Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
File:                     Os5p2XnZoNxneVEGweVayhVHCH8.mft (raw, json)
Hash identifier:          xca7uVRneZYsNqbHd4rDqI1twTT4w7DqhwDJhoNVZoI=
Subject key identifier:   AC:17:DC:04:8E:75:96:2E:3E:90:A3:25:04:18:E8:BF:97:DF:E3:42
Authority key identifier: 3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F
Certificate issuer:       /CN=3ace69d979d9a0dc67795106c1e55aca1547087f
Certificate serial:       01989F03678C8EC805D9886E653FDCC22191
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
Manifest number:          1627
Signing time:             Tue 12 Aug 2025 16:00:57 +0000
Manifest this update:     Tue 12 Aug 2025 16:00:57 +0000
Manifest next update:     Wed 13 Aug 2025 16:00:57 +0000
Files and hashes:         1: Os5p2XnZoNxneVEGweVayhVHCH8.crl (hash: 3uBdhKWb3nf/8JDMK/+9dHck+2BG8HSsvkjlFsR7DWE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:24:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:03:67:8c:8e:c8:05:d9:88:6e:65:3f:dc:c2:21:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ace69d979d9a0dc67795106c1e55aca1547087f
        Validity
            Not Before: Aug 12 16:00:57 2025 GMT
            Not After : Aug 13 16:00:57 2025 GMT
        Subject: CN=ac17dc048e75962e3e90a3250418e8bf97dfe342
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:36:e0:f4:fa:91:cf:32:c7:25:a8:35:bd:5e:
                    63:a3:94:4d:de:ee:a9:41:ab:7f:ca:04:39:c2:06:
                    5c:86:b2:75:38:dc:84:d6:d1:8a:81:3e:56:fc:fb:
                    62:3d:d0:fc:28:1c:46:ce:54:8e:c4:d7:d3:34:64:
                    5f:0f:30:d0:38:a3:bb:fe:63:a0:b8:04:e2:4d:b0:
                    03:64:bf:33:04:8d:86:f9:d0:ae:f5:b2:47:00:52:
                    9a:12:49:cc:68:4b:7a:10:a1:34:e6:6c:34:74:ee:
                    92:6d:24:c9:32:51:80:00:41:21:3c:26:fd:40:18:
                    15:f4:08:6d:c0:ec:0d:f9:17:a7:01:06:4d:ae:6d:
                    d2:90:1c:78:88:0c:01:48:99:43:1e:88:63:b1:c7:
                    3e:0f:a6:0d:2b:e7:76:87:5e:8f:3b:9e:e6:e4:59:
                    99:60:a2:9f:87:c9:c9:6e:04:1f:ca:da:08:c5:78:
                    5a:31:a7:1c:f5:95:3c:4d:14:17:20:b3:a1:c4:28:
                    e9:b6:20:61:4d:74:d5:f3:7d:38:1e:7e:c4:dc:ef:
                    a1:23:17:3a:23:4e:4f:b0:95:2d:e7:8a:c6:3a:6b:
                    b9:df:b1:d4:fd:e1:cf:ce:e6:9b:32:b5:4b:e6:ad:
                    64:ff:ab:fe:ff:7c:80:eb:bc:3f:3a:b8:39:11:eb:
                    d3:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:17:DC:04:8E:75:96:2E:3E:90:A3:25:04:18:E8:BF:97:DF:E3:42
            X509v3 Authority Key Identifier:
                keyid:3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:0e:9f:ba:15:6c:9f:84:9c:7c:97:aa:26:1a:51:fe:0c:39:
         d6:bc:6b:57:76:bb:a2:75:78:b6:da:bf:f5:36:65:aa:e8:69:
         bd:88:b4:4c:53:2c:d5:b6:ef:57:4c:c8:d2:89:f8:20:a9:97:
         f7:6b:f1:ee:ef:aa:d0:f1:c7:67:29:02:4a:da:60:01:9b:03:
         7e:3f:a2:fe:06:c5:94:5a:6f:1a:f3:f9:82:c8:1c:e8:31:79:
         1f:49:e7:e7:ff:02:4d:49:72:80:84:41:03:d8:07:27:55:26:
         cf:ec:69:8f:40:e7:d8:5d:05:a4:68:8a:55:83:a3:df:43:6b:
         0a:40:70:f5:f7:15:2c:c8:1d:33:fe:b5:b9:7e:fd:23:79:14:
         55:61:a5:57:1c:62:aa:fe:61:ac:ef:8f:14:ab:dc:b3:2c:1c:
         44:0a:3e:6b:01:5c:f3:57:73:af:30:70:cd:f7:92:c2:12:9f:
         e7:d8:5d:c8:2a:03:be:e5:5c:22:de:12:d7:12:0e:df:b1:ef:
         f8:91:4c:84:25:30:b3:6f:03:c5:8b:39:79:7b:47:b8:c6:42:
         7f:ce:01:6e:3e:06:74:51:6a:99:7b:40:90:21:13:ec:a5:50:
         10:8f:58:e0:7d:00:9b:7b:f7:64:f9:39:9f:66:2e:cf:2c:3e:
         2b:80:61:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifA2eMjsgF2YhuZT/cwiGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2U2OWQ5NzlkOWEwZGM2Nzc5NTEwNmMxZTU1YWNhMTU0
NzA4N2YwHhcNMjUwODEyMTYwMDU3WhcNMjUwODEzMTYwMDU3WjAzMTEwLwYDVQQD
EyhhYzE3ZGMwNDhlNzU5NjJlM2U5MGEzMjUwNDE4ZThiZjk3ZGZlMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Tbg9PqRzzLHJag1vV5jo5RN3u6p
Qat/ygQ5wgZchrJ1ONyE1tGKgT5W/PtiPdD8KBxGzlSOxNfTNGRfDzDQOKO7/mOg
uATiTbADZL8zBI2G+dCu9bJHAFKaEknMaEt6EKE05mw0dO6SbSTJMlGAAEEhPCb9
QBgV9AhtwOwN+RenAQZNrm3SkBx4iAwBSJlDHohjscc+D6YNK+d2h16PO57m5FmZ
YKKfh8nJbgQfytoIxXhaMacc9ZU8TRQXILOhxCjptiBhTXTV8304Hn7E3O+hIxc6
I05PsJUt54rGOmu537HU/eHPzuabMrVL5q1k/6v+/3yA67w/Org5EevTzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwX3ASOdZYuPpCjJQQY6L+X3+NCMB8GA1UdIwQY
MBaAFDrOadl52aDcZ3lRBsHlWsoVRwh/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEt
YTk3NzVhYThkODEyLzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEtYTk3NzVhYThkODEy
LzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArA6fuhVs
n4ScfJeqJhpR/gw51rxrV3a7onV4ttq/9TZlquhpvYi0TFMs1bbvV0zI0on4IKmX
92vx7u+q0PHHZykCStpgAZsDfj+i/gbFlFpvGvP5gsgc6DF5H0nn5/8CTUlygIRB
A9gHJ1Umz+xpj0Dn2F0FpGiKVYOj30NrCkBw9fcVLMgdM/61uX79I3kUVWGlVxxi
qv5hrO+PFKvcsywcRAo+awFc81dzrzBwzfeSwhKf59hdyCoDvuVcIt4S1xIO37Hv
+JFMhCUws28DxYs5eXtHuMZCf84Bbj4GdFFqmXtAkCET7KVQEI9Y4H0Am3v3ZPk5
n2Yuzyw+K4BhFA==
-----END CERTIFICATE-----