Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
File:                     O1HtwFDk-YX73VeMzgKtyIDGyKc.mft (raw, json)
Hash identifier:          MHPsC6vpat4cHuAay5dJDrqZdFQk1AP1i0FtjKCfFjg=
Subject key identifier:   DE:5F:6F:80:F0:7C:4E:DA:29:FE:2F:27:7D:15:32:DD:FC:A8:BF:D8
Authority key identifier: 3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7
Certificate issuer:       /CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
Certificate serial:       01987D8A9FA2395524EA54129DF652196666
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
Manifest number:          0D76
Signing time:             Wed 06 Aug 2025 04:01:33 +0000
Manifest this update:     Wed 06 Aug 2025 04:01:33 +0000
Manifest next update:     Thu 07 Aug 2025 04:01:33 +0000
Files and hashes:         1: O1HtwFDk-YX73VeMzgKtyIDGyKc.crl (hash: VNdqigpNt/qyR+EwGtDanRGkROZMn6B7uJ+PnFIMEoQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 04:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8a:9f:a2:39:55:24:ea:54:12:9d:f6:52:19:66:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
        Validity
            Not Before: Aug  6 04:01:33 2025 GMT
            Not After : Aug  7 04:01:33 2025 GMT
        Subject: CN=de5f6f80f07c4eda29fe2f277d1532ddfca8bfd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e5:0f:bf:a1:85:70:b9:06:d3:fe:32:07:29:
                    87:e9:13:0e:5c:2a:8f:87:91:56:65:be:0d:03:38:
                    7e:79:4c:cc:d0:98:bf:a2:c2:ec:1b:dd:e9:97:fe:
                    fa:16:de:10:3b:31:27:ae:c4:77:17:44:e0:49:4f:
                    1b:3d:9b:e1:28:98:97:f7:9c:f4:d0:c3:23:37:a0:
                    53:29:c7:9b:f3:4a:bc:79:48:06:05:1c:09:23:a7:
                    11:cc:05:17:77:0b:ae:40:cd:31:c0:08:6a:0f:5a:
                    5d:54:08:b5:b4:04:9a:1c:19:a7:18:db:5e:5f:c7:
                    95:32:94:fb:fe:ba:fa:56:7d:7d:e0:68:35:6b:b0:
                    24:00:d5:d0:54:1c:2f:bc:dc:21:7c:41:fd:5c:c7:
                    b6:02:8f:30:e4:60:e1:72:8e:2b:e8:72:97:94:a2:
                    6b:ed:d9:d1:b2:0d:7c:9a:40:bb:3f:e1:5c:34:6f:
                    6b:fd:7d:33:bc:d8:cd:49:ad:a7:29:b6:01:27:be:
                    32:b7:fe:e0:81:2b:1c:c2:a5:78:21:e1:9c:e9:0b:
                    51:d0:20:53:d4:60:7e:6e:29:2b:6c:e6:f6:69:73:
                    38:75:a6:57:20:c5:8c:7f:11:c9:eb:d3:d8:1e:35:
                    5c:81:7c:f4:93:14:2d:24:cc:6a:6f:c9:1b:0c:fc:
                    cb:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:5F:6F:80:F0:7C:4E:DA:29:FE:2F:27:7D:15:32:DD:FC:A8:BF:D8
            X509v3 Authority Key Identifier:
                keyid:3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:e2:03:45:59:42:6d:49:8a:9f:56:f4:2e:c7:4f:48:52:c5:
         50:36:20:26:29:88:e3:ea:4a:cf:04:c3:6e:66:a8:26:c8:58:
         f3:07:79:3c:95:cd:93:72:70:0e:cf:06:e1:ef:85:0f:84:f6:
         53:5a:5d:1e:69:c5:03:38:07:a2:6a:c4:a1:bf:f4:a2:85:40:
         12:1c:bc:50:b0:b9:69:c4:d6:5a:dd:6c:fd:f9:e1:1d:65:70:
         27:b4:a3:70:fb:18:82:88:e3:58:f2:96:8c:19:07:93:9d:a3:
         2d:9c:91:0f:4d:25:d5:2a:4a:5c:b9:dc:b2:da:46:ca:30:8b:
         35:30:4c:06:3b:08:dc:9f:c0:a7:c4:3a:b3:99:fd:08:85:41:
         39:3b:45:0c:d0:0b:72:08:e4:f2:1b:c4:ed:13:ca:9e:eb:87:
         39:0c:2a:10:fc:49:5f:84:ff:c1:55:a4:76:83:45:fb:92:80:
         47:ff:eb:1c:b3:3d:10:38:3e:67:dc:8e:54:eb:6d:14:a3:fc:
         a9:79:77:4d:7e:b2:13:7a:9e:84:8e:2c:34:22:6a:3b:78:ae:
         83:95:c6:a0:be:88:e0:d6:83:bb:dd:b6:e9:fe:c7:cf:3e:de:
         4e:62:8a:d9:7a:02:96:08:13:1b:bd:da:62:a6:a7:50:3d:3f:
         5d:b8:dc:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9ip+iOVUk6lQSnfZSGWZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTFlZGMwNTBlNGY5ODVmYmRkNTc4Y2NlMDJhZGM4ODBj
NmM4YTcwHhcNMjUwODA2MDQwMTMzWhcNMjUwODA3MDQwMTMzWjAzMTEwLwYDVQQD
EyhkZTVmNmY4MGYwN2M0ZWRhMjlmZTJmMjc3ZDE1MzJkZGZjYThiZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+UPv6GFcLkG0/4yBymH6RMOXCqP
h5FWZb4NAzh+eUzM0Ji/osLsG93pl/76Ft4QOzEnrsR3F0TgSU8bPZvhKJiX95z0
0MMjN6BTKceb80q8eUgGBRwJI6cRzAUXdwuuQM0xwAhqD1pdVAi1tASaHBmnGNte
X8eVMpT7/rr6Vn194Gg1a7AkANXQVBwvvNwhfEH9XMe2Ao8w5GDhco4r6HKXlKJr
7dnRsg18mkC7P+FcNG9r/X0zvNjNSa2nKbYBJ74yt/7ggSscwqV4IeGc6QtR0CBT
1GB+bikrbOb2aXM4daZXIMWMfxHJ69PYHjVcgXz0kxQtJMxqb8kbDPzLNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5fb4DwfE7aKf4vJ30VMt38qL/YMB8GA1UdIwQY
MBaAFDtR7cBQ5PmF+91XjM4CrciAxsinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgt
YmNjYTYxZTM5Y2MzLzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgtYmNjYTYxZTM5Y2Mz
LzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHeIDRVlC
bUmKn1b0LsdPSFLFUDYgJimI4+pKzwTDbmaoJshY8wd5PJXNk3JwDs8G4e+FD4T2
U1pdHmnFAzgHomrEob/0ooVAEhy8ULC5acTWWt1s/fnhHWVwJ7SjcPsYgojjWPKW
jBkHk52jLZyRD00l1SpKXLncstpGyjCLNTBMBjsI3J/Ap8Q6s5n9CIVBOTtFDNAL
cgjk8hvE7RPKnuuHOQwqEPxJX4T/wVWkdoNF+5KAR//rHLM9EDg+Z9yOVOttFKP8
qXl3TX6yE3qehI4sNCJqO3iug5XGoL6I4NaDu9226f7Hzz7eTmKK2XoClggTG73a
YqanUD0/Xbjchg==
-----END CERTIFICATE-----