Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File:                     Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier:          cTevZ6oAptRSlwabXrCUFG7e4eJsAuqYtAYzFvWY5Yw=
Subject key identifier:   FB:5F:CA:4F:CF:4A:72:B7:96:35:44:80:25:31:7A:21:12:38:E9:F5
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer:       /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial:       01987C09845CCE8593FE6FEA1698CBF5A7C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number:          1618
Signing time:             Tue 05 Aug 2025 21:00:55 +0000
Manifest this update:     Tue 05 Aug 2025 21:00:55 +0000
Manifest next update:     Wed 06 Aug 2025 21:00:55 +0000
Files and hashes:         1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: O2Ns2JaG72DYjKx8ItxmUpIAkTkYJ5Fin+RED+pYMbs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 21:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7c:09:84:5c:ce:85:93:fe:6f:ea:16:98:cb:f5:a7:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
        Validity
            Not Before: Aug  5 21:00:55 2025 GMT
            Not After : Aug  6 21:00:55 2025 GMT
        Subject: CN=fb5fca4fcf4a72b79635448025317a211238e9f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:eb:4c:b4:66:93:25:01:2c:ff:c2:ae:c3:30:
                    ac:ef:17:9f:f8:92:0d:67:13:d7:dc:98:7b:5f:89:
                    5a:70:1a:6c:6a:f4:76:60:9c:7a:73:dd:fa:c5:c3:
                    63:91:50:6d:8e:b6:0a:8c:a3:d5:b7:da:65:e4:a0:
                    af:9d:ad:41:27:53:46:8e:23:c6:d6:79:33:9b:35:
                    cf:99:84:4a:96:e4:4d:21:2e:42:87:fa:8c:5d:c8:
                    46:fb:23:57:cb:c7:1e:20:bd:c2:19:f6:6e:7c:78:
                    9e:93:22:13:73:85:51:56:1a:73:99:9d:fb:6b:d6:
                    04:4e:05:c9:c7:34:91:4e:8f:4d:f3:ea:63:0c:46:
                    d6:81:20:28:29:15:c0:d7:8c:e8:5e:c0:20:72:a6:
                    6b:46:91:69:7c:a6:0d:a4:be:8d:72:86:8e:a0:d8:
                    ee:d2:a6:46:51:92:1b:44:2b:34:c6:d0:f8:93:01:
                    69:6b:80:42:cb:db:7b:7c:03:db:a0:37:a3:c0:cd:
                    ee:94:ad:49:43:08:d8:92:a2:d5:96:6a:2b:d4:d3:
                    0e:f0:bd:1d:f0:8c:d3:b7:2d:e0:a1:0f:b2:c7:3e:
                    48:ca:d6:67:4e:45:bf:f4:4a:1f:79:cf:84:e5:0f:
                    72:a9:32:c9:05:7e:87:de:78:6e:ff:a7:57:26:82:
                    5c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:5F:CA:4F:CF:4A:72:B7:96:35:44:80:25:31:7A:21:12:38:E9:F5
            X509v3 Authority Key Identifier:
                keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:0f:f4:ad:3c:5c:c9:4a:38:26:4e:c1:0d:de:8e:61:27:13:
         27:a2:86:5b:13:c7:50:d0:f6:3e:39:c0:5e:e5:b6:a5:c7:76:
         95:bd:2a:7a:f7:37:b9:ae:a1:16:f3:07:e7:7a:e2:44:87:79:
         6f:f4:0c:7c:98:fb:35:d6:75:b8:ab:a2:10:5c:56:32:ab:bf:
         ad:2a:d3:e4:c8:6c:02:36:f5:ce:a5:b5:36:2c:5f:03:74:94:
         0b:ce:8c:0c:ec:0c:50:9f:2f:58:3a:21:8e:80:46:4a:25:d9:
         57:90:e1:8a:6c:9b:c3:95:6a:82:e4:0f:02:da:a4:ed:68:69:
         6a:ed:75:61:44:94:23:e9:fe:aa:85:dc:c8:bf:62:fe:98:bc:
         08:7a:ea:60:ce:40:a1:c7:ae:92:2d:67:2d:ee:90:3c:c6:cf:
         61:45:40:77:6b:fa:8e:55:34:0d:e8:cc:cf:8f:99:c9:b7:25:
         b5:81:aa:e5:70:5c:10:d6:66:f4:8f:e5:86:5a:e3:e1:12:cc:
         a8:cc:a1:68:71:be:df:f7:80:89:70:c3:f4:5e:89:29:92:da:
         db:3e:4f:db:0b:44:2e:6b:a7:5c:e5:0d:12:61:08:6d:8a:0e:
         63:16:e0:5d:24:29:f1:79:f1:11:ea:b0:8d:fc:7f:1f:df:8e:
         d8:4e:cd:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh8CYRczoWT/m/qFpjL9afHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjUwODA1MjEwMDU1WhcNMjUwODA2MjEwMDU1WjAzMTEwLwYDVQQD
EyhmYjVmY2E0ZmNmNGE3MmI3OTYzNTQ0ODAyNTMxN2EyMTEyMzhlOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+etMtGaTJQEs/8KuwzCs7xef+JIN
ZxPX3Jh7X4lacBpsavR2YJx6c936xcNjkVBtjrYKjKPVt9pl5KCvna1BJ1NGjiPG
1nkzmzXPmYRKluRNIS5Ch/qMXchG+yNXy8ceIL3CGfZufHiekyITc4VRVhpzmZ37
a9YETgXJxzSRTo9N8+pjDEbWgSAoKRXA14zoXsAgcqZrRpFpfKYNpL6NcoaOoNju
0qZGUZIbRCs0xtD4kwFpa4BCy9t7fAPboDejwM3ulK1JQwjYkqLVlmor1NMO8L0d
8IzTty3goQ+yxz5IytZnTkW/9Eofec+E5Q9yqTLJBX6H3nhu/6dXJoJcjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtfyk/PSnK3ljVEgCUxeiESOOn1MB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACA/0rTxc
yUo4Jk7BDd6OYScTJ6KGWxPHUND2PjnAXuW2pcd2lb0qevc3ua6hFvMH53riRId5
b/QMfJj7NdZ1uKuiEFxWMqu/rSrT5MhsAjb1zqW1NixfA3SUC86MDOwMUJ8vWDoh
joBGSiXZV5Dhimybw5VqguQPAtqk7Whpau11YUSUI+n+qoXcyL9i/pi8CHrqYM5A
oceuki1nLe6QPMbPYUVAd2v6jlU0DejMz4+ZybcltYGq5XBcENZm9I/lhlrj4RLM
qMyhaHG+3/eAiXDD9F6JKZLa2z5P2wtELmunXOUNEmEIbYoOYxbgXSQp8XnxEeqw
jfx/H9+O2E7NeA==
-----END CERTIFICATE-----