Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
File:                     OneLgrqpeIoayvLsNothmB71HfI.mft (raw, json)
Hash identifier:          PHUHYDXTNULb2mUJwdC19PjGMJvkRAEehTYc187Z+K0=
Subject key identifier:   52:B6:26:CF:5D:85:35:D0:FD:5B:C9:76:D0:F2:37:45:46:E6:23:00
Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
Certificate issuer:       /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Certificate serial:       019A006BDE8F7B5B389501FF724DAF365658
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
Manifest number:          16EA
Signing time:             Mon 20 Oct 2025 07:01:00 +0000
Manifest this update:     Mon 20 Oct 2025 07:01:00 +0000
Manifest next update:     Tue 21 Oct 2025 07:01:00 +0000
Files and hashes:         1: OneLgrqpeIoayvLsNothmB71HfI.crl (hash: ctc8/ICDg/lGDusxtDAqNRXMCkw3fL0tR2ZURua4t8I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 07:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:6b:de:8f:7b:5b:38:95:01:ff:72:4d:af:36:56:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
        Validity
            Not Before: Oct 20 07:01:00 2025 GMT
            Not After : Oct 21 07:01:00 2025 GMT
        Subject: CN=52b626cf5d8535d0fd5bc976d0f2374546e62300
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:b5:19:7d:d4:c1:99:2e:9c:c2:19:7b:59:52:
                    81:3f:8d:3b:72:22:f9:84:ad:66:5d:bf:e9:e3:fb:
                    ad:b0:c4:7f:40:ab:68:37:b8:4a:71:32:54:9d:9f:
                    73:ac:8e:1e:dd:dc:36:13:46:0e:a6:58:54:99:fe:
                    d0:85:e7:3d:db:3b:0e:de:6f:3d:d9:d2:e7:9d:74:
                    09:f6:c9:46:38:c9:e4:51:9e:8d:ee:27:da:55:92:
                    0f:e4:f8:dd:e9:83:ab:1d:9a:29:c3:60:ee:a9:2b:
                    cb:d3:fe:fe:96:58:4b:e7:cd:52:1b:2c:7d:7c:bd:
                    e4:36:9a:df:9b:05:51:72:10:cc:c3:6a:03:3c:42:
                    f5:59:80:35:5b:c6:09:a0:7a:95:ad:27:f7:b9:4b:
                    9a:7e:2a:3c:6c:f2:09:ce:ec:80:7e:dc:d1:74:ca:
                    fe:d5:e8:45:6e:5b:51:eb:71:96:ed:b9:36:8f:3f:
                    5a:b6:60:29:12:fb:05:0d:79:ef:f5:34:dc:48:43:
                    1e:53:63:a5:c0:3d:56:f3:38:5b:53:80:53:d3:d9:
                    0f:4e:37:47:1a:64:ab:14:7d:17:1d:1d:ab:9c:d3:
                    66:ca:3d:5c:db:04:2f:d6:12:2e:ec:33:ac:0b:33:
                    ce:81:2e:60:6c:e0:07:19:14:a4:3b:ce:2f:37:20:
                    76:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:B6:26:CF:5D:85:35:D0:FD:5B:C9:76:D0:F2:37:45:46:E6:23:00
            X509v3 Authority Key Identifier:
                keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:85:a9:42:9b:8d:16:7e:61:4e:90:87:c5:bd:68:9e:e8:47:
         6b:1f:a3:f4:e3:ba:e2:c1:04:3e:57:c1:79:76:44:4c:3b:18:
         a3:07:9d:c3:47:06:a6:98:a9:81:88:87:37:84:60:9a:c8:f2:
         fa:47:20:0b:78:4a:94:4c:62:a7:ce:7c:bd:4d:c1:48:a4:00:
         ab:3b:54:1f:da:d9:bf:ce:16:62:02:45:4c:69:37:41:7e:86:
         26:8d:04:a6:f5:8c:c2:c3:0d:c4:4c:b5:60:33:9d:a8:bd:e2:
         cf:78:d5:d3:da:df:ee:95:ee:9d:e2:4b:fa:e5:77:1d:e1:5c:
         6d:34:83:e5:0b:5f:98:36:9b:2a:47:48:f5:8f:8e:f6:e7:ae:
         70:1a:cc:82:95:6b:b8:68:fd:72:6e:5b:cc:11:d0:43:f5:21:
         a3:fe:c6:7d:4b:ba:74:5b:94:a2:84:a5:d8:67:33:47:96:1e:
         ec:b8:3d:a8:04:6b:a1:05:24:6f:f0:1a:8a:b7:1b:8a:f7:29:
         d2:9d:81:5c:13:1c:1a:5d:12:81:1b:31:8f:9c:e3:8f:95:bd:
         25:6c:84:c8:05:b9:31:5d:5a:02:20:ed:ce:d3:fb:f7:cc:3b:
         fe:19:b6:d1:41:6a:3c:65:2f:94:a7:88:8b:d9:f7:67:f8:e7:
         c7:74:5d:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAa96Pe1s4lQH/ck2vNlZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm
NTFkZjIwHhcNMjUxMDIwMDcwMTAwWhcNMjUxMDIxMDcwMTAwWjAzMTEwLwYDVQQD
Eyg1MmI2MjZjZjVkODUzNWQwZmQ1YmM5NzZkMGYyMzc0NTQ2ZTYyMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLUZfdTBmS6cwhl7WVKBP407ciL5
hK1mXb/p4/utsMR/QKtoN7hKcTJUnZ9zrI4e3dw2E0YOplhUmf7Qhec92zsO3m89
2dLnnXQJ9slGOMnkUZ6N7ifaVZIP5Pjd6YOrHZopw2DuqSvL0/7+llhL581SGyx9
fL3kNprfmwVRchDMw2oDPEL1WYA1W8YJoHqVrSf3uUuafio8bPIJzuyAftzRdMr+
1ehFbltR63GW7bk2jz9atmApEvsFDXnv9TTcSEMeU2OlwD1W8zhbU4BT09kPTjdH
GmSrFH0XHR2rnNNmyj1c2wQv1hIu7DOsCzPOgS5gbOAHGRSkO84vNyB2hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFK2Js9dhTXQ/VvJdtDyN0VG5iMAMB8GA1UdIwQY
MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct
MThkMzNiZWI3YzMxLzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx
LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASIWpQpuN
Fn5hTpCHxb1onuhHax+j9OO64sEEPlfBeXZETDsYowedw0cGppipgYiHN4Rgmsjy
+kcgC3hKlExip858vU3BSKQAqztUH9rZv84WYgJFTGk3QX6GJo0EpvWMwsMNxEy1
YDOdqL3iz3jV09rf7pXuneJL+uV3HeFcbTSD5QtfmDabKkdI9Y+O9ueucBrMgpVr
uGj9cm5bzBHQQ/Uho/7GfUu6dFuUooSl2GczR5Ye7Lg9qARroQUkb/Aaircbivcp
0p2BXBMcGl0SgRsxj5zjj5W9JWyEyAW5MV1aAiDtztP798w7/hm20UFqPGUvlKeI
i9n3Z/jnx3RdXw==
-----END CERTIFICATE-----