Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft
File:                     oVJWhcluMm8grjcpwDD0T9FJmwU.mft (raw, json)
Hash identifier:          RI4Io38sGOfHVyptJ8ofW9vCrozKrf6Oyy13mdnG7oM=
Subject key identifier:   70:4C:EE:34:93:67:F7:28:31:B0:CC:98:04:75:0C:D2:56:F7:AA:F2
Authority key identifier: A1:52:56:85:C9:6E:32:6F:20:AE:37:29:C0:30:F4:4F:D1:49:9B:05
Certificate issuer:       /CN=a1525685c96e326f20ae3729c030f44fd1499b05
Certificate serial:       01987FE6583BFAA452EE89F861D4D5C5FC32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft
Manifest number:          0829
Signing time:             Wed 06 Aug 2025 15:00:58 +0000
Manifest this update:     Wed 06 Aug 2025 15:00:58 +0000
Manifest next update:     Thu 07 Aug 2025 15:00:58 +0000
Files and hashes:         1: oVJWhcluMm8grjcpwDD0T9FJmwU.crl (hash: ShFhV7vM894wNgMXesTR//nWN9eXnY7P7Z4SR8Xum/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7f:e6:58:3b:fa:a4:52:ee:89:f8:61:d4:d5:c5:fc:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1525685c96e326f20ae3729c030f44fd1499b05
        Validity
            Not Before: Aug  6 15:00:58 2025 GMT
            Not After : Aug  7 15:00:58 2025 GMT
        Subject: CN=704cee349367f72831b0cc9804750cd256f7aaf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:72:cf:dd:00:db:7d:29:84:78:c7:45:7a:0c:
                    fa:b4:b2:c6:cb:b3:10:0c:2c:9b:5c:da:78:fc:82:
                    01:d6:2e:d0:64:5b:ab:5b:0c:2a:41:a5:d2:24:7b:
                    a6:82:79:0d:cf:55:d4:55:cf:64:3e:bb:cc:e4:83:
                    8d:99:20:13:ab:f6:e4:3f:91:a1:71:04:16:7a:0d:
                    27:91:8e:2b:c1:d6:51:f1:06:f9:25:3f:e6:6c:05:
                    f3:4d:b5:58:a2:d9:af:49:d5:a3:ce:9c:d5:68:9d:
                    dd:6a:b4:fa:ac:31:2d:dd:81:28:1f:13:82:d1:79:
                    7c:c1:8b:7b:6d:8e:0f:05:5f:71:81:e9:88:6d:e2:
                    af:33:cf:07:e7:64:9f:76:21:cb:19:e6:4e:84:06:
                    c2:88:a4:50:ac:ae:50:35:6e:ec:f5:67:2f:9f:63:
                    f0:d1:41:88:76:c2:bb:fe:b7:36:6d:e0:cf:fa:aa:
                    36:38:75:31:12:c3:fd:86:08:7c:f8:7a:3a:bc:ae:
                    85:0e:31:6d:8a:7a:e9:4c:ad:a5:ec:96:a0:a6:e9:
                    b2:6b:08:3c:76:8d:c7:bc:0c:86:8d:e3:85:83:56:
                    8f:4b:0a:3e:da:37:36:3f:2d:8d:d3:c1:cc:0a:5f:
                    46:1a:36:51:1d:36:c8:33:69:15:48:b6:e4:35:d5:
                    d5:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:4C:EE:34:93:67:F7:28:31:B0:CC:98:04:75:0C:D2:56:F7:AA:F2
