Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.mft
File:                     uOssmbjKaFoqU4WIFB2xxLZB03Y.mft (raw, json)
Hash identifier:          BJbt7/lcefREdKddCcGsIYEzEhKQcZNvuzaMibu5Jak=
Subject key identifier:   5A:B3:9A:57:6A:17:C1:78:30:98:8B:98:F8:70:BD:A7:82:A9:0B:46
Authority key identifier: B8:EB:2C:99:B8:CA:68:5A:2A:53:85:88:14:1D:B1:C4:B6:41:D3:76
Certificate issuer:       /CN=b8eb2c99b8ca685a2a538588141db1c4b641d376
Certificate serial:       019896A5FEDD7D8410383E7F849CB64A2D5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uOssmbjKaFoqU4WIFB2xxLZB03Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.mft
Manifest number:          1626
Signing time:             Mon 11 Aug 2025 01:01:57 +0000
Manifest this update:     Mon 11 Aug 2025 01:01:57 +0000
Manifest next update:     Tue 12 Aug 2025 01:01:57 +0000
Files and hashes:         1: uOssmbjKaFoqU4WIFB2xxLZB03Y.crl (hash: /Bh8y2eeJM1/RFOczrXNzMF015P44DtswFMAT+cZj7k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uOssmbjKaFoqU4WIFB2xxLZB03Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a5:fe:dd:7d:84:10:38:3e:7f:84:9c:b6:4a:2d:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8eb2c99b8ca685a2a538588141db1c4b641d376
        Validity
            Not Before: Aug 11 01:01:57 2025 GMT
            Not After : Aug 12 01:01:57 2025 GMT
        Subject: CN=5ab39a576a17c17830988b98f870bda782a90b46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:44:d6:cf:7f:b5:ae:84:c1:18:95:c1:22:ce:
                    62:f3:21:15:3b:01:a2:ce:0e:db:39:ed:97:2a:d2:
                    a5:45:56:b5:38:30:c0:f1:c7:47:27:aa:76:96:64:
                    2d:8a:92:e9:1a:02:26:7c:56:19:2d:c6:95:f4:86:
                    ff:b8:99:d9:98:c3:72:c1:64:3c:08:64:d3:11:20:
                    20:4f:81:07:41:b4:d7:b9:7d:ab:9a:59:70:21:7a:
                    73:c5:b7:4d:74:fe:5e:02:b2:c1:47:f8:32:25:b4:
                    4d:13:b3:ba:1c:b7:84:45:78:be:ae:db:c5:89:95:
                    75:9a:1d:0f:46:54:6d:33:71:e0:52:da:1b:ee:e7:
                    f1:ff:81:a6:b6:c1:b6:68:b8:ab:80:67:bf:a8:6c:
                    dd:7d:72:28:22:95:db:48:3b:43:14:ef:31:f0:80:
                    82:61:86:ca:38:a0:d2:3e:fc:6c:8d:01:a0:1e:3d:
                    8d:10:b4:3c:ce:d6:e8:0a:7f:fa:18:58:1b:75:5f:
                    91:1a:b1:ad:14:f0:98:8b:22:73:12:02:03:c0:ff:
                    ad:1a:5b:de:ec:e8:01:ec:15:63:3c:8c:b6:8d:9a:
                    88:cb:24:5d:bb:2d:2f:10:ae:ca:2f:7d:00:d0:3e:
                    e4:cd:36:a3:4c:e0:38:16:d9:6a:b4:76:98:9a:53:
                    47:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:B3:9A:57:6A:17:C1:78:30:98:8B:98:F8:70:BD:A7:82:A9:0B:46
            X509v3 Authority Key Identifier:
