Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
File:                     _OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft (raw, json)
Hash identifier:          AajdAf+zgIjQaRibDuv6pqZEgOtHsLGt9sobL94Qyx4=
Subject key identifier:   ED:D7:28:D3:00:D9:A9:D5:D4:9A:61:D8:9F:8C:E8:ED:EF:7A:45:E1
Authority key identifier: FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1
Certificate issuer:       /CN=fce27d64a4ce95e08311afaff43e66d073fb21d1
Certificate serial:       019873E3A42F13C2D34C2AB0BF976F4B269E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
Manifest number:          0F91
Signing time:             Mon 04 Aug 2025 07:02:35 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:35 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:35 +0000
Files and hashes:         1: _OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl (hash: /jxaRkRXuo07AlAR0wna6bW83nVeGxLY/CiXgSnZPvs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:a4:2f:13:c2:d3:4c:2a:b0:bf:97:6f:4b:26:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fce27d64a4ce95e08311afaff43e66d073fb21d1
        Validity
            Not Before: Aug  4 07:02:35 2025 GMT
            Not After : Aug  5 07:02:35 2025 GMT
        Subject: CN=edd728d300d9a9d5d49a61d89f8ce8edef7a45e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3e:9f:ee:bb:ca:43:79:b2:f1:0c:c3:89:fb:
                    23:16:aa:86:43:cd:d9:8b:5b:9e:c3:fb:29:25:1b:
                    20:c4:5a:dd:40:e1:45:35:ff:46:e6:d8:64:84:d5:
                    a5:3c:ef:63:0a:f2:55:e8:4d:73:e8:1b:0a:e3:e4:
                    7a:82:6a:f4:a5:bd:ff:70:99:c1:c0:93:05:5c:33:
                    ec:ae:81:03:cd:50:aa:4d:ba:28:a0:3b:b7:d2:02:
                    6b:40:33:ba:d8:7b:f6:d0:c8:ce:ad:7b:4b:38:b2:
                    1e:ac:be:c6:1e:05:1c:7f:a7:48:06:a5:01:a0:e8:
                    75:4f:a9:90:35:ea:c3:96:88:59:60:1c:20:67:c6:
                    24:c7:e5:e3:41:2b:44:88:a1:29:7d:9e:82:87:e0:
                    fc:28:11:da:6e:d6:d3:f9:44:25:fd:2e:26:87:06:
                    93:2e:16:40:01:8d:ed:72:73:a9:9a:08:9c:c4:99:
                    77:e5:0b:f3:c8:66:6f:84:cd:15:8b:3c:05:48:55:
                    82:c7:09:e3:52:92:0d:90:43:9e:35:b8:83:37:92:
                    0b:8e:c5:bb:2d:3f:48:d6:f8:d8:e1:97:e4:a4:3f:
                    de:83:89:22:45:e1:2b:a5:91:d6:c7:89:f6:1e:5b:
                    94:cf:37:f0:fe:bc:ff:bb:50:3e:80:a6:9f:47:96:
                    39:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:D7:28:D3:00:D9:A9:D5:D4:9A:61:D8:9F:8C:E8:ED:EF:7A:45:E1
            X509v3 Authority Key Identifier:
                keyid:FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:c2:a0:f4:1d:62:5d:a1:b2:4a:29:64:81:b7:58:f4:88:12:
         ba:f9:72:ad:45:8a:7d:4e:77:3a:ca:e5:38:ee:04:49:ba:07:
         d8:aa:23:bd:a1:49:21:8a:48:65:cb:7c:02:2d:53:17:93:0c:
         f0:06:f3:e9:aa:ad:48:e2:83:48:10:7a:af:3a:12:de:a3:02:
         e1:ae:6d:40:c2:e8:79:36:51:07:2e:5b:59:83:84:46:6f:87:
         07:3c:9e:7f:d6:9c:e0:09:e8:39:5d:c4:b8:4b:ab:c8:91:1b:
         8f:d6:e2:01:b3:58:e8:59:31:b0:fc:06:2e:99:a7:c3:5a:ec:
         e8:25:e9:45:91:d9:d5:e2:2c:65:29:22:8d:6a:b4:a8:f9:18:
         72:56:01:d5:70:e4:09:3d:37:6d:20:f5:c2:2d:ea:2b:16:4b:
         a0:cc:c3:28:54:e6:3c:a6:78:b2:41:ca:d1:06:93:ff:06:ea:
         e9:f6:10:5e:1b:68:19:1d:0d:e0:4b:54:42:3d:53:20:d3:6a:
         14:3d:0a:78:4f:e6:ca:e1:e1:c0:01:4e:25:34:42:21:b7:91:
         8b:9b:b6:fd:ab:45:c7:3a:ac:02:0e:e1:cf:0f:73:2d:b9:c4:
         5d:ec:74:07:20:62:eb:fe:2e:a9:ed:82:20:07:d6:3c:5f:80:
         ae:08:91:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz46QvE8LTTCqwv5dvSyaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTI3ZDY0YTRjZTk1ZTA4MzExYWZhZmY0M2U2NmQwNzNm
YjIxZDEwHhcNMjUwODA0MDcwMjM1WhcNMjUwODA1MDcwMjM1WjAzMTEwLwYDVQQD
EyhlZGQ3MjhkMzAwZDlhOWQ1ZDQ5YTYxZDg5ZjhjZThlZGVmN2E0NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz6f7rvKQ3my8QzDifsjFqqGQ83Z
i1uew/spJRsgxFrdQOFFNf9G5thkhNWlPO9jCvJV6E1z6BsK4+R6gmr0pb3/cJnB
wJMFXDPsroEDzVCqTboooDu30gJrQDO62Hv20MjOrXtLOLIerL7GHgUcf6dIBqUB
oOh1T6mQNerDlohZYBwgZ8Ykx+XjQStEiKEpfZ6Ch+D8KBHabtbT+UQl/S4mhwaT
LhZAAY3tcnOpmgicxJl35QvzyGZvhM0VizwFSFWCxwnjUpINkEOeNbiDN5ILjsW7
LT9I1vjY4ZfkpD/eg4kiReErpZHWx4n2HluUzzfw/rz/u1A+gKafR5Y5kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3XKNMA2anV1Jph2J+M6O3vekXhMB8GA1UdIwQY
MBaAFPzifWSkzpXggxGvr/Q+ZtBz+yHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEt
MDAxNGJjODU1YmY0LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEtMDAxNGJjODU1YmY0
LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZMKg9B1i
XaGySilkgbdY9IgSuvlyrUWKfU53OsrlOO4ESboH2KojvaFJIYpIZct8Ai1TF5MM
8Abz6aqtSOKDSBB6rzoS3qMC4a5tQMLoeTZRBy5bWYOERm+HBzyef9ac4AnoOV3E
uEuryJEbj9biAbNY6FkxsPwGLpmnw1rs6CXpRZHZ1eIsZSkijWq0qPkYclYB1XDk
CT03bSD1wi3qKxZLoMzDKFTmPKZ4skHK0QaT/wbq6fYQXhtoGR0N4EtUQj1TINNq
FD0KeE/myuHhwAFOJTRCIbeRi5u2/atFxzqsAg7hzw9zLbnEXex0ByBi6/4uqe2C
IAfWPF+ArgiRjQ==
-----END CERTIFICATE-----