Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          EuNhCdTrN5GDVDkJYi4SWmuMXiYMuaDjYoU92dVGPWY=
Subject key identifier:   83:E2:C6:F1:46:4F:AB:FD:90:BF:94:F5:8F:5F:DB:BF:21:27:06:96
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       01989F3A55F4BAA378B1121FBA7466CBF0ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          05A9
Signing time:             Tue 12 Aug 2025 17:00:57 +0000
Manifest this update:     Tue 12 Aug 2025 17:00:57 +0000
Manifest next update:     Wed 13 Aug 2025 17:00:57 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: TtVcxPR7woqTtPltOM2q+uvn6cOZdmIvg0/krypSj54=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 17:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:3a:55:f4:ba:a3:78:b1:12:1f:ba:74:66:cb:f0:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Aug 12 17:00:57 2025 GMT
            Not After : Aug 13 17:00:57 2025 GMT
        Subject: CN=83e2c6f1464fabfd90bf94f58f5fdbbf21270696
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:f5:43:1e:b3:8f:e3:d8:6a:0b:16:01:be:76:
                    a9:e3:9f:ad:2e:97:10:ae:89:72:93:0e:74:b6:fa:
                    89:04:10:b3:78:02:e1:42:17:bd:a5:99:69:2c:58:
                    51:ee:a9:0e:e7:8d:91:ed:47:6c:d2:d3:0c:42:cd:
                    c9:00:8b:94:90:d1:4a:9a:e7:fb:5c:4d:fe:c2:a6:
                    33:5b:9f:d5:bc:37:c7:64:3c:66:44:fa:65:62:c1:
                    72:7d:37:78:44:34:c9:e9:ce:43:96:07:1f:88:71:
                    c2:a5:eb:90:85:ae:1a:5d:b9:1a:5a:cb:ce:1d:35:
                    70:e1:cd:a1:ae:74:bf:32:fe:bc:33:a0:3e:11:91:
                    37:e6:4a:b9:e4:db:b4:f7:a7:8b:04:d1:dd:8d:33:
                    1d:6d:42:a7:8f:b5:60:40:e1:55:53:e5:1e:9c:f1:
                    39:7e:60:55:26:22:d8:6b:9e:3f:c7:cc:d1:44:80:
                    82:b7:86:18:e0:6b:40:8a:79:22:86:95:df:04:0f:
                    f0:8f:b1:4b:bb:8b:ad:af:8d:55:81:90:0c:81:6d:
                    08:18:8c:cd:12:7d:bd:4a:ce:ef:38:30:6b:74:77:
                    26:fe:b7:e1:d1:9c:0c:cc:e8:dd:01:82:8c:13:fd:
                    19:87:09:6e:dc:a6:82:88:a2:61:67:ef:43:ef:22:
                    1c:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:E2:C6:F1:46:4F:AB:FD:90:BF:94:F5:8F:5F:DB:BF:21:27:06:96
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:ff:2c:a1:a1:f0:e2:76:4a:de:e4:13:ac:34:0d:ef:9d:88:
         10:4c:cf:90:ba:79:9a:e5:7b:d1:43:4d:da:b4:c5:95:92:db:
         96:46:e7:d7:5e:48:60:53:f6:92:43:7f:58:31:7b:f8:1e:a9:
         fb:51:11:1a:43:cf:20:3f:81:96:fa:b8:18:9f:cd:ba:db:26:
         4e:96:68:7a:69:12:97:c8:11:dc:aa:8b:78:e5:13:4d:c1:5a:
         8b:29:c3:be:76:d2:5b:f4:1f:27:3d:61:c3:b5:05:d0:f4:d6:
         24:b0:bf:ed:df:91:3b:ac:e8:5e:24:c9:d9:16:7c:82:16:1c:
         b8:00:b9:db:3a:c5:f9:4d:69:0e:47:8f:8f:3d:38:3a:78:93:
         e9:99:9d:25:09:17:43:ea:b0:29:8f:51:c7:eb:5e:61:f5:25:
         a5:6d:8d:9a:09:a8:fe:47:46:5c:fe:3a:c3:8c:cf:3e:b5:d3:
         75:1d:f2:b8:88:99:9f:e4:d5:24:d3:4a:7f:24:73:52:62:1b:
         a7:e8:97:f7:e2:95:f0:34:16:42:ac:e1:1e:7a:36:1d:2b:89:
         0f:81:06:2c:a5:6c:00:44:c7:0d:b6:96:d8:79:bd:ea:39:db:
         b0:e8:62:1e:33:df:b0:6f:c8:12:b4:3c:51:7e:1e:ab:ad:e5:
         0a:90:62:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifOlX0uqN4sRIfunRmy/DtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjUwODEyMTcwMDU3WhcNMjUwODEzMTcwMDU3WjAzMTEwLwYDVQQD
Eyg4M2UyYzZmMTQ2NGZhYmZkOTBiZjk0ZjU4ZjVmZGJiZjIxMjcwNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vVDHrOP49hqCxYBvnap45+tLpcQ
rolykw50tvqJBBCzeALhQhe9pZlpLFhR7qkO542R7Uds0tMMQs3JAIuUkNFKmuf7
XE3+wqYzW5/VvDfHZDxmRPplYsFyfTd4RDTJ6c5DlgcfiHHCpeuQha4aXbkaWsvO
HTVw4c2hrnS/Mv68M6A+EZE35kq55Nu096eLBNHdjTMdbUKnj7VgQOFVU+UenPE5
fmBVJiLYa54/x8zRRICCt4YY4GtAinkihpXfBA/wj7FLu4utr41VgZAMgW0IGIzN
En29Ss7vODBrdHcm/rfh0ZwMzOjdAYKME/0Zhwlu3KaCiKJhZ+9D7yIclwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPixvFGT6v9kL+U9Y9f278hJwaWMB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM/8soaHw
4nZK3uQTrDQN752IEEzPkLp5muV70UNN2rTFlZLblkbn115IYFP2kkN/WDF7+B6p
+1ERGkPPID+Blvq4GJ/NutsmTpZoemkSl8gR3KqLeOUTTcFaiynDvnbSW/QfJz1h
w7UF0PTWJLC/7d+RO6zoXiTJ2RZ8ghYcuAC52zrF+U1pDkePjz04OniT6ZmdJQkX
Q+qwKY9Rx+teYfUlpW2Nmgmo/kdGXP46w4zPPrXTdR3yuIiZn+TVJNNKfyRzUmIb
p+iX9+KV8DQWQqzhHno2HSuJD4EGLKVsAETHDbaW2Hm96jnbsOhiHjPfsG/IErQ8
UX4eq63lCpBizA==
-----END CERTIFICATE-----