Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
File:                     O5pBDtUm-GwybZG2KApEGhbAxnY.mft (raw, json)
Hash identifier:          okgeJnOxzupYKQ9MxShokSTzlRUlmqwojpssZPiHUOc=
Subject key identifier:   53:7F:24:2F:39:27:CF:90:32:B2:5A:83:81:2A:46:0E:46:E3:F9:1A
Authority key identifier: 3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76
Certificate issuer:       /CN=3b9a410ed526f86c326d91b6280a441a16c0c676
Certificate serial:       0199FE46F72EB1FE950B823F773A3BFCF867
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
Manifest number:          084D
Signing time:             Sun 19 Oct 2025 21:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:27 +0000
Files and hashes:         1: O5pBDtUm-GwybZG2KApEGhbAxnY.crl (hash: Se6NrFG0Qkv+0gVNGflvax1d/yzm1dcbUYvG898fPDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:46:f7:2e:b1:fe:95:0b:82:3f:77:3a:3b:fc:f8:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b9a410ed526f86c326d91b6280a441a16c0c676
        Validity
            Not Before: Oct 19 21:01:27 2025 GMT
            Not After : Oct 20 21:01:27 2025 GMT
        Subject: CN=537f242f3927cf9032b25a83812a460e46e3f91a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:f4:e1:89:bb:34:6e:03:31:e2:1f:16:9c:5a:
                    45:6a:b5:e7:f4:80:75:ce:49:0c:50:03:73:9b:20:
                    55:4b:ce:9f:dd:44:96:80:30:b0:f8:15:58:34:65:
                    63:e6:74:00:91:76:d8:c2:40:95:43:7e:11:e3:0a:
                    fa:38:4b:57:1c:4b:27:27:47:48:de:23:7d:41:a1:
                    25:53:20:6c:0f:71:e2:74:ff:f2:68:6b:c5:c6:f1:
                    39:fc:63:13:07:87:19:60:03:1e:9b:12:a5:ed:a3:
                    11:05:91:da:4e:8a:d6:1c:85:b9:58:3d:26:1c:7d:
                    3f:da:92:4f:28:eb:8c:87:fb:10:44:1e:ca:ce:0d:
                    2a:0c:58:f2:5d:ed:c2:eb:55:a6:9d:e2:8d:2a:4c:
                    58:ac:62:47:db:fb:bb:27:b3:44:c1:d4:8f:3d:ef:
                    fc:f4:48:17:c4:25:b0:81:58:a0:9b:69:61:cf:7b:
                    72:5f:02:39:6a:4e:56:0c:83:e6:c9:a6:f5:d6:5a:
                    f4:3d:52:1b:09:48:cb:ee:06:0b:41:95:82:47:fa:
                    ff:35:9d:10:e1:60:10:9d:56:6b:a0:8c:55:93:e2:
                    69:25:bd:9d:10:f7:cd:11:c4:de:8d:d0:ae:b9:6b:
                    7b:ce:0c:d4:a0:2e:59:13:a1:05:42:fd:b7:8f:0b:
                    98:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:7F:24:2F:39:27:CF:90:32:B2:5A:83:81:2A:46:0E:46:E3:F9:1A
            X509v3 Authority Key Identifier:
                keyid:3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:27:a4:54:e5:fe:4c:da:f3:46:cc:f5:10:d5:4c:fa:7a:9d:
         bb:6c:cb:ce:83:eb:58:d5:7b:18:f7:59:98:4c:b0:2e:34:1e:
         21:6d:26:23:38:0a:54:c4:60:eb:db:83:c9:ab:e5:ce:12:ad:
         87:62:f5:2d:eb:78:4f:ed:70:ce:eb:8a:74:a0:de:94:5e:a6:
         9e:a0:9d:1e:60:29:8f:14:b7:72:2c:10:b1:69:8c:ab:5c:b1:
         dd:a1:ad:c7:d5:18:7c:e2:13:d2:4d:04:90:09:0a:c2:bc:cb:
         ce:3e:e1:bc:ea:5d:6a:b5:c6:ec:7c:20:48:8d:28:50:fa:24:
         ac:9c:27:3c:83:94:f3:f9:7b:4e:9e:d4:a1:51:db:c8:72:d9:
         9d:20:01:32:d4:29:49:d9:c8:3a:4a:6e:a2:5d:2e:00:c1:aa:
         61:9f:ea:81:c8:59:ed:cc:8a:5d:e1:97:b2:c2:01:8d:34:44:
         90:5f:25:6c:3a:21:d0:ce:9e:95:e0:44:63:d4:c7:5c:7c:9e:
         ad:af:94:3b:4b:dc:1f:09:35:c1:a0:95:3a:a0:77:ba:8e:f9:
         47:f1:a9:35:e2:0d:a7:10:8b:d3:a5:18:b7:39:74:51:86:50:
         1d:8d:85:56:77:ae:9a:aa:b6:b5:6a:a5:7f:fe:a3:dd:e6:26:
         d9:ec:0f:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+Rvcusf6VC4I/dzo7/PhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOWE0MTBlZDUyNmY4NmMzMjZkOTFiNjI4MGE0NDFhMTZj
MGM2NzYwHhcNMjUxMDE5MjEwMTI3WhcNMjUxMDIwMjEwMTI3WjAzMTEwLwYDVQQD
Eyg1MzdmMjQyZjM5MjdjZjkwMzJiMjVhODM4MTJhNDYwZTQ2ZTNmOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPThibs0bgMx4h8WnFpFarXn9IB1
zkkMUANzmyBVS86f3USWgDCw+BVYNGVj5nQAkXbYwkCVQ34R4wr6OEtXHEsnJ0dI
3iN9QaElUyBsD3HidP/yaGvFxvE5/GMTB4cZYAMemxKl7aMRBZHaTorWHIW5WD0m
HH0/2pJPKOuMh/sQRB7Kzg0qDFjyXe3C61WmneKNKkxYrGJH2/u7J7NEwdSPPe/8
9EgXxCWwgVigm2lhz3tyXwI5ak5WDIPmyab11lr0PVIbCUjL7gYLQZWCR/r/NZ0Q
4WAQnVZroIxVk+JpJb2dEPfNEcTejdCuuWt7zgzUoC5ZE6EFQv23jwuY1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFN/JC85J8+QMrJag4EqRg5G4/kaMB8GA1UdIwQY
MBaAFDuaQQ7VJvhsMm2RtigKRBoWwMZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjct
ZGYwYTZkYzI4MmEwLzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjctZGYwYTZkYzI4MmEw
LzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuCekVOX+
TNrzRsz1ENVM+nqdu2zLzoPrWNV7GPdZmEywLjQeIW0mIzgKVMRg69uDyavlzhKt
h2L1Let4T+1wzuuKdKDelF6mnqCdHmApjxS3ciwQsWmMq1yx3aGtx9UYfOIT0k0E
kAkKwrzLzj7hvOpdarXG7HwgSI0oUPokrJwnPIOU8/l7Tp7UoVHbyHLZnSABMtQp
SdnIOkpuol0uAMGqYZ/qgchZ7cyKXeGXssIBjTREkF8lbDoh0M6eleBEY9THXHye
ra+UO0vcHwk1waCVOqB3uo75R/GpNeINpxCL06UYtzl0UYZQHY2FVneumqq2tWql
f/6j3eYm2ewPnQ==
-----END CERTIFICATE-----