Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
File:                     oyHD8vYVgRDoDpLioyIdaVwnp9g.mft (raw, json)
Hash identifier:          o5Y04Ipo9Q/02Znl1UPYKSpjFtbroTja6hJ04q6gvN8=
Subject key identifier:   8C:58:60:B5:02:06:E9:AE:39:DF:F3:84:FD:CF:1E:29:84:7F:E8:18
Authority key identifier: A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8
Certificate issuer:       /CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
Certificate serial:       0198835722B5E802AFF195AEA9078CA1B4EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
Manifest number:          0EC3
Signing time:             Thu 07 Aug 2025 07:03:02 +0000
Manifest this update:     Thu 07 Aug 2025 07:03:02 +0000
Manifest next update:     Fri 08 Aug 2025 07:03:02 +0000
Files and hashes:         1: oyHD8vYVgRDoDpLioyIdaVwnp9g.crl (hash: rZtpiYsxs80B1COYJNTyAL0QJb2NWsmVT8lYYPBZ6jU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 07:03:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:83:57:22:b5:e8:02:af:f1:95:ae:a9:07:8c:a1:b4:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
        Validity
            Not Before: Aug  7 07:03:02 2025 GMT
            Not After : Aug  8 07:03:02 2025 GMT
        Subject: CN=8c5860b50206e9ae39dff384fdcf1e29847fe818
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:6f:55:0a:83:9f:0b:95:f0:7f:b2:16:82:74:
                    cf:e8:fd:17:14:ab:7b:7f:c3:c4:c4:43:eb:be:f0:
                    47:ad:a1:f6:7f:ff:5e:05:b5:a5:72:76:d4:d4:2d:
                    dd:e6:4d:6d:85:1c:4f:2c:25:fd:65:fc:bd:a7:b5:
                    bb:f6:45:28:e2:29:d0:e8:fe:e5:5c:67:74:4b:6e:
                    9f:c6:47:e8:f3:2b:dc:4b:c7:24:c6:25:d0:74:41:
                    34:a0:aa:22:5e:61:54:1e:d7:90:13:3f:af:81:39:
                    41:c0:aa:66:d1:c7:04:eb:97:8a:27:4d:a1:b3:6e:
                    7c:d2:46:7a:bb:f8:87:00:1f:4e:86:cf:79:43:19:
                    36:da:f0:92:f6:3d:30:c7:c5:89:b9:67:6e:ba:c0:
                    24:35:fe:a1:c8:a7:e9:a1:09:75:4c:57:f5:16:df:
                    58:13:e6:31:f9:eb:16:b1:52:c4:99:d2:4f:c6:86:
                    62:ad:d6:e0:92:94:16:6a:f8:0d:c8:e6:b9:08:9c:
                    6e:88:46:db:f2:83:30:81:46:13:d7:d2:38:d9:57:
                    d7:ac:b0:fc:d7:e6:31:60:12:d0:61:4d:1a:6b:9c:
                    bd:b4:90:70:d3:27:e2:b4:a7:d8:19:6f:92:cf:dd:
                    b9:85:e3:ba:d8:2e:d3:b6:91:ff:23:7a:03:69:c5:
                    71:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:58:60:B5:02:06:E9:AE:39:DF:F3:84:FD:CF:1E:29:84:7F:E8:18
            X509v3 Authority Key Identifier:
                keyid:A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:52:eb:9f:d5:82:06:2a:82:a7:6f:c0:a1:33:62:e5:53:02:
         71:04:3e:d1:78:4b:30:a4:25:2e:36:f4:0b:fe:72:3c:3b:60:
         de:02:62:8b:e8:3f:6c:2f:9e:38:53:87:90:4c:79:30:8f:4d:
         e3:73:91:cf:22:44:8f:b1:7e:c8:dd:ac:65:66:e7:12:4e:9d:
         13:71:b2:1b:5b:5d:2a:88:2b:e7:ba:23:0b:25:9f:e2:19:c4:
         ea:7c:77:33:1b:bf:31:f9:9a:84:25:ec:3d:c0:c7:f9:9d:0e:
         2b:fb:5b:b2:f4:17:ac:55:1b:76:82:e9:55:d5:99:fb:a2:c3:
         4c:90:d1:95:59:b4:97:3b:c6:0a:fa:c0:25:c4:43:a0:0a:29:
         48:ba:dd:6c:2f:c1:4f:28:29:f9:9a:54:00:de:f3:cb:de:ec:
         ea:d9:b1:22:4f:d6:51:32:b9:e9:cb:78:cc:a9:86:fc:f2:e1:
         73:cd:dd:0b:10:1b:c3:19:8d:40:51:7e:e6:12:9d:21:c8:af:
         41:1e:36:de:ac:4b:dc:6f:32:d5:71:f4:3f:ea:3e:27:75:32:
         0e:5f:31:8e:a5:42:1f:6e:8a:ac:4e:e1:46:14:9c:d7:7e:b8:
         16:fb:7a:33:cb:89:66:17:37:14:7f:16:06:73:8b:85:9d:8f:
         a2:52:9f:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiDVyK16AKv8ZWuqQeMobTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjFjM2YyZjYxNTgxMTBlODBlOTJlMmEzMjIxZDY5NWMy
N2E3ZDgwHhcNMjUwODA3MDcwMzAyWhcNMjUwODA4MDcwMzAyWjAzMTEwLwYDVQQD
Eyg4YzU4NjBiNTAyMDZlOWFlMzlkZmYzODRmZGNmMWUyOTg0N2ZlODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq29VCoOfC5Xwf7IWgnTP6P0XFKt7
f8PExEPrvvBHraH2f/9eBbWlcnbU1C3d5k1thRxPLCX9Zfy9p7W79kUo4inQ6P7l
XGd0S26fxkfo8yvcS8ckxiXQdEE0oKoiXmFUHteQEz+vgTlBwKpm0ccE65eKJ02h
s2580kZ6u/iHAB9Ohs95Qxk22vCS9j0wx8WJuWduusAkNf6hyKfpoQl1TFf1Ft9Y
E+Yx+esWsVLEmdJPxoZirdbgkpQWavgNyOa5CJxuiEbb8oMwgUYT19I42VfXrLD8
1+YxYBLQYU0aa5y9tJBw0yfitKfYGW+Sz925heO62C7TtpH/I3oDacVx+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxYYLUCBumuOd/zhP3PHimEf+gYMB8GA1UdIwQY
MBaAFKMhw/L2FYEQ6A6S4qMiHWlcJ6fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYt
Y2ZmNDYxZTBkZjM0LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYtY2ZmNDYxZTBkZjM0
LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB1Lrn9WC
BiqCp2/AoTNi5VMCcQQ+0XhLMKQlLjb0C/5yPDtg3gJii+g/bC+eOFOHkEx5MI9N
43ORzyJEj7F+yN2sZWbnEk6dE3GyG1tdKogr57ojCyWf4hnE6nx3Mxu/MfmahCXs
PcDH+Z0OK/tbsvQXrFUbdoLpVdWZ+6LDTJDRlVm0lzvGCvrAJcRDoAopSLrdbC/B
Tygp+ZpUAN7zy97s6tmxIk/WUTK56ct4zKmG/PLhc83dCxAbwxmNQFF+5hKdIciv
QR423qxL3G8y1XH0P+o+J3UyDl8xjqVCH26KrE7hRhSc1364Fvt6M8uJZhc3FH8W
BnOLhZ2PolKfLA==
-----END CERTIFICATE-----