Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          xxsMWQ3x3jn5IZ2oJjQqGnluvUy2VjKGLNWSKkE/4N8=
Subject key identifier:   CF:90:59:E2:29:AA:13:A7:A4:F9:7A:EE:5A:3C:26:4E:46:D4:A2:29
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       019892C9B045BBED50F0584BE293FF76C861
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          1624
Signing time:             Sun 10 Aug 2025 07:02:27 +0000
Manifest this update:     Sun 10 Aug 2025 07:02:27 +0000
Manifest next update:     Mon 11 Aug 2025 07:02:27 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: 8OYN6wEPjX0xI11VSM4cydxzVvftPyRw3/YwQlPB77k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 07:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:92:c9:b0:45:bb:ed:50:f0:58:4b:e2:93:ff:76:c8:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Aug 10 07:02:27 2025 GMT
            Not After : Aug 11 07:02:27 2025 GMT
        Subject: CN=cf9059e229aa13a7a4f97aee5a3c264e46d4a229
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:73:ef:10:b5:9c:dd:29:62:21:5e:c3:5c:69:
                    a0:c9:50:1c:d7:40:70:63:48:1c:d3:70:74:6a:c4:
                    18:bd:14:0d:f0:e9:27:14:55:99:a4:5b:b5:0d:6e:
                    6d:57:8b:1d:44:a6:c1:cb:70:94:1c:89:a9:69:34:
                    fd:b4:53:cc:17:82:56:38:98:d8:70:4c:29:36:f5:
                    5b:c2:6e:e8:1c:f0:69:45:12:73:50:2b:25:68:12:
                    67:e9:1e:d8:62:bc:92:5e:40:45:f0:26:a9:19:3b:
                    37:c2:75:36:89:22:7b:c7:91:df:bb:69:4c:a3:fa:
                    84:d2:f1:83:89:66:22:93:b4:94:7a:94:73:35:cd:
                    3b:09:c6:6b:d7:e5:08:7c:80:68:28:7a:22:c1:84:
                    6e:cb:c9:7a:5e:c2:0b:a6:a7:71:0e:4c:d4:38:b4:
                    d1:90:0d:b7:79:27:c8:14:cc:e4:f3:77:18:b1:8a:
                    36:64:bb:63:ae:21:dc:b3:1f:a3:06:e1:f2:74:f5:
                    45:01:be:73:53:04:9d:e9:27:98:a2:29:ff:e8:9e:
                    d1:3c:c0:3d:e9:4a:41:ad:20:c9:36:51:c5:c2:93:
                    84:27:da:e5:f4:14:d8:ad:2c:7b:e3:e8:9f:a2:c9:
                    48:d4:8a:f2:d2:d5:52:8a:2c:bf:bf:e0:43:dd:a2:
                    e6:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:90:59:E2:29:AA:13:A7:A4:F9:7A:EE:5A:3C:26:4E:46:D4:A2:29
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:8e:f9:29:42:49:5a:3f:73:4e:f7:7b:e8:6f:50:9c:4a:f0:
         51:01:68:f0:5a:6d:45:bb:82:18:be:a6:e8:82:f5:e3:fc:43:
         35:9e:9b:94:7c:9c:84:73:b2:92:66:d1:92:a3:3d:c4:66:0e:
         18:1b:1f:14:b7:ad:92:e4:b5:15:a4:7f:39:77:3a:4f:ae:43:
         5c:dd:15:61:47:2f:21:2b:f3:9b:35:f2:65:8a:91:4d:88:e7:
         65:20:1b:d9:3c:b8:11:38:4d:20:f5:01:e8:ee:62:e1:9a:4b:
         e8:41:fa:ed:e8:73:f5:1c:f3:06:7a:43:b6:27:9f:3a:8a:f4:
         ef:ab:b6:96:71:82:4b:cb:bf:9b:f1:40:80:71:7c:1a:72:3c:
         ce:a7:6f:36:b3:bb:92:db:a1:e8:d2:60:d9:cb:08:9b:05:e7:
         ac:ee:d0:3d:67:86:35:f5:21:34:de:47:b9:a0:a5:f2:e5:1f:
         9f:d8:97:13:2c:e8:bb:5e:80:6f:5f:61:39:e7:8e:5c:eb:62:
         6d:86:10:e3:0b:4b:76:42:07:9b:4d:ed:40:6f:66:56:9e:44:
         f8:47:38:3b:40:d7:eb:b0:1a:1e:19:81:15:a1:c4:68:a5:49:
         0d:62:ee:24:85:ea:40:95:25:e7:05:1c:f3:08:ad:a8:58:77:
         3f:e4:f5:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSybBFu+1Q8FhL4pP/dshhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjUwODEwMDcwMjI3WhcNMjUwODExMDcwMjI3WjAzMTEwLwYDVQQD
EyhjZjkwNTllMjI5YWExM2E3YTRmOTdhZWU1YTNjMjY0ZTQ2ZDRhMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnPvELWc3SliIV7DXGmgyVAc10Bw
Y0gc03B0asQYvRQN8OknFFWZpFu1DW5tV4sdRKbBy3CUHImpaTT9tFPMF4JWOJjY
cEwpNvVbwm7oHPBpRRJzUCslaBJn6R7YYrySXkBF8CapGTs3wnU2iSJ7x5Hfu2lM
o/qE0vGDiWYik7SUepRzNc07CcZr1+UIfIBoKHoiwYRuy8l6XsILpqdxDkzUOLTR
kA23eSfIFMzk83cYsYo2ZLtjriHcsx+jBuHydPVFAb5zUwSd6SeYoin/6J7RPMA9
6UpBrSDJNlHFwpOEJ9rl9BTYrSx74+ifoslI1Iry0tVSiiy/v+BD3aLmawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+QWeIpqhOnpPl67lo8Jk5G1KIpMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeI75KUJJ
Wj9zTvd76G9QnErwUQFo8FptRbuCGL6m6IL14/xDNZ6blHychHOykmbRkqM9xGYO
GBsfFLetkuS1FaR/OXc6T65DXN0VYUcvISvzmzXyZYqRTYjnZSAb2Ty4EThNIPUB
6O5i4ZpL6EH67ehz9RzzBnpDtiefOor076u2lnGCS8u/m/FAgHF8GnI8zqdvNrO7
ktuh6NJg2csImwXnrO7QPWeGNfUhNN5HuaCl8uUfn9iXEyzou16Ab19hOeeOXOti
bYYQ4wtLdkIHm03tQG9mVp5E+Ec4O0DX67AaHhmBFaHEaKVJDWLuJIXqQJUl5wUc
8witqFh3P+T1GA==
-----END CERTIFICATE-----