Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          TdoRqjecYfIEVpaOAXlJ3EMoO0Iq/ov6GiEDpgibEoc=
Subject key identifier:   35:4E:D9:A5:47:74:4D:7D:8F:E7:50:1A:B9:EB:91:7E:3F:B8:DB:A4
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       0198A04D8F2A7951E287D0F5C8E72C507060
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          1327
Signing time:             Tue 12 Aug 2025 22:01:33 +0000
Manifest this update:     Tue 12 Aug 2025 22:01:33 +0000
Manifest next update:     Wed 13 Aug 2025 22:01:33 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: fwqZQS5vE/DcDAtru3LTw9vfujbqJClD0V+plwOZeAg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4d:8f:2a:79:51:e2:87:d0:f5:c8:e7:2c:50:70:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Aug 12 22:01:33 2025 GMT
            Not After : Aug 13 22:01:33 2025 GMT
        Subject: CN=354ed9a547744d7d8fe7501ab9eb917e3fb8dba4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:17:09:df:c1:ff:f6:06:a3:b4:c8:8f:83:78:
                    4e:6b:6c:b3:d1:fe:34:a3:07:d6:d6:bd:3d:92:60:
                    de:2c:20:71:63:de:d4:b4:ac:4c:cf:9c:9e:df:69:
                    b8:d3:d3:2e:fd:50:76:55:1f:57:d0:5a:bd:fe:6d:
                    c7:7c:54:04:d0:2a:e6:29:ad:c3:23:d3:cb:50:6c:
                    aa:29:15:7f:5f:65:1f:cf:2d:2c:ed:73:c4:9f:39:
                    87:fe:02:d3:2e:4b:26:68:1c:33:f3:fd:4b:cc:d1:
                    73:cd:bf:4a:52:f7:42:f0:70:26:7c:8a:6a:03:60:
                    69:5f:f4:a5:94:a6:eb:8b:19:ca:88:14:fd:62:29:
                    95:8a:41:07:83:bc:7d:8e:05:7a:90:74:5f:0b:a9:
                    63:38:bc:89:91:76:18:be:da:ee:26:1a:c4:cb:08:
                    ac:a2:f9:3c:7c:a6:91:87:94:cd:51:1c:de:12:16:
                    72:d1:6f:f4:d1:48:66:21:27:a5:0b:ef:21:77:ba:
                    8e:02:85:97:15:68:d7:ac:34:90:16:9f:1a:49:b4:
                    cf:ab:b5:8c:88:ea:75:7c:86:73:76:73:e1:d1:a3:
                    67:c1:34:43:75:03:89:ea:05:e7:91:df:2e:14:d0:
                    4b:23:b9:59:ce:46:28:73:0c:59:26:85:55:cd:95:
                    c4:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:4E:D9:A5:47:74:4D:7D:8F:E7:50:1A:B9:EB:91:7E:3F:B8:DB:A4
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:85:e0:a6:9d:09:f6:92:02:e9:26:0d:52:4a:14:33:67:0c:
         3b:a3:0a:23:a7:67:de:3c:b3:81:1c:39:2a:97:34:ce:9f:55:
         fb:cf:8f:a7:8c:db:22:b7:a2:fd:a1:5b:af:d7:87:59:16:e5:
         81:0a:e6:bd:cf:14:6b:12:70:11:83:44:22:91:c2:80:af:d7:
         eb:d8:1c:11:61:2e:40:ec:73:89:10:61:59:61:f0:a1:9c:66:
         74:71:3e:15:52:fa:63:c3:1a:c2:5c:0c:66:c3:98:2c:f8:8e:
         c7:25:7d:5d:b2:30:25:7f:e1:97:f3:e4:d8:41:c5:c6:e0:79:
         0f:16:31:1b:3e:d5:35:fa:dc:3c:2a:9a:bb:72:92:09:ba:65:
         a0:09:39:c4:d0:60:e5:47:c2:bc:03:59:24:c8:de:09:c7:06:
         5c:3a:b3:ad:95:70:d5:10:ce:a1:30:e4:ea:fd:5d:0f:bb:c2:
         4f:85:fb:2b:39:fe:c3:4e:59:9f:3e:a0:33:6b:6b:12:f3:c9:
         de:86:9e:8a:e0:5f:3c:0c:a6:76:d1:f9:46:0f:9d:c2:e8:0c:
         82:a2:f5:fd:7a:7b:28:70:77:98:5b:74:45:6d:98:27:d0:3b:
         d1:21:63:b6:d5:5a:61:85:b9:fd:d6:db:3f:2c:d1:7e:57:a3:
         24:b1:f5:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTY8qeVHih9D1yOcsUHBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjUwODEyMjIwMTMzWhcNMjUwODEzMjIwMTMzWjAzMTEwLwYDVQQD
EygzNTRlZDlhNTQ3NzQ0ZDdkOGZlNzUwMWFiOWViOTE3ZTNmYjhkYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRcJ38H/9gajtMiPg3hOa2yz0f40
owfW1r09kmDeLCBxY97UtKxMz5ye32m409Mu/VB2VR9X0Fq9/m3HfFQE0CrmKa3D
I9PLUGyqKRV/X2Ufzy0s7XPEnzmH/gLTLksmaBwz8/1LzNFzzb9KUvdC8HAmfIpq
A2BpX/SllKbrixnKiBT9YimVikEHg7x9jgV6kHRfC6ljOLyJkXYYvtruJhrEywis
ovk8fKaRh5TNURzeEhZy0W/00UhmISelC+8hd7qOAoWXFWjXrDSQFp8aSbTPq7WM
iOp1fIZzdnPh0aNnwTRDdQOJ6gXnkd8uFNBLI7lZzkYocwxZJoVVzZXEcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVO2aVHdE19j+dQGrnrkX4/uNukMB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyIXgpp0J
9pIC6SYNUkoUM2cMO6MKI6dn3jyzgRw5Kpc0zp9V+8+Pp4zbIrei/aFbr9eHWRbl
gQrmvc8UaxJwEYNEIpHCgK/X69gcEWEuQOxziRBhWWHwoZxmdHE+FVL6Y8MawlwM
ZsOYLPiOxyV9XbIwJX/hl/Pk2EHFxuB5DxYxGz7VNfrcPCqau3KSCbploAk5xNBg
5UfCvANZJMjeCccGXDqzrZVw1RDOoTDk6v1dD7vCT4X7Kzn+w05Znz6gM2trEvPJ
3oaeiuBfPAymdtH5Rg+dwugMgqL1/Xp7KHB3mFt0RW2YJ9A70SFjttVaYYW5/dbb
PyzRflejJLH1Kw==
-----END CERTIFICATE-----