Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
File:                     OoLcXHHOpyxlsCahJnifOIZXC6Y.mft (raw, json)
Hash identifier:          ipx6WdAndlrzILJeew3qdaV2i07AofCp+MEe8rkWjmE=
Subject key identifier:   E8:C9:CE:DE:21:5D:DB:CD:16:EC:9C:9F:28:DC:73:68:22:36:62:2E
Authority key identifier: 3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6
Certificate issuer:       /CN=3a82dc5c71cea72c65b026a126789f3886570ba6
Certificate serial:       0198D660C40A66D450D33387F4FB71F8148F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:02:02 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:02 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:02 +0000
Files and hashes:         1: OoLcXHHOpyxlsCahJnifOIZXC6Y.crl (hash: I/A6EilkrvuCR4d+couWRCB4eXPLfRvYGS9FN/W37uA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:c4:0a:66:d4:50:d3:33:87:f4:fb:71:f8:14:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a82dc5c71cea72c65b026a126789f3886570ba6
        Validity
            Not Before: Aug 23 10:02:02 2025 GMT
            Not After : Aug 24 10:02:02 2025 GMT
        Subject: CN=e8c9cede215ddbcd16ec9c9f28dc73682236622e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d2:7d:bc:c5:a8:ef:f3:b7:d7:c2:0c:3f:78:
                    96:8f:4e:77:99:4a:ed:aa:50:ba:05:b1:ba:aa:c0:
                    d4:9b:69:28:39:fb:2b:47:b3:cc:9f:5d:6d:37:55:
                    1b:9a:8c:15:f1:9b:64:69:dc:a3:f1:56:a7:99:28:
                    1f:bf:eb:52:31:25:a3:38:0f:e9:de:c3:77:ff:2f:
                    b7:35:6a:d7:14:02:ca:95:40:a1:a5:06:93:cc:32:
                    cb:1e:95:dc:a5:b1:f9:0f:28:bf:7d:10:fa:a8:68:
                    fe:26:c4:e1:2d:fa:7c:f4:7b:b7:c9:7e:f3:1e:a2:
                    64:93:5c:b1:07:ed:db:7e:2b:f3:63:9c:a6:cc:bd:
                    76:f7:c9:c0:82:c1:62:ca:dc:9f:f3:2c:d5:34:4d:
                    28:25:b6:cb:c8:67:fd:16:c6:95:05:1c:f0:bf:c4:
                    0a:95:f8:ba:d4:35:e1:f6:a4:8e:32:3f:bc:d4:db:
                    a3:d4:ec:dc:7e:7d:a0:e1:23:ec:cb:9f:94:b4:81:
                    54:3b:b2:d4:b6:f4:8f:dd:df:20:34:cf:1b:8a:fb:
                    75:1b:2b:88:ad:26:cb:d1:07:7a:94:0d:33:3f:f1:
                    3a:50:df:9d:1f:24:a7:5d:90:78:76:22:b4:d1:c6:
                    d4:58:83:ca:5b:4e:10:0c:94:97:d6:24:9f:78:ab:
                    9a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:C9:CE:DE:21:5D:DB:CD:16:EC:9C:9F:28:DC:73:68:22:36:62:2E
            X509v3 Authority Key Identifier:
                keyid:3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:7a:51:15:af:fd:91:bd:4e:d6:36:a0:3b:aa:3a:f8:91:66:
         31:25:44:ea:d7:02:f3:25:03:ea:41:fa:94:db:e3:53:63:6c:
         9c:9c:cd:52:bb:d6:ab:1a:99:98:d4:b4:77:48:3c:9c:00:53:
         dc:17:fa:33:3f:4c:45:da:4f:2f:bb:0e:10:1a:98:21:b2:95:
         1a:f4:f3:5b:a5:b8:c3:42:8f:73:c9:22:12:1f:cd:6b:65:c7:
         c7:6a:f6:2f:14:4f:1a:c3:d9:53:c0:15:b6:92:08:40:57:74:
         29:40:0b:c1:bd:d0:7a:34:f2:3d:47:af:5b:19:ca:51:fb:00:
         3d:10:e2:b3:b2:42:84:70:5d:d6:78:07:70:a8:dd:c6:de:f4:
         c7:0c:7e:4d:9c:0a:f0:7b:06:5c:3d:84:14:e2:38:50:e9:c2:
         e5:12:00:d6:c4:0b:00:fd:0d:cd:67:d8:86:17:7d:f1:ea:6f:
         00:83:ea:1a:4c:31:9a:91:29:6f:b8:7d:b7:56:22:6e:8c:a5:
         01:9c:37:8b:53:13:dc:ec:46:a1:b1:90:a3:97:96:b2:c3:f3:
         37:6f:ed:fd:0b:4d:a6:4e:53:9c:49:68:32:e3:c9:3b:0e:82:
         d4:35:1f:b7:80:88:94:75:a5:57:ea:02:04:3f:fb:9a:3b:6d:
         e7:db:e0:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYMQKZtRQ0zOH9Ptx+BSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODJkYzVjNzFjZWE3MmM2NWIwMjZhMTI2Nzg5ZjM4ODY1
NzBiYTYwHhcNMjUwODIzMTAwMjAyWhcNMjUwODI0MTAwMjAyWjAzMTEwLwYDVQQD
EyhlOGM5Y2VkZTIxNWRkYmNkMTZlYzljOWYyOGRjNzM2ODIyMzY2MjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNJ9vMWo7/O318IMP3iWj053mUrt
qlC6BbG6qsDUm2koOfsrR7PMn11tN1UbmowV8Ztkadyj8VanmSgfv+tSMSWjOA/p
3sN3/y+3NWrXFALKlUChpQaTzDLLHpXcpbH5Dyi/fRD6qGj+JsThLfp89Hu3yX7z
HqJkk1yxB+3bfivzY5ymzL1298nAgsFiytyf8yzVNE0oJbbLyGf9FsaVBRzwv8QK
lfi61DXh9qSOMj+81Nuj1Ozcfn2g4SPsy5+UtIFUO7LUtvSP3d8gNM8bivt1GyuI
rSbL0Qd6lA0zP/E6UN+dHySnXZB4diK00cbUWIPKW04QDJSX1iSfeKuagQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjJzt4hXdvNFuycnyjcc2giNmIuMB8GA1UdIwQY
MBaAFDqC3FxxzqcsZbAmoSZ4nziGVwumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDIt
ZGMxZmFiNDM5ZTMwLzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDItZGMxZmFiNDM5ZTMw
LzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWHpRFa/9
kb1O1jagO6o6+JFmMSVE6tcC8yUD6kH6lNvjU2NsnJzNUrvWqxqZmNS0d0g8nABT
3Bf6Mz9MRdpPL7sOEBqYIbKVGvTzW6W4w0KPc8kiEh/Na2XHx2r2LxRPGsPZU8AV
tpIIQFd0KUALwb3QejTyPUevWxnKUfsAPRDis7JChHBd1ngHcKjdxt70xwx+TZwK
8HsGXD2EFOI4UOnC5RIA1sQLAP0NzWfYhhd98epvAIPqGkwxmpEpb7h9t1Yiboyl
AZw3i1MT3OxGobGQo5eWssPzN2/t/QtNpk5TnEloMuPJOw6C1DUft4CIlHWlV+oC
BD/7mjtt59vgfg==
-----END CERTIFICATE-----