Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
File:                     Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft (raw, json)
Hash identifier:          dRap0ZUWjiU8C8P3ZpgmVlmtjqbWLDLqbd/4OgAa3HM=
Subject key identifier:   F5:BB:4E:B5:90:24:70:2E:2C:5F:43:20:D9:62:4C:64:D7:68:67:ED
Authority key identifier: 39:CD:1D:5B:B8:89:58:C6:9C:BD:DE:90:A9:E0:56:B4:8C:4F:AB:F8
Certificate issuer:       /CN=39cd1d5bb88958c69cbdde90a9e056b48c4fabf8
Certificate serial:       0199FFC82C1CA651BA5EDDF2595A33698A90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
Manifest number:          16E1
Signing time:             Mon 20 Oct 2025 04:02:12 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:12 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:12 +0000
Files and hashes:         1: Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl (hash: MGxIp+hSYLLBXQqaKXOI4PQB7uaD+Focj9/9RHBeKVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:2c:1c:a6:51:ba:5e:dd:f2:59:5a:33:69:8a:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39cd1d5bb88958c69cbdde90a9e056b48c4fabf8
        Validity
            Not Before: Oct 20 04:02:12 2025 GMT
            Not After : Oct 21 04:02:12 2025 GMT
        Subject: CN=f5bb4eb59024702e2c5f4320d9624c64d76867ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:45:90:a4:9f:dc:16:27:0f:10:23:0d:3f:b4:
                    91:e3:59:60:c4:01:c6:b4:a6:5a:a8:ce:70:64:46:
                    ba:72:2a:09:2e:1d:bb:1e:9f:64:a2:29:23:4e:03:
                    72:25:ce:14:fc:e1:96:e1:a3:64:a2:03:47:e3:c4:
                    04:d2:e7:ed:57:25:2b:d9:72:7c:7f:a3:db:68:65:
                    25:d7:26:68:eb:46:b6:db:ab:c7:17:61:ee:27:ac:
                    16:e7:67:f3:4c:29:6b:8a:cb:99:cb:7f:5c:71:73:
                    46:13:18:b7:f0:f4:c7:ff:39:89:fa:70:9d:7d:25:
                    f2:80:92:9f:0b:cb:e2:2b:23:4b:e8:d5:18:7c:78:
                    9a:a7:04:76:a5:c3:a9:08:c4:95:f6:a3:9a:c5:a6:
                    6d:92:31:6a:bf:aa:41:ee:14:da:c8:b4:ff:76:90:
                    e6:c9:14:98:ea:c0:a5:fa:ba:46:65:fa:9b:03:1f:
                    44:18:03:4d:ab:74:b9:32:d5:3e:51:f1:d3:17:52:
                    97:fb:eb:82:d3:d1:71:d7:dd:09:2b:0f:49:ff:65:
                    09:fd:f9:85:20:ed:f7:ff:77:15:1c:a3:4e:cc:fb:
                    20:bd:96:e5:b1:d7:35:f6:65:e1:17:e0:a4:ec:45:
                    d1:42:35:ea:af:e3:e1:dc:63:aa:60:a2:42:7f:b0:
                    49:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:BB:4E:B5:90:24:70:2E:2C:5F:43:20:D9:62:4C:64:D7:68:67:ED
            X509v3 Authority Key Identifier:
