Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
File:                     oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json)
Hash identifier:          zrjzOWVRd/hdXP2ak8Umrt2gu3+Ez/jSCBW/Un8P7Fw=
Subject key identifier:   F0:92:17:DD:D9:87:20:13:B1:1B:C0:FA:81:E4:10:B4:EC:86:FA:50
Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A
Certificate issuer:       /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
Certificate serial:       019890355AB72E6AC4C091193C762AB97E33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
Manifest number:          1623
Signing time:             Sat 09 Aug 2025 19:01:12 +0000
Manifest this update:     Sat 09 Aug 2025 19:01:12 +0000
Manifest next update:     Sun 10 Aug 2025 19:01:12 +0000
Files and hashes:         1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: wUS18DHxqab2nat4wW3qe488HjQOvleEcrA2SZq7+pE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:90:35:5a:b7:2e:6a:c4:c0:91:19:3c:76:2a:b9:7e:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
        Validity
            Not Before: Aug  9 19:01:12 2025 GMT
            Not After : Aug 10 19:01:12 2025 GMT
        Subject: CN=f09217ddd9872013b11bc0fa81e410b4ec86fa50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e9:5a:93:7b:e6:3a:c1:65:d5:d8:eb:52:a6:
                    a6:12:ac:d1:a5:05:9d:51:39:5f:d3:0a:f1:32:92:
                    0c:ff:e9:20:db:95:6c:3a:00:be:1b:63:5b:ce:06:
                    d4:c6:a3:7e:01:54:87:b5:22:75:d8:b6:47:5d:1b:
                    c7:e7:49:8d:e5:2f:3b:fd:04:3f:30:ce:81:f2:06:
                    c8:82:08:12:87:c7:a2:d1:51:21:d7:bf:85:00:27:
                    ec:3e:09:7b:52:73:c1:53:79:21:a3:4d:55:f3:db:
                    a5:5a:89:a7:a2:7d:4e:8c:94:07:3a:b5:8c:12:e2:
                    4d:04:9f:f7:ac:e1:e0:9e:63:78:d4:2f:83:33:4d:
                    36:1a:c8:01:2b:34:a9:7c:11:0c:ae:90:dc:53:6f:
                    45:19:dc:fe:e3:f6:23:c4:c3:3d:36:88:41:3b:73:
                    b8:0f:d9:c6:c0:bc:19:a5:e5:9d:ef:30:6f:78:f6:
                    07:71:5f:9f:54:19:e9:1a:48:af:82:52:b9:8e:81:
                    6a:c5:e7:b9:bc:3b:1a:bb:43:dc:05:d6:ca:8b:eb:
                    19:3e:e5:80:23:48:7e:45:00:25:f5:2b:cd:7f:2f:
                    88:97:a5:d4:87:89:4b:db:7a:75:0f:be:87:51:0c:
                    55:32:55:12:5b:7f:67:5a:b1:1c:f9:4e:c4:07:af:
                    42:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:92:17:DD:D9:87:20:13:B1:1B:C0:FA:81:E4:10:B4:EC:86:FA:50
            X509v3 Authority Key Identifier:
                keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:28:99:43:ae:78:bf:e9:94:b4:a1:5f:f4:28:34:98:f6:13:
         05:ce:a8:f9:ac:48:19:b6:62:f0:29:7b:e9:77:b3:94:15:ed:
         f3:23:00:59:d4:ee:61:50:75:25:b0:a9:18:43:b9:9d:a1:66:
         20:b5:93:be:6b:70:40:d0:7e:84:65:50:31:ae:65:dd:59:9a:
         3f:7f:24:ba:7f:99:f2:0f:36:f6:49:30:24:04:65:81:3b:0e:
         3c:1b:1b:f9:57:d6:ab:37:da:17:1b:51:d9:22:6a:78:31:9a:
         eb:e9:d4:e6:26:42:32:a2:b2:c3:f6:cf:35:3d:36:00:14:8e:
         63:65:25:15:49:0a:7c:ea:b2:ad:4a:7c:a1:4c:0d:95:25:f3:
         05:dc:7f:d7:84:42:2e:9e:6f:95:9d:85:6e:a0:f1:43:61:36:
         99:1c:47:49:fc:fb:b5:af:78:74:53:74:1d:2e:52:5e:85:02:
         67:96:60:b2:88:5c:a6:f1:2a:dd:55:f9:2b:2a:a6:3d:0e:f2:
         3d:a7:27:10:3f:9c:f9:90:0a:6c:c9:65:da:e6:a6:d8:5c:36:
         8b:de:a4:48:71:d0:47:0c:56:be:94:00:81:2f:15:3c:e1:b0:
         57:ef:da:be:a0:4a:00:c5:07:b4:47:7a:31:7c:a4:39:e9:16:
         f8:cf:bc:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiQNVq3LmrEwJEZPHYquX4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw
Mzk0MWEwHhcNMjUwODA5MTkwMTEyWhcNMjUwODEwMTkwMTEyWjAzMTEwLwYDVQQD
EyhmMDkyMTdkZGQ5ODcyMDEzYjExYmMwZmE4MWU0MTBiNGVjODZmYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+lak3vmOsFl1djrUqamEqzRpQWd
UTlf0wrxMpIM/+kg25VsOgC+G2NbzgbUxqN+AVSHtSJ12LZHXRvH50mN5S87/QQ/
MM6B8gbIgggSh8ei0VEh17+FACfsPgl7UnPBU3kho01V89ulWomnon1OjJQHOrWM
EuJNBJ/3rOHgnmN41C+DM002GsgBKzSpfBEMrpDcU29FGdz+4/YjxMM9NohBO3O4
D9nGwLwZpeWd7zBvePYHcV+fVBnpGkivglK5joFqxee5vDsau0PcBdbKi+sZPuWA
I0h+RQAl9SvNfy+Il6XUh4lL23p1D76HUQxVMlUSW39nWrEc+U7EB69CaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPCSF93ZhyATsRvA+oHkELTshvpQMB8GA1UdIwQY
MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt
YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz
LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkiiZQ654
v+mUtKFf9Cg0mPYTBc6o+axIGbZi8Cl76XezlBXt8yMAWdTuYVB1JbCpGEO5naFm
ILWTvmtwQNB+hGVQMa5l3VmaP38kun+Z8g829kkwJARlgTsOPBsb+VfWqzfaFxtR
2SJqeDGa6+nU5iZCMqKyw/bPNT02ABSOY2UlFUkKfOqyrUp8oUwNlSXzBdx/14RC
Lp5vlZ2FbqDxQ2E2mRxHSfz7ta94dFN0HS5SXoUCZ5ZgsohcpvEq3VX5KyqmPQ7y
PacnED+c+ZAKbMll2uam2Fw2i96kSHHQRwxWvpQAgS8VPOGwV+/avqBKAMUHtEd6
MXykOekW+M+8ZA==
-----END CERTIFICATE-----