:dd:81:58:87:c5:94:3f:16:c7:b7:fc:a4:a9:
         44:a9:91:e2:5c:08:a6:fe:f9:e0:f5:ce:4a:fc:83:40:c3:09:
         0a:a4:a0:ad:a6:e9:3b:cd:d9:e7:63:3d:89:99:98:6c:df:7f:
         16:bf:5c:22:58:81:44:20:1d:0f:46:5e:b2:09:e4:0e:59:87:
         9c:a6:6a:c0:8b:15:56:97:61:d9:c0:96:aa:27:74:fc:2f:62:
         cd:42:79:cb:0b:d1:c0:df:c5:4e:cd:64:b4:ab:ff:94:92:b8:
         01:42:fa:1b:6a:a8:2d:ec:ea:a1:11:04:66:13:33:ec:63:c0:
         b1:ed:8c:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RZa0fg/xAqNuns/u2UY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjUxMDE5MDcwMTA1WhcNMjUxMDIwMDcwMTA1WjAzMTEwLwYDVQQD
EyhlNWI3YTM2MTlmODdhMGI4N2YwNTc5YzdlMTU1NzdiNGMyZjA4MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq80aC1taG5SE0KHLP2b8ID0OO3Na
WuecBfFwOItGGf7cPPTDvwOmfbXHe9M4e5tkhGQzns4jkUXoDZ91l0nbP4K0jsy7
KmNKdsqQLUhmQsxDH7kU9LR7a1bpWxI/OtosaQaJvgaKVMTK7DjGMl48fS2qDY/W
w/bhsfmMVb3cEX0hwUwk/3pWL2LX7Co31X0n2c+KSBQRCAFCZKpsI028n5lyueD+
YjxTuKIGIBoKZP+O9exbR+LREMuNakg0EThu3ckXiTBxcvFRq9w4zALqXSILec+E
hSkgjXmwSAhxnyowM/sUyKyQZKoEV0o2UqQd8FRDios67bxD6MjjcgOe0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOW3o2Gfh6C4fwV5x+FVd7TC8ILnMB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeVe+4NIj
yneIzkB/XZwzISHSF612EqThVxQJbMDg/YbucP8hljj7RXKnpz4D0kKiTM5pBqi0
iqZYt1lYCk/viV5cDjXv9mD8l2Di0LYveiTFzhd0gwxwMXB5AwrE0Kxyg2T9VB0U
cXu82THHirFSzwB7IFYsiKrp5zk5wlgPrYDn+K3dgViHxZQ/Fse3/KSpRKmR4lwI
pv754PXOSvyDQMMJCqSgrabpO83Z52M9iZmYbN9/Fr9cIliBRCAdD0ZesgnkDlmH
nKZqwIsVVpdh2cCWqid0/C9izUJ5ywvRwN/FTs1ktKv/lJK4AUL6G2qoLezqoREE
ZhMz7GPAse2M1w==
-----END CERTIFICATE-----