Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.mft
File:                     o5L8lqSHiVFOsJ9WdLWdpSyRFIM.mft (raw, json)
Hash identifier:          bU15iDUltnXjQatKnMGdeVx0j56qmyj/O6oeTV1PgLA=
Subject key identifier:   08:AC:95:00:0E:98:54:45:A1:A7:4B:03:44:6D:ED:41:3C:0C:47:60
Authority key identifier: A3:92:FC:96:A4:87:89:51:4E:B0:9F:56:74:B5:9D:A5:2C:91:14:83
Certificate issuer:       /CN=a392fc96a48789514eb09f5674b59da52c911483
Certificate serial:       0199221E3812F2610F98C3E6F328F0F7DC93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.mft
Manifest number:          0AE7
Signing time:             Sun 07 Sep 2025 03:00:29 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:29 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:29 +0000
Files and hashes:         1: o5L8lqSHiVFOsJ9WdLWdpSyRFIM.crl (hash: ZF35YC71NxiCPfLBCPQTDbjr5cnCIeNKGAMEDUUQxhY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:38:12:f2:61:0f:98:c3:e6:f3:28:f0:f7:dc:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a392fc96a48789514eb09f5674b59da52c911483
        Validity
            Not Before: Sep  7 03:00:29 2025 GMT
            Not After : Sep  8 03:00:29 2025 GMT
        Subject: CN=08ac95000e985445a1a74b03446ded413c0c4760
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:fa:f8:d5:f5:70:fe:15:27:d5:82:ec:37:d8:
                    bb:a7:ac:95:22:62:69:21:8a:1c:79:35:d8:03:1b:
                    52:13:3b:cc:58:d8:c8:94:21:cb:62:7a:f4:8d:65:
                    4b:5b:ed:f2:e4:3a:e6:cd:07:97:e2:c7:ff:29:27:
                    8f:49:6d:dc:b3:6c:c4:df:fd:12:89:af:17:48:95:
                    06:f3:d9:37:74:0c:e6:b3:cf:ac:0f:16:26:dc:fe:
                    30:30:3c:86:46:2e:af:0d:50:48:a1:20:9c:4a:a4:
                    dd:cb:85:a1:e5:20:b6:bd:e6:6d:4e:f6:78:8f:1a:
                    04:5e:f0:30:3c:a9:49:62:21:62:d1:44:1a:c4:be:
                    04:00:19:e0:e0:45:2d:5d:57:61:30:2b:1a:16:bd:
                    03:4c:b9:e2:eb:bf:1f:a6:84:2d:a1:cf:1d:cf:bb:
                    51:73:63:d4:34:c8:97:0d:1b:c7:1f:ba:f9:6e:fa:
                    de:d1:ab:35:37:af:ca:9b:70:b2:db:f1:68:6d:db:
                    89:80:57:5a:05:2a:ec:93:f5:69:57:42:f8:1a:1f:
                    3b:ec:6a:93:dd:b4:21:0d:3f:07:cb:a9:c4:b9:30:
                    c0:aa:6f:44:5a:60:8e:6a:21:08:31:43:6a:bb:53:
                    5f:cb:c9:a9:25:44:82:a2:1c:1c:7c:f0:10:3a:7e:
                    e3:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:AC:95:00:0E:98:54:45:A1:A7:4B:03:44:6D:ED:41:3C:0C:47:60
            X509v3 Authority Key Identifier:
                keyid:A3:92:FC:96:A4:87:89:51:4E:B0:9F:56:74:B5:9D:A5:2C:91:14:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e78f83-5384-4c36-8f51-883f2f6cbf04/1/o5L8lqSHiVFOsJ9WdLWdpSyRFIM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:5a:47:6f:cf:48:6d:d7:29:3c:69:0d:95:f8:41:1b:c4:1e:
         80:63:5b:7e:b5:19:96:cd:ca:4e:3b:33:66:b6:06:7f:8e:35:
         f9:bb:90:b4:c4:22:9f:13:19:62:63:a3:d7:b9:af:a7:f9:46:
         c7:ab:87:1e:bd:31:1c:a9:7c:44:af:5d:cf:55:f3:54:1e:8e:
         f5:cc:2d:ad:6c:74:3f:b1:f1:20:7c:ff:f6:71:ff:85:4f:43:
         bb:47:a9:24:b1:2e:10:8f:89:09:ba:6d:e4:3a:4c:66:1c:a9:
         df:df:d0:d8:41:7e:4b:e7:68:84:36:80:f8:75:60:26:a6:9a:
         d4:19:60:39:9d:85:d2:d3:87:30:d2:91:df:c2:75:38:16:49:
         4e:94:4e:b0:02:9f:1c:0d:87:b9:28:96:65:92:71:56:03:d7:
         cd:30:94:8d:5e:2d:a7:58:b8:05:7e:d5:fb:b6:f9:d1:09:ad:
         53:c2:94:d5:2e:82:93:de:3b:f4:09:be:7b:f0:b2:7f:95:ea:
         ec:88:38:e9:02:59:a8:75:cd:cc:51:b2:bc:e4:56:76:88:03:
         51:ca:28:77:bf:cb:8d:81:95:32:c4:37:56:8f:6a:98:62:57:
         24:e9:f2:63:fe:b0:bc:d8:1c:45:06:58:85:c7:88:b4:1b:1d:
         77:f6:33:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHjgS8mEPmMPm8yjw99yTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOTJmYzk2YTQ4Nzg5NTE0ZWIwOWY1Njc0YjU5ZGE1MmM5
MTE0ODMwHhcNMjUwOTA3MDMwMDI5WhcNMjUwOTA4MDMwMDI5WjAzMTEwLwYDVQQD
EygwOGFjOTUwMDBlOTg1NDQ1YTFhNzRiMDM0NDZkZWQ0MTNjMGM0NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfr41fVw/hUn1YLsN9i7p6yVImJp
IYoceTXYAxtSEzvMWNjIlCHLYnr0jWVLW+3y5DrmzQeX4sf/KSePSW3cs2zE3/0S
ia8XSJUG89k3dAzms8+sDxYm3P4wMDyGRi6vDVBIoSCcSqTdy4Wh5SC2veZtTvZ4
jxoEXvAwPKlJYiFi0UQaxL4EABng4EUtXVdhMCsaFr0DTLni678fpoQtoc8dz7tR
c2PUNMiXDRvHH7r5bvre0as1N6/Km3Cy2/FobduJgFdaBSrsk/VpV0L4Gh877GqT
3bQhDT8Hy6nEuTDAqm9EWmCOaiEIMUNqu1Nfy8mpJUSCohwcfPAQOn7jTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAislQAOmFRFoadLA0Rt7UE8DEdgMB8GA1UdIwQY
MBaAFKOS/Jakh4lRTrCfVnS1naUskRSDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzVMOGxxU0hpVkZPc0o5V2RMV2RwU3lSRklNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lNzhmODMtNTM4NC00YzM2LThmNTEt
ODgzZjJmNmNiZjA0LzEvbzVMOGxxU0hpVkZPc0o5V2RMV2RwU3lSRklNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lNzhmODMtNTM4NC00YzM2LThmNTEtODgzZjJmNmNiZjA0
LzEvbzVMOGxxU0hpVkZPc0o5V2RMV2RwU3lSRklNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASFpHb89I
bdcpPGkNlfhBG8QegGNbfrUZls3KTjszZrYGf441+buQtMQinxMZYmOj17mvp/lG
x6uHHr0xHKl8RK9dz1XzVB6O9cwtrWx0P7HxIHz/9nH/hU9Du0epJLEuEI+JCbpt
5DpMZhyp39/Q2EF+S+dohDaA+HVgJqaa1BlgOZ2F0tOHMNKR38J1OBZJTpROsAKf
HA2HuSiWZZJxVgPXzTCUjV4tp1i4BX7V+7b50QmtU8KU1S6Ck9479Am+e/Cyf5Xq
7Ig46QJZqHXNzFGyvORWdogDUcood7/LjYGVMsQ3Vo9qmGJXJOnyY/6wvNgcRQZY
hceItBsdd/YzCA==
-----END CERTIFICATE-----