                keyid:B8:EB:2C:99:B8:CA:68:5A:2A:53:85:88:14:1D:B1:C4:B6:41:D3:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOssmbjKaFoqU4WIFB2xxLZB03Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:37:d8:24:37:6f:aa:71:69:24:be:9c:cd:03:c6:0d:3a:01:
         ef:75:72:e4:75:e2:a0:4f:06:12:ea:50:81:bd:cd:2e:c4:29:
         52:e1:b3:b6:21:91:e9:41:b6:c7:d9:a5:39:38:fc:d4:35:5c:
         3b:09:0f:0a:f3:94:71:7c:29:53:cd:fd:13:60:34:63:a7:9d:
         c3:df:b1:93:46:7f:dc:28:32:0d:75:4c:e9:33:a2:92:fc:eb:
         85:61:08:98:bd:a8:f3:ca:e4:3f:bc:18:18:d5:f1:5b:25:87:
         fe:8b:7a:de:88:90:5f:ef:36:ac:2d:69:13:c2:63:51:54:13:
         15:22:15:9e:9d:9d:82:b4:8b:13:da:12:d2:24:6f:b0:75:30:
         f5:ac:d6:8a:2c:b5:59:1c:4f:80:27:bf:6c:dd:91:15:e4:62:
         66:70:1f:13:40:4c:18:0e:c4:33:e0:9d:73:f0:91:3a:9e:01:
         1f:95:51:d6:0a:1c:b6:8e:db:da:78:36:7c:79:78:16:54:d9:
         9c:53:42:ad:96:41:f6:07:1e:03:93:26:79:75:a2:68:d7:88:
         8b:fc:63:18:01:05:30:99:a9:b4:9e:f6:2e:1e:b7:89:f6:bb:
         62:de:ab:09:5d:ab:cb:a6:a1:d7:0f:15:a6:1a:df:a1:e1:ce:
         3e:bd:bc:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpf7dfYQQOD5/hJy2Si1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZWIyYzk5YjhjYTY4NWEyYTUzODU4ODE0MWRiMWM0YjY0
MWQzNzYwHhcNMjUwODExMDEwMTU3WhcNMjUwODEyMDEwMTU3WjAzMTEwLwYDVQQD
Eyg1YWIzOWE1NzZhMTdjMTc4MzA5ODhiOThmODcwYmRhNzgyYTkwYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ETWz3+1roTBGJXBIs5i8yEVOwGi
zg7bOe2XKtKlRVa1ODDA8cdHJ6p2lmQtipLpGgImfFYZLcaV9Ib/uJnZmMNywWQ8
CGTTESAgT4EHQbTXuX2rmllwIXpzxbdNdP5eArLBR/gyJbRNE7O6HLeERXi+rtvF
iZV1mh0PRlRtM3HgUtob7ufx/4GmtsG2aLirgGe/qGzdfXIoIpXbSDtDFO8x8ICC
YYbKOKDSPvxsjQGgHj2NELQ8ztboCn/6GFgbdV+RGrGtFPCYiyJzEgIDwP+tGlve
7OgB7BVjPIy2jZqIyyRduy0vEK7KL30A0D7kzTajTOA4FtlqtHaYmlNHtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqzmldqF8F4MJiLmPhwvaeCqQtGMB8GA1UdIwQY
MBaAFLjrLJm4ymhaKlOFiBQdscS2QdN2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9zc21iakthRm9xVTRXSUZCMnh4TFpCMDNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC80NTc1MzMtNjkwNS00ODQwLTg4M2Mt
YWI2ZDBjMjEzZmRjLzEvdU9zc21iakthRm9xVTRXSUZCMnh4TFpCMDNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC80NTc1MzMtNjkwNS00ODQwLTg4M2MtYWI2ZDBjMjEzZmRj
LzEvdU9zc21iakthRm9xVTRXSUZCMnh4TFpCMDNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMzfYJDdv
qnFpJL6czQPGDToB73Vy5HXioE8GEupQgb3NLsQpUuGztiGR6UG2x9mlOTj81DVc
OwkPCvOUcXwpU839E2A0Y6edw9+xk0Z/3CgyDXVM6TOikvzrhWEImL2o88rkP7wY
GNXxWyWH/ot63oiQX+82rC1pE8JjUVQTFSIVnp2dgrSLE9oS0iRvsHUw9azWiiy1
WRxPgCe/bN2RFeRiZnAfE0BMGA7EM+Cdc/CROp4BH5VR1gocto7b2ng2fHl4FlTZ
nFNCrZZB9gceA5MmeXWiaNeIi/xjGAEFMJmptJ72Lh63ifa7Yt6rCV2ry6ah1w8V
phrfoeHOPr28wg==
-----END CERTIFICATE-----