Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
File:                     oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json)
Hash identifier:          ftpI2u5DBRnJa+VwSyUKxirhrJoMHNFxjoZYEtm9xTI=
Subject key identifier:   58:84:1A:1B:83:4A:DD:51:F8:2D:0D:19:E2:6E:C0:40:92:2E:04:99
Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB
Certificate issuer:       /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
Certificate serial:       0198D5BC18BAD1A9BFC7EAD36F4E81146A10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
Manifest number:          0569
Signing time:             Sat 23 Aug 2025 07:02:10 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:10 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:10 +0000
Files and hashes:         1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: gky/sXAcQChMSwsaiGW3O44YXiXb8SlTRtm9PnkLsaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:18:ba:d1:a9:bf:c7:ea:d3:6f:4e:81:14:6a:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
        Validity
            Not Before: Aug 23 07:02:10 2025 GMT
            Not After : Aug 24 07:02:10 2025 GMT
        Subject: CN=58841a1b834add51f82d0d19e26ec040922e0499
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:3e:02:2b:88:93:0d:2b:cd:f1:de:ed:87:06:
                    e5:f5:49:03:d1:01:83:4e:c6:8c:1c:85:da:6e:6f:
                    65:92:13:41:00:7d:88:f0:b9:50:63:80:ad:50:f2:
                    2f:51:a9:7f:23:c8:bf:0e:e1:0b:38:eb:bd:66:06:
                    ca:ec:4b:26:87:e6:a4:55:b3:0f:65:5d:2c:2e:d2:
                    5b:f0:8a:59:c5:a0:3f:ea:53:d0:55:20:9a:fd:ad:
                    84:a9:4c:3e:58:24:5a:d8:92:0e:3e:c8:3e:20:27:
                    51:56:74:a4:8b:d8:32:34:b7:3e:cd:6e:f4:f5:ca:
                    e9:18:2e:6d:34:6a:51:79:c0:da:a0:43:69:d0:b6:
                    57:7d:37:df:4c:5a:4d:df:5e:65:aa:cf:22:bf:75:
                    1c:97:0f:40:f5:f4:22:69:74:0a:61:8f:1f:5f:03:
                    42:b4:18:b9:90:58:c3:05:cd:cd:f4:d0:08:b2:18:
                    62:3c:ab:6e:e3:46:ec:e7:42:e3:d7:c1:ed:27:d7:
                    d8:df:b0:45:fe:b4:a5:0a:4b:28:7d:d1:47:ab:1c:
                    07:c2:5d:b4:da:18:ba:f0:96:06:66:29:66:48:36:
                    aa:cd:ae:be:1a:2f:d1:2c:87:75:76:29:63:6f:42:
                    0c:2b:82:d2:63:23:02:0d:1e:25:95:da:14:ed:b0:
                    44:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:84:1A:1B:83:4A:DD:51:F8:2D:0D:19:E2:6E:C0:40:92:2E:04:99
            X509v3 Authority Key Identifier:
                keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:18:65:6c:76:32:8d:01:cf:79:5e:fe:e8:e2:e5:5e:b9:02:
         7a:a8:e7:72:83:11:19:03:db:ec:df:9c:e8:9a:7b:c7:30:e0:
         96:7f:7b:75:f6:82:f2:5e:97:97:f3:b9:10:6e:9f:aa:90:53:
         7d:4c:37:29:9c:1b:7e:0a:a7:95:32:17:53:86:1a:24:83:c5:
         6c:44:de:1b:b3:1c:a6:e1:50:a8:3f:9c:6d:f8:65:00:5a:69:
         d8:43:16:12:09:9b:3a:a1:63:2a:a9:64:7b:7f:66:f7:8c:22:
         98:13:5c:d9:30:ea:88:16:4e:88:1a:ec:2b:b2:16:c2:c2:2e:
         e2:e8:d3:7e:9e:ed:7a:02:c3:54:d2:12:30:b8:99:be:0a:1c:
         8c:8e:19:9b:c4:2b:51:da:2b:6b:68:4a:00:49:50:08:ed:2f:
         a4:e9:7c:c8:35:3b:d0:aa:f7:e9:44:ac:71:08:0c:32:8b:8d:
         ed:88:d0:b1:c5:b0:38:be:a8:0b:a6:6c:60:28:85:22:5a:2b:
         1c:d6:3b:6d:06:50:e3:7c:23:78:fa:c8:80:ba:f6:c7:76:55:
         66:c4:87:c1:b1:f7:80:f9:a9:81:23:b1:18:8d:03:54:45:98:
         0e:27:ce:1d:fb:58:ad:3b:fa:95:43:4d:6f:78:aa:10:f9:2a:
         2b:1d:82:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvBi60am/x+rTb06BFGoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz
OTQzY2IwHhcNMjUwODIzMDcwMjEwWhcNMjUwODI0MDcwMjEwWjAzMTEwLwYDVQQD
Eyg1ODg0MWExYjgzNGFkZDUxZjgyZDBkMTllMjZlYzA0MDkyMmUwNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD4CK4iTDSvN8d7thwbl9UkD0QGD
TsaMHIXabm9lkhNBAH2I8LlQY4CtUPIvUal/I8i/DuELOOu9ZgbK7Esmh+akVbMP
ZV0sLtJb8IpZxaA/6lPQVSCa/a2EqUw+WCRa2JIOPsg+ICdRVnSki9gyNLc+zW70
9crpGC5tNGpRecDaoENp0LZXfTffTFpN315lqs8iv3Uclw9A9fQiaXQKYY8fXwNC
tBi5kFjDBc3N9NAIshhiPKtu40bs50Lj18HtJ9fY37BF/rSlCksofdFHqxwHwl20
2hi68JYGZilmSDaqza6+Gi/RLId1diljb0IMK4LSYyMCDR4lldoU7bBETQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiEGhuDSt1R+C0NGeJuwECSLgSZMB8GA1UdIwQY
MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt
NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl
LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFBhlbHYy
jQHPeV7+6OLlXrkCeqjncoMRGQPb7N+c6Jp7xzDgln97dfaC8l6Xl/O5EG6fqpBT
fUw3KZwbfgqnlTIXU4YaJIPFbETeG7McpuFQqD+cbfhlAFpp2EMWEgmbOqFjKqlk
e39m94wimBNc2TDqiBZOiBrsK7IWwsIu4ujTfp7tegLDVNISMLiZvgocjI4Zm8Qr
Udora2hKAElQCO0vpOl8yDU70Kr36USscQgMMouN7YjQscWwOL6oC6ZsYCiFIlor
HNY7bQZQ43wjePrIgLr2x3ZVZsSHwbH3gPmpgSOxGI0DVEWYDifOHftYrTv6lUNN
b3iqEPkqKx2Cpg==
-----END CERTIFICATE-----