Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft
File:                     o8B3uDdyoALVxPi5IY7A3H8EDL8.mft (raw, json)
Hash identifier:          GyjUqqBAKFnmanhSvx1OvznVOBllG4eAdyE0V0HT8aY=
Subject key identifier:   B7:B6:BF:06:B1:17:07:43:54:DD:BE:D4:D0:B0:C2:2A:7E:E0:0B:FD
Authority key identifier: A3:C0:77:B8:37:72:A0:02:D5:C4:F8:B9:21:8E:C0:DC:7F:04:0C:BF
Certificate issuer:       /CN=a3c077b83772a002d5c4f8b9218ec0dc7f040cbf
Certificate serial:       0199228CD9D4D44FDACC3A34A413115DA403
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 05:01:19 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:19 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:19 +0000
Files and hashes:         1: o8B3uDdyoALVxPi5IY7A3H8EDL8.crl (hash: +Fnu30vmsl3nsV2Rx7CiWYqHK7vWgRMT/1u1dBY7rng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:d9:d4:d4:4f:da:cc:3a:34:a4:13:11:5d:a4:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3c077b83772a002d5c4f8b9218ec0dc7f040cbf
        Validity
            Not Before: Sep  7 05:01:19 2025 GMT
            Not After : Sep  8 05:01:19 2025 GMT
        Subject: CN=b7b6bf06b117074354ddbed4d0b0c22a7ee00bfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a0:dc:5d:2f:a1:22:b5:a7:e3:b8:5b:c2:54:
                    2c:eb:4d:59:57:7c:95:a5:33:31:08:35:bc:86:61:
                    5d:0a:f2:24:32:c1:a8:ed:e4:33:41:bd:a2:09:cd:
                    22:87:b9:80:c5:3c:8b:6e:5f:79:00:03:21:1a:8f:
                    a6:8a:34:3b:13:60:c3:4d:d0:ee:7d:ba:72:da:82:
                    06:bf:b0:e4:0e:f8:47:ae:4e:d9:94:e1:ba:48:4d:
                    2d:b7:f6:0d:fc:95:81:23:71:2d:b7:b7:39:d5:4c:
                    7f:42:c2:c5:e4:73:3a:4e:30:9e:81:2c:36:3f:8b:
                    c3:4c:7f:7c:a5:87:a0:d0:cf:d7:41:de:3d:29:9c:
                    27:88:e1:d4:67:e0:1b:28:bd:7a:77:a9:75:f2:32:
                    da:cf:f5:35:b6:db:8b:58:8d:bf:46:db:44:ad:79:
                    c2:c9:7d:e3:dc:22:f0:c6:f8:00:dd:7c:d9:8a:81:
                    4c:bd:cb:38:10:38:51:eb:5a:43:0d:3b:dd:00:d5:
                    b0:3b:32:8a:b7:5f:c9:df:a6:9f:65:e4:b5:03:5d:
                    88:d5:77:b0:ba:43:06:a8:d6:74:4d:cc:66:45:95:
                    a5:2b:ad:e7:90:0a:5b:d5:29:31:5d:12:a0:f8:9e:
                    d4:79:dc:02:cf:de:11:6e:1c:6c:8f:2f:9c:16:30:
                    63:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:B6:BF:06:B1:17:07:43:54:DD:BE:D4:D0:B0:C2:2A:7E:E0:0B:FD
            X509v3 Authority Key Identifier:
