Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          x0gcMjaOqXGD/FGJG8xaDU78MVb8nPPKe7aAyNtnr9E=
Subject key identifier:   AA:68:37:68:EF:F3:23:61:CB:17:09:06:5E:7F:BF:01:5C:FB:05:5E
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       01989713177027C570B427AF905ABC2091D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          1625
Signing time:             Mon 11 Aug 2025 03:01:07 +0000
Manifest this update:     Mon 11 Aug 2025 03:01:07 +0000
Manifest next update:     Tue 12 Aug 2025 03:01:07 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: e/GdI0RgXJH/7JvvsYWtmKgtdZB/u6q52qt+NNzc2Po=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:13:17:70:27:c5:70:b4:27:af:90:5a:bc:20:91:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Aug 11 03:01:07 2025 GMT
            Not After : Aug 12 03:01:07 2025 GMT
        Subject: CN=aa683768eff32361cb1709065e7fbf015cfb055e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:69:af:43:dd:26:6d:cb:2c:4d:fc:dd:b7:cb:
                    c8:3e:16:eb:d8:d3:9b:72:7b:20:ac:ba:65:aa:ba:
                    07:f1:68:46:cb:64:3f:5e:1a:bb:41:67:1e:3f:a2:
                    2d:0e:55:91:20:e7:31:22:65:de:c1:33:a6:c5:67:
                    01:00:34:01:4b:92:94:0e:da:58:ff:9c:8a:55:e5:
                    3e:79:0f:18:a3:f6:2b:4f:e1:59:51:c5:f8:0e:2e:
                    61:d7:a8:7f:98:55:86:b5:b9:08:e1:29:c0:3e:ed:
                    11:f5:64:4e:19:f2:16:bf:2e:d2:e9:4d:24:96:01:
                    8f:e3:c8:d6:82:36:cd:5c:ff:a4:48:61:d3:5f:39:
                    6c:19:34:8d:6b:31:63:20:ee:5b:6b:13:9c:52:25:
                    20:08:49:d6:8a:7c:77:d4:dd:55:8f:21:41:7a:a4:
                    e5:e9:22:91:3c:aa:a5:a6:18:13:53:f6:71:0d:e4:
                    c7:5e:be:8c:9c:52:67:56:a3:13:76:1c:bd:25:a0:
                    f9:69:31:a1:32:28:c5:a8:c9:a7:48:44:ff:60:a1:
                    5e:fb:36:d3:3b:87:d9:55:5f:07:e4:fd:db:46:72:
                    9e:4b:cd:0d:38:70:19:b3:b4:0a:20:16:90:e7:c1:
                    c5:63:e1:13:cc:6b:2e:be:4b:44:a7:32:3b:c8:b3:
                    65:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:68:37:68:EF:F3:23:61:CB:17:09:06:5E:7F:BF:01:5C:FB:05:5E
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:65:86:50:69:14:9e:4c:94:4f:51:d7:19:2b:64:68:1d:d9:
         69:20:e4:70:60:ed:df:53:d6:7d:6e:bd:11:97:70:72:ba:18:
         52:95:1b:da:7c:7d:71:45:43:bf:4f:cc:ee:0a:d1:05:b9:ef:
         1c:36:73:22:f9:ae:26:76:fb:00:7c:41:7d:ee:99:8d:f9:96:
         ef:79:2d:e7:df:71:81:ea:12:2a:bb:7f:cb:82:3e:24:73:eb:
         c7:b4:a4:5d:76:82:50:a4:cf:44:04:47:bc:d7:0c:24:dd:cb:
         8d:57:44:8b:67:f7:6e:aa:cf:b4:f3:c3:e9:e2:78:42:49:fc:
         06:df:5a:dd:87:aa:14:62:35:32:36:cc:10:37:a8:71:b1:f9:
         f2:82:4e:69:2d:fc:d5:6c:81:46:85:85:9d:42:61:41:b7:0a:
         f1:65:0b:97:3b:fc:2a:a1:9a:eb:21:e0:a6:9b:bd:28:70:ea:
         63:d9:08:49:46:69:c0:5a:b2:e9:79:6c:a1:9f:15:eb:af:cc:
         cb:ed:db:de:2b:b4:38:f7:45:fd:6f:ea:7b:24:94:27:d5:4c:
         da:16:a2:0a:94:ce:60:b0:ac:bb:e7:ae:37:bf:a8:32:d0:a3:
         2f:b9:c1:f8:4d:04:b4:ca:0c:d1:b9:5b:0c:94:d3:cd:16:03:
         9f:34:8d:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXExdwJ8VwtCevkFq8IJHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjUwODExMDMwMTA3WhcNMjUwODEyMDMwMTA3WjAzMTEwLwYDVQQD
EyhhYTY4Mzc2OGVmZjMyMzYxY2IxNzA5MDY1ZTdmYmYwMTVjZmIwNTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2mvQ90mbcssTfzdt8vIPhbr2NOb
cnsgrLplqroH8WhGy2Q/Xhq7QWceP6ItDlWRIOcxImXewTOmxWcBADQBS5KUDtpY
/5yKVeU+eQ8Yo/YrT+FZUcX4Di5h16h/mFWGtbkI4SnAPu0R9WROGfIWvy7S6U0k
lgGP48jWgjbNXP+kSGHTXzlsGTSNazFjIO5baxOcUiUgCEnWinx31N1VjyFBeqTl
6SKRPKqlphgTU/ZxDeTHXr6MnFJnVqMTdhy9JaD5aTGhMijFqMmnSET/YKFe+zbT
O4fZVV8H5P3bRnKeS80NOHAZs7QKIBaQ58HFY+ETzGsuvktEpzI7yLNlwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpoN2jv8yNhyxcJBl5/vwFc+wVeMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArGWGUGkU
nkyUT1HXGStkaB3ZaSDkcGDt31PWfW69EZdwcroYUpUb2nx9cUVDv0/M7grRBbnv
HDZzIvmuJnb7AHxBfe6ZjfmW73kt599xgeoSKrt/y4I+JHPrx7SkXXaCUKTPRARH
vNcMJN3LjVdEi2f3bqrPtPPD6eJ4Qkn8Bt9a3YeqFGI1MjbMEDeocbH58oJOaS38
1WyBRoWFnUJhQbcK8WULlzv8KqGa6yHgppu9KHDqY9kISUZpwFqy6XlsoZ8V66/M
y+3b3iu0OPdF/W/qeySUJ9VM2haiCpTOYLCsu+euN7+oMtCjL7nB+E0EtMoM0blb
DJTTzRYDnzSNgg==
-----END CERTIFICATE-----