Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
File:                     o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft (raw, json)
Hash identifier:          j6AtlHGVTolzVkhlSE39wj/eYwKikyKQOuc2Y183RJE=
Subject key identifier:   2C:13:BD:11:96:8D:6D:41:01:37:4E:05:D8:24:91:53:35:CF:C2:2D
Authority key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64
Certificate issuer:       /CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
Certificate serial:       0198D4743DEE92DD6D97F9C6FFCC8BD83637
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 01:04:04 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:04 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:04 +0000
Files and hashes:         1: o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl (hash: MsY7aDwceaQQo3/bCtKhMZoHcCu0AGF2IX9hkmnr2nI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:04:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:3d:ee:92:dd:6d:97:f9:c6:ff:cc:8b:d8:36:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
        Validity
            Not Before: Aug 23 01:04:04 2025 GMT
            Not After : Aug 24 01:04:04 2025 GMT
        Subject: CN=2c13bd11968d6d4101374e05d824915335cfc22d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5b:15:e5:c8:bd:2f:53:ef:b7:ca:da:eb:ce:
                    aa:ae:cf:b6:c7:9b:02:a4:8a:6a:a6:12:b9:88:b4:
                    5e:ad:9b:9f:42:26:1e:02:f1:b9:b1:2e:0e:6a:fb:
                    b1:20:4c:f6:83:3a:a6:e5:29:0b:f0:26:95:0c:08:
                    e8:69:da:37:b0:5c:f8:a3:33:a7:f6:fb:43:e3:af:
                    2b:60:3d:b3:73:8f:46:5b:4d:79:8d:c0:e1:df:3c:
                    2e:cd:e2:48:6a:2f:c4:36:f4:c2:18:24:f6:b6:d6:
                    2e:6b:87:8b:50:58:20:4c:78:d4:ba:b6:e9:f6:8b:
                    9c:74:94:80:6b:d7:91:9b:c3:64:01:25:a2:47:9f:
                    ca:6f:99:85:5e:32:e9:e9:7b:43:56:a5:3e:6e:9e:
                    12:36:56:3a:7f:93:38:de:5a:ba:cd:20:e0:56:b7:
                    c3:0c:88:68:6b:db:7b:54:fe:60:69:d5:47:33:05:
                    e4:4a:22:6f:3c:8a:f7:ab:7e:a5:ee:0a:a8:30:76:
                    66:c3:e5:ed:84:e7:8c:63:05:80:fa:11:dc:34:37:
                    2f:c4:30:f3:89:ef:7a:0f:b7:c6:b3:d1:aa:a0:01:
                    a4:2f:c9:f7:a1:91:82:38:50:05:26:75:35:83:71:
                    8a:46:62:b4:b5:80:c1:aa:3f:ca:a6:56:d2:c7:05:
                    5e:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:13:BD:11:96:8D:6D:41:01:37:4E:05:D8:24:91:53:35:CF:C2:2D
            X509v3 Authority Key Identifier:
                keyid:A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:9a:f2:d1:92:d7:89:db:e5:21:6a:65:d6:db:29:3c:e7:af:
         30:50:cb:3c:dd:a9:47:71:38:e9:b8:05:e6:46:55:70:92:e6:
         5d:e7:27:11:ee:79:cf:fb:73:1b:7c:42:44:a3:65:95:ba:3e:
         77:c0:c9:c7:ab:0c:02:8a:2e:70:5e:dc:21:10:ce:38:f3:5e:
         04:36:aa:df:14:13:c2:db:97:c6:ea:01:f0:0d:da:37:d5:54:
         03:f8:d6:1a:db:3d:c0:12:42:3b:60:6a:f0:21:40:57:b3:90:
         da:dc:d6:46:d7:0c:ed:59:20:29:2b:be:0c:1e:7d:fc:14:10:
         ca:3d:69:2e:91:48:d5:a5:39:1c:6f:e6:f9:ee:9b:f2:ae:17:
         18:ee:5d:45:06:de:45:11:e8:af:14:2c:e9:2c:0c:87:b5:20:
         8d:96:81:88:50:d7:60:f7:ab:9c:3f:1b:d0:84:6f:50:04:bd:
         62:e6:cc:04:1c:fe:84:f7:42:b0:9b:c6:c1:7b:1b:06:46:0e:
         51:d1:bf:d0:37:41:ff:75:cb:30:eb:74:0a:a8:d7:fd:eb:7a:
         e1:3e:e7:d0:68:ed:dc:fa:3a:f7:ec:ea:e9:c0:71:ee:4b:65:
         2d:f8:db:7b:86:c7:c7:c7:4a:c5:e8:1a:fb:68:0a:ef:10:3a:
         d1:13:4d:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdD3ukt1tl/nG/8yL2DY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYThjYWY2MjE3Y2ViMTBkZDhjMTQ2Zjk2YjlkNzczZWRk
ODg4NjQwHhcNMjUwODIzMDEwNDA0WhcNMjUwODI0MDEwNDA0WjAzMTEwLwYDVQQD
EygyYzEzYmQxMTk2OGQ2ZDQxMDEzNzRlMDVkODI0OTE1MzM1Y2ZjMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01sV5ci9L1Pvt8ra686qrs+2x5sC
pIpqphK5iLRerZufQiYeAvG5sS4OavuxIEz2gzqm5SkL8CaVDAjoado3sFz4ozOn
9vtD468rYD2zc49GW015jcDh3zwuzeJIai/ENvTCGCT2ttYua4eLUFggTHjUurbp
9oucdJSAa9eRm8NkASWiR5/Kb5mFXjLp6XtDVqU+bp4SNlY6f5M43lq6zSDgVrfD
DIhoa9t7VP5gadVHMwXkSiJvPIr3q36l7gqoMHZmw+XthOeMYwWA+hHcNDcvxDDz
ie96D7fGs9GqoAGkL8n3oZGCOFAFJnU1g3GKRmK0tYDBqj/KplbSxwVeEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwTvRGWjW1BATdOBdgkkVM1z8ItMB8GA1UdIwQY
MBaAFKOoyvYhfOsQ3YwUb5a513Pt2IhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAt
ZTVjYmEyMTM3MzA4LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAtZTVjYmEyMTM3MzA4
LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlpry0ZLX
idvlIWpl1tspPOevMFDLPN2pR3E46bgF5kZVcJLmXecnEe55z/tzG3xCRKNllbo+
d8DJx6sMAooucF7cIRDOOPNeBDaq3xQTwtuXxuoB8A3aN9VUA/jWGts9wBJCO2Bq
8CFAV7OQ2tzWRtcM7VkgKSu+DB59/BQQyj1pLpFI1aU5HG/m+e6b8q4XGO5dRQbe
RRHorxQs6SwMh7UgjZaBiFDXYPernD8b0IRvUAS9YubMBBz+hPdCsJvGwXsbBkYO
UdG/0DdB/3XLMOt0CqjX/et64T7n0Gjt3Po69+zq6cBx7ktlLfjbe4bHx8dKxega
+2gK7xA60RNNmA==
-----END CERTIFICATE-----