Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          BDdL8gBKLP8grkPB9Es1/e9wOMFvfhxBF/iuqvfxBws=
Subject key identifier:   6C:8A:21:32:D8:86:2E:07:74:A8:06:5B:1E:82:84:FC:E2:64:97:04
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       0198D54EA76F0E14E81E37C1EE6490798999
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          05C5
Signing time:             Sat 23 Aug 2025 05:02:38 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:38 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:38 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: XlAKAamJj5mKqBEZP3Zod6CTKIFgnfyv+7IGGQBc+jo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:a7:6f:0e:14:e8:1e:37:c1:ee:64:90:79:89:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Aug 23 05:02:38 2025 GMT
            Not After : Aug 24 05:02:38 2025 GMT
        Subject: CN=6c8a2132d8862e0774a8065b1e8284fce2649704
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:04:44:4f:53:5d:f9:b5:9b:8d:41:c1:bc:f1:
                    3b:de:f6:dc:6f:56:09:47:74:ae:2d:80:66:08:9d:
                    6d:ce:fb:36:60:6a:b7:d5:2e:32:eb:f5:7a:b2:c1:
                    d9:25:7d:be:ec:66:76:e8:40:b4:31:d9:5c:a2:3a:
                    45:d9:5b:24:f9:0f:cb:3e:df:26:9f:03:2f:32:ab:
                    57:0b:1b:dc:55:89:17:0d:e8:86:8e:92:87:31:5a:
                    f6:31:37:04:f3:67:a3:fb:90:07:65:97:2f:b8:7d:
                    a2:e6:1e:47:ec:b6:00:c5:3e:d3:29:33:04:df:58:
                    25:34:15:6c:a9:27:36:b1:b0:83:d2:30:9e:2c:d1:
                    a5:e6:3d:13:73:fb:16:b8:ec:88:02:46:af:4a:47:
                    bf:07:c3:a6:fc:d0:13:92:69:1a:9a:5a:2d:aa:4b:
                    c9:02:50:a7:08:d7:e4:d0:42:8d:77:c3:6c:e4:f1:
                    9f:e7:8d:6b:1b:0d:7d:73:7a:5a:27:65:98:00:f4:
                    1f:af:a7:19:48:fc:9e:7c:45:2b:3e:90:e7:89:35:
                    56:66:73:4d:50:a5:b0:92:c7:b0:07:62:36:b3:c5:
                    b8:0c:28:39:65:6f:08:ed:37:b4:c2:d4:85:77:9e:
                    ae:5d:1d:07:66:0e:f2:81:2c:7f:f3:64:09:71:fd:
                    84:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:8A:21:32:D8:86:2E:07:74:A8:06:5B:1E:82:84:FC:E2:64:97:04
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:9c:2e:99:71:fb:6b:5d:a7:d4:dc:66:06:ba:1e:86:ca:65:
         7a:3c:9e:19:5a:24:0a:a5:b7:e1:33:c9:9b:9b:cd:58:d1:72:
         bd:df:90:6b:8e:1b:63:f2:65:d7:0e:77:c4:eb:87:ee:be:73:
         a7:de:99:da:00:5b:23:32:b3:e2:7d:d0:88:1b:e7:cb:ad:31:
         e6:97:63:96:4d:b5:6e:ad:ec:fe:76:37:5e:22:7f:5e:d8:94:
         b7:2c:30:19:18:fd:07:3b:61:b5:17:6c:20:e3:fa:3c:1f:52:
         54:9c:a9:c7:81:c9:3e:2f:bd:e4:c2:21:5e:7b:e1:a0:0a:5e:
         41:f9:4f:56:b7:1f:74:36:50:65:9f:11:6b:8e:03:ca:56:5c:
         c7:c7:15:f3:47:26:0a:14:ac:0d:ab:2e:92:60:cd:79:3f:b0:
         8a:b1:4d:56:06:a3:44:a0:37:7f:fb:a9:87:0b:d2:47:83:90:
         d1:93:13:88:9d:a7:e8:b6:f0:f2:b2:57:ef:89:f0:a3:18:d5:
         b3:00:3f:e8:a8:04:47:3a:7c:a8:8b:72:e0:ff:7d:42:9b:8d:
         92:bf:10:15:ae:9a:96:06:5f:c5:d4:72:ad:03:05:84:97:a8:
         0c:d8:06:f0:0e:a2:b7:51:ea:91:26:5f:c8:fd:b0:ea:59:3f:
         a3:54:e9:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTqdvDhToHjfB7mSQeYmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjUwODIzMDUwMjM4WhcNMjUwODI0MDUwMjM4WjAzMTEwLwYDVQQD
Eyg2YzhhMjEzMmQ4ODYyZTA3NzRhODA2NWIxZTgyODRmY2UyNjQ5NzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQRET1Nd+bWbjUHBvPE73vbcb1YJ
R3SuLYBmCJ1tzvs2YGq31S4y6/V6ssHZJX2+7GZ26EC0MdlcojpF2Vsk+Q/LPt8m
nwMvMqtXCxvcVYkXDeiGjpKHMVr2MTcE82ej+5AHZZcvuH2i5h5H7LYAxT7TKTME
31glNBVsqSc2sbCD0jCeLNGl5j0Tc/sWuOyIAkavSke/B8Om/NATkmkamlotqkvJ
AlCnCNfk0EKNd8Ns5PGf541rGw19c3paJ2WYAPQfr6cZSPyefEUrPpDniTVWZnNN
UKWwksewB2I2s8W4DCg5ZW8I7Te0wtSFd56uXR0HZg7ygSx/82QJcf2EmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyKITLYhi4HdKgGWx6ChPziZJcEMB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOpwumXH7
a12n1NxmBroehsplejyeGVokCqW34TPJm5vNWNFyvd+Qa44bY/Jl1w53xOuH7r5z
p96Z2gBbIzKz4n3QiBvny60x5pdjlk21bq3s/nY3XiJ/XtiUtywwGRj9BzthtRds
IOP6PB9SVJypx4HJPi+95MIhXnvhoApeQflPVrcfdDZQZZ8Ra44DylZcx8cV80cm
ChSsDasukmDNeT+wirFNVgajRKA3f/uphwvSR4OQ0ZMTiJ2n6Lbw8rJX74nwoxjV
swA/6KgERzp8qIty4P99QpuNkr8QFa6algZfxdRyrQMFhJeoDNgG8A6it1HqkSZf
yP2w6lk/o1TpVw==
-----END CERTIFICATE-----