            X509v3 Authority Key Identifier:
                keyid:A1:52:56:85:C9:6E:32:6F:20:AE:37:29:C0:30:F4:4F:D1:49:9B:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:39:e2:3b:55:23:3d:68:d9:48:5e:e5:d1:58:18:72:b9:9b:
         c6:a2:70:4f:ff:b0:94:2a:5f:51:3c:cc:d2:ea:5a:f9:5a:d8:
         b9:04:ad:c6:ca:af:56:12:0b:63:18:ec:24:30:f1:ed:7b:a5:
         da:96:72:e6:82:fd:70:4b:6d:12:f9:ba:93:84:d6:8b:02:78:
         16:1e:c4:b3:e2:ba:9b:d2:df:d8:87:3b:f7:76:29:5a:87:23:
         94:bb:eb:95:a6:89:4b:dc:07:f6:a1:46:06:a9:10:50:83:25:
         a3:4f:ae:f2:9f:50:08:ea:69:76:bd:eb:97:c7:e1:b0:39:aa:
         a3:c5:c3:aa:13:72:f6:0c:a6:d8:6c:c9:5f:73:62:32:19:f4:
         01:5a:1e:34:d4:68:22:00:fe:19:67:be:3b:15:1a:54:fd:83:
         4b:f0:73:81:7e:39:c0:78:67:08:79:d1:d8:7e:0b:ca:db:70:
         87:78:3d:7a:68:65:a5:19:b3:3e:f9:3b:e0:34:62:42:b9:0b:
         77:bf:51:cf:31:c2:a9:e5:49:53:ca:c9:f3:2e:38:5d:5f:79:
         1e:87:af:d1:35:41:a9:79:b3:1f:65:e7:77:06:65:b7:7f:0b:
         b4:67:70:fb:05:9c:42:96:19:c2:a8:4c:96:d2:ca:a8:eb:be:
         a1:77:52:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh/5lg7+qRS7on4YdTVxfwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTI1Njg1Yzk2ZTMyNmYyMGFlMzcyOWMwMzBmNDRmZDE0
OTliMDUwHhcNMjUwODA2MTUwMDU4WhcNMjUwODA3MTUwMDU4WjAzMTEwLwYDVQQD
Eyg3MDRjZWUzNDkzNjdmNzI4MzFiMGNjOTgwNDc1MGNkMjU2ZjdhYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXLP3QDbfSmEeMdFegz6tLLGy7MQ
DCybXNp4/IIB1i7QZFurWwwqQaXSJHumgnkNz1XUVc9kPrvM5IONmSATq/bkP5Gh
cQQWeg0nkY4rwdZR8Qb5JT/mbAXzTbVYotmvSdWjzpzVaJ3darT6rDEt3YEoHxOC
0Xl8wYt7bY4PBV9xgemIbeKvM88H52SfdiHLGeZOhAbCiKRQrK5QNW7s9Wcvn2Pw
0UGIdsK7/rc2beDP+qo2OHUxEsP9hgh8+Ho6vK6FDjFtinrpTK2l7Jagpumyawg8
do3HvAyGjeOFg1aPSwo+2jc2Py2N08HMCl9GGjZRHTbIM2kVSLbkNdXVJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBM7jSTZ/coMbDMmAR1DNJW96ryMB8GA1UdIwQY
MBaAFKFSVoXJbjJvIK43KcAw9E/RSZsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lMmNjOGItODYwNi00ZjI1LTkyZDAt
NDQzNzFiMWNjNzJmLzEvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9lMmNjOGItODYwNi00ZjI1LTkyZDAtNDQzNzFiMWNjNzJm
LzEvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADTniO1Uj
PWjZSF7l0VgYcrmbxqJwT/+wlCpfUTzM0upa+VrYuQStxsqvVhILYxjsJDDx7Xul
2pZy5oL9cEttEvm6k4TWiwJ4Fh7Es+K6m9Lf2Ic793YpWocjlLvrlaaJS9wH9qFG
BqkQUIMlo0+u8p9QCOppdr3rl8fhsDmqo8XDqhNy9gym2GzJX3NiMhn0AVoeNNRo
IgD+GWe+OxUaVP2DS/BzgX45wHhnCHnR2H4Lyttwh3g9emhlpRmzPvk74DRiQrkL
d79RzzHCqeVJU8rJ8y44XV95Hoev0TVBqXmzH2XndwZlt38LtGdw+wWcQpYZwqhM
ltLKqOu+oXdSkA==
-----END CERTIFICATE-----