                keyid:A3:C0:77:B8:37:72:A0:02:D5:C4:F8:B9:21:8E:C0:DC:7F:04:0C:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:46:6a:f0:db:0f:31:25:06:73:20:fa:be:32:19:6c:4b:08:
         05:46:08:ae:34:28:7b:60:e9:2b:7e:02:fc:ac:8a:d8:12:67:
         b6:30:b5:de:96:ff:02:fc:a9:6d:6e:1b:46:45:92:c1:79:8e:
         9d:ad:07:65:c1:9d:7d:3e:5f:51:42:fb:0d:7d:c7:6b:45:f9:
         97:73:88:77:98:0a:cb:21:a2:f6:b1:34:45:fc:b4:fa:ca:69:
         81:53:30:e0:b3:13:bf:0f:2c:f9:0f:46:99:e4:54:86:af:7d:
         f3:44:20:6c:7e:83:d6:37:06:d7:ae:a2:66:8b:72:cf:d6:dc:
         a0:44:69:d2:60:d3:dd:e7:61:0a:fa:6a:2c:f5:2a:0c:9d:09:
         22:74:bf:53:68:f2:e5:1d:cc:4f:44:ac:46:e6:7d:5f:d1:0a:
         ac:dd:22:50:d7:bd:b9:d4:b6:46:0b:85:07:22:f3:93:e8:ab:
         70:75:a2:0e:7e:5a:85:c4:b4:9c:bc:51:f9:ec:55:94:88:4e:
         5c:f5:eb:ac:c6:70:d9:4c:02:cf:44:d4:66:50:b3:79:75:b5:
         8f:4e:00:f2:ce:82:44:6d:4b:ae:ee:b7:6f:9d:5c:87:1d:72:
         80:8f:2a:f5:78:76:19:af:c4:f1:75:e6:65:e9:b4:fe:86:2c:
         10:af:09:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijNnU1E/azDo0pBMRXaQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzA3N2I4Mzc3MmEwMDJkNWM0ZjhiOTIxOGVjMGRjN2Yw
NDBjYmYwHhcNMjUwOTA3MDUwMTE5WhcNMjUwOTA4MDUwMTE5WjAzMTEwLwYDVQQD
EyhiN2I2YmYwNmIxMTcwNzQzNTRkZGJlZDRkMGIwYzIyYTdlZTAwYmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaDcXS+hIrWn47hbwlQs601ZV3yV
pTMxCDW8hmFdCvIkMsGo7eQzQb2iCc0ih7mAxTyLbl95AAMhGo+mijQ7E2DDTdDu
fbpy2oIGv7DkDvhHrk7ZlOG6SE0tt/YN/JWBI3Ett7c51Ux/QsLF5HM6TjCegSw2
P4vDTH98pYeg0M/XQd49KZwniOHUZ+AbKL16d6l18jLaz/U1ttuLWI2/RttErXnC
yX3j3CLwxvgA3XzZioFMvcs4EDhR61pDDTvdANWwOzKKt1/J36afZeS1A12I1Xew
ukMGqNZ0TcxmRZWlK63nkApb1SkxXRKg+J7UedwCz94Rbhxsjy+cFjBjyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLe2vwaxFwdDVN2+1NCwwip+4Av9MB8GA1UdIwQY
MBaAFKPAd7g3cqAC1cT4uSGOwNx/BAy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9mY2ViMDItYjBmMS00OTE3LTg1YzIt
NzA2YWIzZTgzZDFkLzEvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9mY2ViMDItYjBmMS00OTE3LTg1YzItNzA2YWIzZTgzZDFk
LzEvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcUZq8NsP
MSUGcyD6vjIZbEsIBUYIrjQoe2DpK34C/KyK2BJntjC13pb/AvypbW4bRkWSwXmO
na0HZcGdfT5fUUL7DX3Ha0X5l3OId5gKyyGi9rE0Rfy0+sppgVMw4LMTvw8s+Q9G
meRUhq9980QgbH6D1jcG166iZotyz9bcoERp0mDT3edhCvpqLPUqDJ0JInS/U2jy
5R3MT0SsRuZ9X9EKrN0iUNe9udS2RguFByLzk+ircHWiDn5ahcS0nLxR+exVlIhO
XPXrrMZw2UwCz0TUZlCzeXW1j04A8s6CRG1Lru63b51chx1ygI8q9Xh2Ga/E8XXm
Zem0/oYsEK8Jaw==
-----END CERTIFICATE-----