Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
File:                     OstMHbOigqLFrhaULo1gYb50UWs.mft (raw, json)
Hash identifier:          JzJ3/KIqDu38KBTpyOKXDneCw1u6+e6JoRJZaoGkp00=
Subject key identifier:   AA:86:0C:92:BB:58:58:AC:38:86:0C:5D:2B:C3:16:5B:CB:D3:D9:51
Authority key identifier: 3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B
Certificate issuer:       /CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
Certificate serial:       019921B0D86C91EF334A9B630995AFB38753
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
Manifest number:          0EDF
Signing time:             Sun 07 Sep 2025 01:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:01 +0000
Files and hashes:         1: OstMHbOigqLFrhaULo1gYb50UWs.crl (hash: OtvMYBtzJsFaabBwPJDCvHS8qO71YeeFNSLFgk/AB+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:d8:6c:91:ef:33:4a:9b:63:09:95:af:b3:87:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
        Validity
            Not Before: Sep  7 01:01:01 2025 GMT
            Not After : Sep  8 01:01:01 2025 GMT
        Subject: CN=aa860c92bb5858ac38860c5d2bc3165bcbd3d951
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:8a:c6:b1:49:d3:27:a0:91:50:b0:fa:79:89:
                    c6:b5:fc:92:31:29:36:d9:92:49:7e:af:38:ea:28:
                    0e:fe:24:ae:aa:29:af:de:40:1d:ff:b4:16:01:f7:
                    db:f2:49:92:ea:0d:26:cb:11:34:8d:f3:9c:e2:df:
                    f7:e7:ec:b4:55:28:35:79:c9:6e:f9:06:b0:29:2d:
                    90:41:36:54:92:b6:3e:79:11:28:0b:df:6e:6b:be:
                    9f:f7:a4:fa:27:64:24:c0:28:ca:f6:1f:42:9f:7a:
                    f2:6c:23:ff:16:78:c8:eb:df:8d:24:82:d3:9b:5e:
                    82:12:3e:29:93:b1:88:a3:1e:d1:f1:89:a8:cb:aa:
                    cf:97:6d:bd:6f:db:30:c1:14:83:aa:9a:57:09:1b:
                    93:16:6e:4f:61:9c:49:f3:6c:6e:37:96:35:0a:4f:
                    7e:bb:d9:a8:46:6e:96:88:39:6f:61:cf:69:aa:46:
                    18:cd:7a:18:99:24:ee:2c:f8:00:a3:43:d6:0b:9f:
                    c6:34:37:ca:a7:4b:18:f1:e8:1a:74:96:ff:82:b3:
                    1b:6e:45:03:7f:3e:85:64:03:70:94:af:e6:b9:63:
                    9c:e7:7b:ff:26:c6:2c:50:39:e3:48:77:84:30:e4:
                    a6:68:3a:21:7e:ce:ad:c8:ec:09:43:00:6b:15:fe:
                    24:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:86:0C:92:BB:58:58:AC:38:86:0C:5D:2B:C3:16:5B:CB:D3:D9:51
            X509v3 Authority Key Identifier:
                keyid:3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:25:ee:35:16:ea:bb:30:55:c4:3b:b3:f6:aa:14:f9:b3:fa:
         43:03:45:f9:fd:dd:a0:07:4c:b7:bd:9a:63:e3:e7:ab:cd:71:
         34:65:bb:58:59:dd:f9:d6:1e:69:f3:79:e5:2f:95:be:45:35:
         fe:ca:8f:75:04:be:5c:4f:17:b2:f0:e5:3f:91:f0:f5:c5:99:
         e3:43:05:5e:6c:f1:bb:72:d4:11:94:24:ee:41:8d:2f:66:80:
         26:82:29:4e:56:dc:e3:cc:04:c7:33:ca:6d:05:8f:eb:62:20:
         f4:77:fa:4c:87:cc:64:b4:df:0e:e9:66:a7:b7:fe:89:86:e7:
         d9:06:56:61:83:94:9c:32:bf:75:96:db:3e:58:8f:05:b0:32:
         03:68:86:76:37:44:a7:ff:2f:b1:e8:3d:2d:f2:4b:99:52:21:
         0f:84:06:93:2c:86:04:fe:d3:05:c0:d4:d3:ea:2a:e9:46:03:
         8d:ab:16:4f:37:89:54:34:20:83:ae:5c:19:ae:6c:d6:7f:ce:
         e1:7f:80:a3:7f:47:7c:06:aa:88:0a:1b:70:56:dd:09:c0:08:
         4d:5a:89:e9:c5:61:84:16:00:b1:88:bc:07:19:1c:2e:f7:8a:
         84:2b:b5:fd:d8:57:ac:5a:d5:c6:cc:75:6f:e8:e7:16:8f:d3:
         29:84:bb:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsNhske8zSptjCZWvs4dTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2I0YzFkYjNhMjgyYTJjNWFlMTY5NDJlOGQ2MDYxYmU3
NDUxNmIwHhcNMjUwOTA3MDEwMTAxWhcNMjUwOTA4MDEwMTAxWjAzMTEwLwYDVQQD
EyhhYTg2MGM5MmJiNTg1OGFjMzg4NjBjNWQyYmMzMTY1YmNiZDNkOTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YrGsUnTJ6CRULD6eYnGtfySMSk2
2ZJJfq846igO/iSuqimv3kAd/7QWAffb8kmS6g0myxE0jfOc4t/35+y0VSg1eclu
+QawKS2QQTZUkrY+eREoC99ua76f96T6J2QkwCjK9h9Cn3rybCP/FnjI69+NJILT
m16CEj4pk7GIox7R8Ymoy6rPl229b9swwRSDqppXCRuTFm5PYZxJ82xuN5Y1Ck9+
u9moRm6WiDlvYc9pqkYYzXoYmSTuLPgAo0PWC5/GNDfKp0sY8egadJb/grMbbkUD
fz6FZANwlK/muWOc53v/JsYsUDnjSHeEMOSmaDohfs6tyOwJQwBrFf4kpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqGDJK7WFisOIYMXSvDFlvL09lRMB8GA1UdIwQY
MBaAFDrLTB2zooKixa4WlC6NYGG+dFFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgt
Y2JmMzRlYmNhNGI5LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgtY2JmMzRlYmNhNGI5
LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYiXuNRbq
uzBVxDuz9qoU+bP6QwNF+f3doAdMt72aY+Pnq81xNGW7WFnd+dYeafN55S+VvkU1
/sqPdQS+XE8XsvDlP5Hw9cWZ40MFXmzxu3LUEZQk7kGNL2aAJoIpTlbc48wExzPK
bQWP62Ig9Hf6TIfMZLTfDulmp7f+iYbn2QZWYYOUnDK/dZbbPliPBbAyA2iGdjdE
p/8vseg9LfJLmVIhD4QGkyyGBP7TBcDU0+oq6UYDjasWTzeJVDQgg65cGa5s1n/O
4X+Ao39HfAaqiAobcFbdCcAITVqJ6cVhhBYAsYi8BxkcLveKhCu1/dhXrFrVxsx1
b+jnFo/TKYS7tw==
-----END CERTIFICATE-----