Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          y2ZgmpJwVSScG1yZl5JK0Z1taGg+O0GGWFO8cU93mIU=
Subject key identifier:   ED:50:A0:C1:5B:A3:F4:17:34:34:DA:A8:02:EA:36:5C:A0:AA:08:F9
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       0199FEB47B7A8A7FA614D932622F99202F46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          065F
Signing time:             Sun 19 Oct 2025 23:01:04 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:04 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:04 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: Ee9RRZVNFpOBlbY5rRkcaUoCpV0lRclFR4Y59Npx/gM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b4:7b:7a:8a:7f:a6:14:d9:32:62:2f:99:20:2f:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Oct 19 23:01:04 2025 GMT
            Not After : Oct 20 23:01:04 2025 GMT
        Subject: CN=ed50a0c15ba3f4173434daa802ea365ca0aa08f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:02:a1:d4:dc:21:bc:e6:f8:21:f3:e7:4d:e1:
                    38:15:81:e9:35:e7:b6:6c:47:54:93:75:83:51:08:
                    fe:25:a9:2d:ef:b3:9b:73:87:0f:14:0e:bf:18:32:
                    17:d9:34:73:d0:c8:66:ab:23:29:42:1d:14:ca:1c:
                    20:08:59:f4:79:49:7c:2f:95:b6:81:90:ff:f9:e0:
                    9d:6c:47:78:48:f5:e0:d8:06:63:0f:d6:d1:26:db:
                    68:9a:d5:b3:a8:f2:e2:d9:9d:49:fb:b7:b0:d1:c9:
                    87:c0:ed:ac:0c:ae:3f:e0:73:2a:64:6c:f3:a9:30:
                    fc:cc:28:49:01:5e:30:86:3c:ab:73:ec:5a:cd:91:
                    b2:83:4b:dc:f4:42:86:8a:df:62:9a:6d:74:11:1b:
                    35:94:f3:44:c5:06:c2:16:09:cd:6c:81:cb:26:db:
                    98:42:20:90:af:c4:b1:d9:1f:d6:f3:6d:f4:7c:aa:
                    2a:66:d5:16:7c:f3:f9:1a:26:61:e5:fb:c0:25:f5:
                    26:48:00:d2:0e:c8:2a:a7:ce:62:7c:1f:71:6e:14:
                    36:ad:8e:81:5a:b1:6e:2c:26:38:5e:22:a4:5f:5e:
                    4b:bb:80:04:99:c3:f4:b4:5a:9f:9f:8c:1f:93:18:
                    d5:ae:fb:29:e9:1d:7e:8d:a1:c1:6e:d9:4c:60:52:
                    cd:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:50:A0:C1:5B:A3:F4:17:34:34:DA:A8:02:EA:36:5C:A0:AA:08:F9
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:40:45:c0:a5:8b:57:da:9f:03:8d:d5:e0:13:48:c1:54:c0:
         c1:6c:02:52:09:ec:a1:a0:2d:93:c5:ba:f9:d4:1a:04:f1:e9:
         d9:3d:c7:14:77:60:e9:41:9f:5a:74:4f:c0:b3:19:65:76:d7:
         83:5a:31:c3:83:6d:72:f0:34:1c:ed:e7:e2:06:53:9a:2f:65:
         69:c0:ac:8f:73:05:08:86:bc:fe:22:ef:a3:1d:62:aa:aa:8c:
         e0:b0:ad:91:2a:b7:b7:d8:45:29:52:9d:65:e6:1a:11:d2:38:
         cd:f8:d9:2f:1e:ff:8e:36:ae:5a:1c:99:78:12:6f:90:0c:02:
         64:34:3c:f1:cb:d1:d4:df:b1:84:31:9c:49:7b:71:a6:c6:b1:
         7f:da:8a:6f:8b:fc:87:34:92:ab:3c:9f:f4:21:6b:1e:28:72:
         ec:f5:fe:6d:63:e8:ff:87:dd:0d:90:0e:c9:4e:db:84:d4:3d:
         ca:eb:03:e1:5f:6e:1c:2a:bd:fe:d7:1c:f3:16:0b:91:1a:00:
         ad:e0:23:80:1d:8f:c3:b5:cb:b3:d4:30:d4:9a:11:c4:b3:3c:
         33:4d:19:74:ee:64:45:ea:18:cd:ec:01:b4:c6:3f:7c:5c:3f:
         58:91:a4:e1:b0:98:1a:e6:53:f3:9f:a2:a9:a9:0d:de:f3:b1:
         95:45:e5:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tHt6in+mFNkyYi+ZIC9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjUxMDE5MjMwMTA0WhcNMjUxMDIwMjMwMTA0WjAzMTEwLwYDVQQD
EyhlZDUwYTBjMTViYTNmNDE3MzQzNGRhYTgwMmVhMzY1Y2EwYWEwOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgKh1NwhvOb4IfPnTeE4FYHpNee2
bEdUk3WDUQj+Jakt77Obc4cPFA6/GDIX2TRz0MhmqyMpQh0UyhwgCFn0eUl8L5W2
gZD/+eCdbEd4SPXg2AZjD9bRJttomtWzqPLi2Z1J+7ew0cmHwO2sDK4/4HMqZGzz
qTD8zChJAV4whjyrc+xazZGyg0vc9EKGit9imm10ERs1lPNExQbCFgnNbIHLJtuY
QiCQr8Sx2R/W8230fKoqZtUWfPP5GiZh5fvAJfUmSADSDsgqp85ifB9xbhQ2rY6B
WrFuLCY4XiKkX15Lu4AEmcP0tFqfn4wfkxjVrvsp6R1+jaHBbtlMYFLNRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1QoMFbo/QXNDTaqALqNlygqgj5MB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZUBFwKWL
V9qfA43V4BNIwVTAwWwCUgnsoaAtk8W6+dQaBPHp2T3HFHdg6UGfWnRPwLMZZXbX
g1oxw4NtcvA0HO3n4gZTmi9lacCsj3MFCIa8/iLvox1iqqqM4LCtkSq3t9hFKVKd
ZeYaEdI4zfjZLx7/jjauWhyZeBJvkAwCZDQ88cvR1N+xhDGcSXtxpsaxf9qKb4v8
hzSSqzyf9CFrHihy7PX+bWPo/4fdDZAOyU7bhNQ9yusD4V9uHCq9/tcc8xYLkRoA
reAjgB2Pw7XLs9Qw1JoRxLM8M00ZdO5kReoYzewBtMY/fFw/WJGk4bCYGuZT85+i
qakN3vOxlUXlsQ==
-----END CERTIFICATE-----