Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          pDiGkoZwtj9qTDoZsKWmtJgl0cMiUKP/GsdZy73hTvA=
Subject key identifier:   53:5A:58:0D:EF:D4:AE:EF:6C:8C:FC:17:3D:4C:C9:0C:60:9F:36:64
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       0198D4724702DD888BFD351557A51E34E23C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0633
Signing time:             Sat 23 Aug 2025 01:01:55 +0000
Manifest this update:     Sat 23 Aug 2025 01:01:55 +0000
Manifest next update:     Sun 24 Aug 2025 01:01:55 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: FxMF56R15Zv8VFFynVEyiY1NP8yQlX1q+iJqEbm5hh8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:47:02:dd:88:8b:fd:35:15:57:a5:1e:34:e2:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Aug 23 01:01:55 2025 GMT
            Not After : Aug 24 01:01:55 2025 GMT
        Subject: CN=535a580defd4aeef6c8cfc173d4cc90c609f3664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:30:b0:33:c4:e3:ed:69:08:ff:bb:18:45:0d:
                    bc:2a:2d:61:f9:f3:ba:d6:2b:ec:da:29:89:fb:26:
                    ba:b5:6a:94:77:f5:01:e4:01:b8:fd:99:9c:da:d7:
                    82:e0:b0:c7:0f:26:e7:65:b6:49:4d:58:38:d1:0b:
                    7b:60:10:65:47:73:f1:c6:cb:0b:a3:6d:1c:e0:2d:
                    e4:be:62:71:d8:6e:bc:aa:3e:36:95:c7:ca:17:c3:
                    b4:f3:f0:3f:bc:a7:52:cf:88:59:c0:f8:a9:65:63:
                    8d:d3:4b:b9:dd:a2:70:c3:50:89:76:de:83:ac:2a:
                    f4:6b:70:9e:fc:0a:46:91:a3:3c:e9:fa:79:56:c0:
                    0a:8d:54:e8:dd:96:61:14:47:ab:b9:d2:ba:2e:61:
                    b8:43:6b:24:2f:1a:60:d6:7a:ae:8f:b1:dc:ef:62:
                    cf:41:d0:41:2b:6c:46:3c:ba:80:ee:64:6c:0a:9b:
                    26:30:33:4a:68:56:42:84:51:d0:3e:50:1a:19:d9:
                    ce:0d:de:2e:44:9f:bc:70:5e:e9:d3:31:88:42:59:
                    ff:1e:08:15:e8:14:6c:8f:7c:5b:18:70:2e:52:8c:
                    80:3d:0c:5c:72:33:00:a0:86:2f:1d:dd:e7:ed:86:
                    a6:f9:ec:15:63:f8:47:96:d0:af:a2:12:6c:4d:96:
                    00:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:5A:58:0D:EF:D4:AE:EF:6C:8C:FC:17:3D:4C:C9:0C:60:9F:36:64
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:57:da:9a:58:8c:2f:9c:0c:6f:af:94:4b:29:88:fc:ca:77:
         2d:c9:b6:af:e8:57:f8:99:60:f6:e2:52:3c:4a:11:9b:76:c4:
         4b:f1:f3:ac:3f:2d:c2:ad:8c:2b:c9:a4:15:a6:99:b5:60:11:
         ce:a1:0d:5f:c1:b3:9f:c6:f7:77:af:a7:27:ac:cb:0a:66:d6:
         c6:ba:5e:30:50:0c:00:5d:e3:04:e2:22:55:27:49:20:10:17:
         ce:76:6b:6c:f6:f8:3a:bf:67:ba:cf:77:90:d0:53:7c:13:34:
         0e:a0:f0:99:66:ba:24:c8:13:84:6f:0c:b5:32:d8:da:79:31:
         34:cf:b2:3c:6e:4d:14:cc:c0:e5:0f:a3:42:5b:8f:25:ef:bf:
         9f:8c:43:2c:14:c7:34:ad:d5:ba:f3:96:2f:f0:3c:64:89:82:
         74:f7:0e:1a:f2:55:70:06:05:93:ba:b8:b3:67:33:66:51:47:
         00:72:df:13:94:0c:93:be:0a:a6:56:91:a2:af:25:75:72:49:
         d0:20:44:d9:7f:2f:65:9e:6b:0e:9d:d1:14:84:ae:81:e2:3c:
         79:9d:b1:fc:46:38:8f:cc:69:6e:3d:d9:9c:88:1d:db:44:d5:
         12:25:15:fd:05:25:7b:a0:f1:f6:37:4c:8d:3e:0a:a4:54:da:
         ec:eb:e0:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUckcC3YiL/TUVV6UeNOI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwODIzMDEwMTU1WhcNMjUwODI0MDEwMTU1WjAzMTEwLwYDVQQD
Eyg1MzVhNTgwZGVmZDRhZWVmNmM4Y2ZjMTczZDRjYzkwYzYwOWYzNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDCwM8Tj7WkI/7sYRQ28Ki1h+fO6
1ivs2imJ+ya6tWqUd/UB5AG4/Zmc2teC4LDHDybnZbZJTVg40Qt7YBBlR3PxxssL
o20c4C3kvmJx2G68qj42lcfKF8O08/A/vKdSz4hZwPipZWON00u53aJww1CJdt6D
rCr0a3Ce/ApGkaM86fp5VsAKjVTo3ZZhFEerudK6LmG4Q2skLxpg1nquj7Hc72LP
QdBBK2xGPLqA7mRsCpsmMDNKaFZChFHQPlAaGdnODd4uRJ+8cF7p0zGIQln/HggV
6BRsj3xbGHAuUoyAPQxccjMAoIYvHd3n7Yam+ewVY/hHltCvohJsTZYA6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFNaWA3v1K7vbIz8Fz1MyQxgnzZkMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARVfamliM
L5wMb6+USymI/Mp3Lcm2r+hX+Jlg9uJSPEoRm3bES/HzrD8twq2MK8mkFaaZtWAR
zqENX8Gzn8b3d6+nJ6zLCmbWxrpeMFAMAF3jBOIiVSdJIBAXznZrbPb4Or9nus93
kNBTfBM0DqDwmWa6JMgThG8MtTLY2nkxNM+yPG5NFMzA5Q+jQluPJe+/n4xDLBTH
NK3VuvOWL/A8ZImCdPcOGvJVcAYFk7q4s2czZlFHAHLfE5QMk74KplaRoq8ldXJJ
0CBE2X8vZZ5rDp3RFISugeI8eZ2x/EY4j8xpbj3ZnIgd20TVEiUV/QUle6Dx9jdM
jT4KpFTa7OvgXQ==
-----END CERTIFICATE-----