Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          BqD5No400u5biyHZD9TAX9RMgET/MoudkATGmUVMsZo=
Subject key identifier:   49:2D:10:51:68:77:1B:7C:29:0C:1F:ED:50:88:A1:84:9A:98:D5:BE
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       0198752B75487231D859D1A4D10B1DCDA548
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0A27
Signing time:             Mon 04 Aug 2025 13:00:39 +0000
Manifest this update:     Mon 04 Aug 2025 13:00:39 +0000
Manifest next update:     Tue 05 Aug 2025 13:00:39 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: JjGTjZhkKN0NiLJwC20yYhKp6W5rxk7j2U1nWWoYuVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:2b:75:48:72:31:d8:59:d1:a4:d1:0b:1d:cd:a5:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Aug  4 13:00:39 2025 GMT
            Not After : Aug  5 13:00:39 2025 GMT
        Subject: CN=492d105168771b7c290c1fed5088a1849a98d5be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:e1:64:22:16:22:60:6e:2e:51:9e:be:15:61:
                    a9:0c:b6:69:4a:74:2f:8a:10:4c:3d:a6:35:6f:9b:
                    f4:6a:ec:99:7b:52:e4:79:23:4f:44:01:22:40:9e:
                    56:14:a4:f2:43:5c:a2:ec:2f:cf:00:88:0a:3e:fb:
                    b0:53:e1:05:a9:d4:ac:9f:4e:43:49:e6:00:77:d5:
                    d8:3f:20:e1:da:6f:f8:b4:6d:f3:b6:94:d1:b8:33:
                    da:a5:a4:80:8c:88:3e:25:00:10:fc:07:4b:4d:ac:
                    36:3c:cd:51:07:02:ae:44:66:9d:e3:0b:5e:3c:ca:
                    4e:05:3f:9f:3f:2e:16:a1:11:3f:b1:43:e0:72:0d:
                    df:87:a3:66:0b:21:47:2b:95:d5:26:70:95:7a:ef:
                    6e:29:62:e0:3e:a2:32:e9:85:1b:ae:6d:91:60:4f:
                    61:e2:e4:d5:a6:73:c8:d5:19:7b:0c:a6:ee:63:80:
                    85:77:5e:b2:32:d5:80:d5:f2:50:7c:53:ec:e5:f4:
                    31:20:d4:d5:3a:9a:aa:9c:92:0e:42:85:57:68:c6:
                    a4:ce:7e:6e:68:36:8c:a1:be:d1:02:71:1e:06:fb:
                    bd:ef:8d:ad:47:83:1e:f9:96:12:04:e4:39:f3:3b:
                    4b:c4:cb:89:20:9e:35:fe:fc:b9:47:e4:37:4f:89:
                    fb:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:2D:10:51:68:77:1B:7C:29:0C:1F:ED:50:88:A1:84:9A:98:D5:BE
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:e8:ce:79:76:ea:d5:91:ec:fc:da:63:41:d3:47:24:3a:7a:
         a1:f6:23:ce:da:d0:48:f7:c8:7c:ee:4e:b1:e3:fa:20:f7:98:
         c8:0b:5a:12:5b:d1:8c:e3:30:19:e0:55:47:42:db:7d:f8:c9:
         ec:d5:e5:9f:63:58:b6:a3:f3:60:be:34:cb:d9:7f:d6:26:4c:
         aa:8b:1b:eb:c8:06:e9:3c:64:0b:b0:55:a8:87:1b:75:56:41:
         38:d0:ab:d9:99:0e:f4:d9:e6:2a:c3:38:54:42:8a:f3:4d:1e:
         2c:52:ad:a6:76:94:ad:22:42:6f:7b:eb:a9:55:34:ff:8a:10:
         c7:e4:4c:d5:33:d1:d0:fe:ed:d5:e0:d4:98:30:76:e9:73:5d:
         72:a3:6d:bd:ea:18:6b:59:04:e6:60:2b:63:e4:b3:27:4f:43:
         e1:78:b9:86:eb:0c:24:e1:80:cd:5a:bf:34:6e:c6:4e:ed:5e:
         33:a8:44:7f:45:8c:99:f8:51:1e:79:73:2b:7c:5b:c9:00:6c:
         fb:c3:e8:75:4c:88:0d:32:cf:82:6e:0d:0d:65:78:e7:52:ec:
         81:40:03:99:a0:6a:77:87:31:52:08:63:38:39:01:7a:8e:8a:
         83:bf:4f:8e:47:35:58:00:45:1a:5e:5d:49:50:2d:93:54:7b:
         67:5b:f7:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1K3VIcjHYWdGk0QsdzaVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjUwODA0MTMwMDM5WhcNMjUwODA1MTMwMDM5WjAzMTEwLwYDVQQD
Eyg0OTJkMTA1MTY4NzcxYjdjMjkwYzFmZWQ1MDg4YTE4NDlhOThkNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uFkIhYiYG4uUZ6+FWGpDLZpSnQv
ihBMPaY1b5v0auyZe1LkeSNPRAEiQJ5WFKTyQ1yi7C/PAIgKPvuwU+EFqdSsn05D
SeYAd9XYPyDh2m/4tG3ztpTRuDPapaSAjIg+JQAQ/AdLTaw2PM1RBwKuRGad4wte
PMpOBT+fPy4WoRE/sUPgcg3fh6NmCyFHK5XVJnCVeu9uKWLgPqIy6YUbrm2RYE9h
4uTVpnPI1Rl7DKbuY4CFd16yMtWA1fJQfFPs5fQxINTVOpqqnJIOQoVXaMakzn5u
aDaMob7RAnEeBvu9742tR4Me+ZYSBOQ58ztLxMuJIJ41/vy5R+Q3T4n7qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEktEFFodxt8KQwf7VCIoYSamNW+MB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlejOeXbq
1ZHs/NpjQdNHJDp6ofYjztrQSPfIfO5OseP6IPeYyAtaElvRjOMwGeBVR0LbffjJ
7NXln2NYtqPzYL40y9l/1iZMqosb68gG6TxkC7BVqIcbdVZBONCr2ZkO9NnmKsM4
VEKK800eLFKtpnaUrSJCb3vrqVU0/4oQx+RM1TPR0P7t1eDUmDB26XNdcqNtveoY
a1kE5mArY+SzJ09D4Xi5husMJOGAzVq/NG7GTu1eM6hEf0WMmfhRHnlzK3xbyQBs
+8PodUyIDTLPgm4NDWV451LsgUADmaBqd4cxUghjODkBeo6Kg79Pjkc1WABFGl5d
SVAtk1R7Z1v3bw==
-----END CERTIFICATE-----