Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
File:                     OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json)
Hash identifier:          wH7SX4+QZg99/2xKwkTAjQy10eFVSRFiNzoQH0tUG9w=
Subject key identifier:   A3:58:FB:02:BF:F6:BA:08:1F:1A:E2:24:85:22:86:74:4E:8C:F6:38
Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
Certificate issuer:       /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Certificate serial:       0198729840CE7978DF8C1E499C067D8D13DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
Manifest number:          0260
Signing time:             Mon 04 Aug 2025 01:00:36 +0000
Manifest this update:     Mon 04 Aug 2025 01:00:36 +0000
Manifest next update:     Tue 05 Aug 2025 01:00:36 +0000
Files and hashes:         1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: nwO8gR0JDgJ/jDs6BjlBY84PF78xHjrnD9CizrpJBLo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 01:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:98:40:ce:79:78:df:8c:1e:49:9c:06:7d:8d:13:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
        Validity
            Not Before: Aug  4 01:00:36 2025 GMT
            Not After : Aug  5 01:00:36 2025 GMT
        Subject: CN=a358fb02bff6ba081f1ae224852286744e8cf638
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:74:c8:0e:0c:ce:17:ca:96:eb:40:7a:3f:7d:
                    21:44:02:72:7b:9a:32:9d:6d:b5:e1:32:47:d2:8e:
                    23:bf:a2:f3:35:f9:a9:b2:e9:52:12:53:83:70:d4:
                    10:a1:8c:86:7d:a2:03:fe:72:fc:bc:64:6d:cf:9b:
                    b3:9c:8d:ae:1d:04:86:e8:ce:58:d7:2e:72:71:07:
                    8f:12:0d:21:34:3c:0e:c9:5c:a9:4c:4a:7a:c3:04:
                    ff:b5:66:3e:bd:2a:e7:72:6c:e8:13:2e:56:12:92:
                    b8:84:46:a3:3f:1d:41:db:d0:31:21:2d:5a:86:01:
                    14:0c:1f:fc:8b:c0:84:27:9a:22:35:8f:ca:1f:3b:
                    83:63:dd:aa:93:de:3b:28:1a:0f:68:aa:30:e0:a6:
                    71:f6:08:e2:6f:55:9d:67:83:63:fc:13:3e:15:ff:
                    0d:18:22:9a:fa:07:1f:c1:dc:24:f9:32:92:69:3d:
                    cd:ab:8e:27:2c:ba:a8:09:5f:64:f4:22:31:e8:93:
                    eb:bb:76:cc:f1:09:4d:0a:ff:cd:1b:8d:ac:b3:ab:
                    ef:d0:0e:ed:69:bf:a6:1b:7c:6a:19:d7:79:0c:53:
                    b4:7d:c5:cc:34:e4:2b:1b:72:31:92:73:c0:ff:c7:
                    a3:09:a5:3d:be:f2:5d:ef:8a:fb:f5:56:7c:10:d8:
                    e4:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:58:FB:02:BF:F6:BA:08:1F:1A:E2:24:85:22:86:74:4E:8C:F6:38
            X509v3 Authority Key Identifier:
                keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:bd:3e:9a:11:a2:98:98:a0:5e:8c:c5:bd:e2:a5:a4:54:e5:
         1e:10:a4:07:40:89:b6:ed:fc:98:e2:54:43:ac:b0:6e:30:ee:
         22:7b:a7:b5:90:aa:8b:70:42:22:e0:5a:68:1b:cc:b8:e2:01:
         89:82:14:3c:b3:0f:6f:f2:93:73:d1:38:5c:9a:75:00:62:3c:
         51:88:16:6f:d0:1e:77:43:68:7d:d9:2b:04:1c:f7:43:5e:b3:
         93:26:6b:64:31:d7:da:ac:11:42:c7:c4:82:a0:70:09:cf:ff:
         d7:c1:bb:24:73:fa:3e:4b:2e:69:dc:79:a3:72:f6:50:18:1d:
         d5:b7:4c:13:18:2a:b0:e4:cb:0f:04:ec:f2:f3:ed:00:83:ec:
         39:df:ba:93:41:2f:e6:c2:f1:63:f2:bb:d5:bc:11:e1:7d:e0:
         17:37:0c:01:7e:4b:d2:92:8d:ba:a1:b7:ac:5e:12:cf:22:9d:
         3a:0c:9b:c5:bd:e9:87:e2:a4:82:d2:08:8f:ff:34:88:e5:56:
         c9:bb:64:72:3e:98:5d:a3:a8:29:f4:97:6e:7f:1c:23:34:34:
         bf:14:b0:ca:3e:7e:e7:15:04:87:12:2e:61:f7:fb:bd:8e:d2:
         3c:c0:83:b5:02:43:3c:72:5b:40:96:d8:18:b8:df:56:2a:bf:
         e9:68:67:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhymEDOeXjfjB5JnAZ9jRPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw
YjU3YmEwHhcNMjUwODA0MDEwMDM2WhcNMjUwODA1MDEwMDM2WjAzMTEwLwYDVQQD
EyhhMzU4ZmIwMmJmZjZiYTA4MWYxYWUyMjQ4NTIyODY3NDRlOGNmNjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXTIDgzOF8qW60B6P30hRAJye5oy
nW214TJH0o4jv6LzNfmpsulSElODcNQQoYyGfaID/nL8vGRtz5uznI2uHQSG6M5Y
1y5ycQePEg0hNDwOyVypTEp6wwT/tWY+vSrncmzoEy5WEpK4hEajPx1B29AxIS1a
hgEUDB/8i8CEJ5oiNY/KHzuDY92qk947KBoPaKow4KZx9gjib1WdZ4Nj/BM+Ff8N
GCKa+gcfwdwk+TKSaT3Nq44nLLqoCV9k9CIx6JPru3bM8QlNCv/NG42ss6vv0A7t
ab+mG3xqGdd5DFO0fcXMNOQrG3IxknPA/8ejCaU9vvJd74r79VZ8ENjk3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNY+wK/9roIHxriJIUihnROjPY4MB8GA1UdIwQY
MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt
YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz
LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR70+mhGi
mJigXozFveKlpFTlHhCkB0CJtu38mOJUQ6ywbjDuInuntZCqi3BCIuBaaBvMuOIB
iYIUPLMPb/KTc9E4XJp1AGI8UYgWb9Aed0NofdkrBBz3Q16zkyZrZDHX2qwRQsfE
gqBwCc//18G7JHP6Pksuadx5o3L2UBgd1bdMExgqsOTLDwTs8vPtAIPsOd+6k0Ev
5sLxY/K71bwR4X3gFzcMAX5L0pKNuqG3rF4SzyKdOgybxb3ph+KkgtIIj/80iOVW
ybtkcj6YXaOoKfSXbn8cIzQ0vxSwyj5+5xUEhxIuYff7vY7SPMCDtQJDPHJbQJbY
GLjfViq/6Whnfg==
-----END CERTIFICATE-----