                keyid:39:CD:1D:5B:B8:89:58:C6:9C:BD:DE:90:A9:E0:56:B4:8C:4F:AB:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oc0dW7iJWMacvd6QqeBWtIxPq_g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/57ac7f-f5c8-40ff-825c-46a85a28e749/1/Oc0dW7iJWMacvd6QqeBWtIxPq_g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:f4:4f:b9:52:3b:78:2e:7d:f8:ae:a8:48:f5:c6:a2:1d:a9:
         7a:68:03:72:9f:23:ae:41:6c:15:cf:be:92:ab:58:6c:85:6c:
         9f:0a:91:60:e6:45:fa:22:cf:35:ec:1d:a8:2d:01:c6:f8:4a:
         7e:91:a9:2f:a2:1d:eb:c5:f1:45:40:4a:fc:cd:bf:3c:f0:c9:
         7e:74:20:5c:10:b4:5a:e4:ea:00:57:d7:36:17:cd:5e:41:61:
         6c:1c:8c:78:2f:76:e2:0b:25:17:fa:19:78:00:c1:0a:bf:b3:
         e0:ad:b2:10:11:55:53:39:19:f4:56:a7:4a:70:78:fa:71:3b:
         dd:ca:b9:4d:b1:a1:1e:51:30:d2:1c:06:39:17:ce:b4:eb:0d:
         8d:1e:62:31:50:f1:44:8c:70:cc:da:25:2b:1f:b2:95:c6:f8:
         58:64:27:6c:e2:3d:75:50:8c:ab:22:58:f2:d2:d6:18:61:38:
         00:33:ad:ed:ae:55:21:c9:63:86:4b:97:e6:5e:d0:fc:28:c1:
         fa:01:2a:35:d2:84:7e:a9:70:dd:72:f5:53:91:c7:c6:e0:64:
         de:a8:55:43:8d:c8:32:7d:a8:56:5c:f5:a0:bc:98:36:d9:17:
         d8:c2:ec:ca:37:ae:82:f8:da:fa:3a:25:89:61:f2:98:ab:6f:
         f4:27:7b:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yCwcplG6Xt3yWVozaYqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Y2QxZDViYjg4OTU4YzY5Y2JkZGU5MGE5ZTA1NmI0OGM0
ZmFiZjgwHhcNMjUxMDIwMDQwMjEyWhcNMjUxMDIxMDQwMjEyWjAzMTEwLwYDVQQD
EyhmNWJiNGViNTkwMjQ3MDJlMmM1ZjQzMjBkOTYyNGM2NGQ3Njg2N2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEWQpJ/cFicPECMNP7SR41lgxAHG
tKZaqM5wZEa6cioJLh27Hp9koikjTgNyJc4U/OGW4aNkogNH48QE0uftVyUr2XJ8
f6PbaGUl1yZo60a226vHF2HuJ6wW52fzTClrisuZy39ccXNGExi38PTH/zmJ+nCd
fSXygJKfC8viKyNL6NUYfHiapwR2pcOpCMSV9qOaxaZtkjFqv6pB7hTayLT/dpDm
yRSY6sCl+rpGZfqbAx9EGANNq3S5MtU+UfHTF1KX++uC09Fx190JKw9J/2UJ/fmF
IO33/3cVHKNOzPsgvZblsdc19mXhF+Ck7EXRQjXqr+Ph3GOqYKJCf7BJrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPW7TrWQJHAuLF9DINliTGTXaGftMB8GA1UdIwQY
MBaAFDnNHVu4iVjGnL3ekKngVrSMT6v4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81N2FjN2YtZjVjOC00MGZmLTgyNWMt
NDZhODVhMjhlNzQ5LzEvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81N2FjN2YtZjVjOC00MGZmLTgyNWMtNDZhODVhMjhlNzQ5
LzEvT2MwZFc3aUpXTWFjdmQ2UXFlQld0SXhQcV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOfRPuVI7
eC59+K6oSPXGoh2pemgDcp8jrkFsFc++kqtYbIVsnwqRYOZF+iLPNewdqC0BxvhK
fpGpL6Id68XxRUBK/M2/PPDJfnQgXBC0WuTqAFfXNhfNXkFhbByMeC924gslF/oZ
eADBCr+z4K2yEBFVUzkZ9FanSnB4+nE73cq5TbGhHlEw0hwGORfOtOsNjR5iMVDx
RIxwzNolKx+ylcb4WGQnbOI9dVCMqyJY8tLWGGE4ADOt7a5VIcljhkuX5l7Q/CjB
+gEqNdKEfqlw3XL1U5HHxuBk3qhVQ43IMn2oVlz1oLyYNtkX2MLsyjeugvja+jol
iWHymKtv9Cd7JQ==
-----END CERTIFICATE-----