Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft
File:                     o8B3uDdyoALVxPi5IY7A3H8EDL8.mft (raw, json)
Hash identifier:          fpe9fwe7njkF/sDFA7BH8RAy/3UEaU+LBGpkQdSsIXM=
Subject key identifier:   84:5B:A8:F9:FD:92:C8:20:07:BA:31:F7:06:DD:27:97:6C:99:E0:FF
Authority key identifier: A3:C0:77:B8:37:72:A0:02:D5:C4:F8:B9:21:8E:C0:DC:7F:04:0C:BF
Certificate issuer:       /CN=a3c077b83772a002d5c4f8b9218ec0dc7f040cbf
Certificate serial:       0197D2860AE11D0DBA1546FC08803D0820A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft
Manifest number:          15C2
Signing time:             Thu 03 Jul 2025 23:01:29 +0000
Manifest this update:     Thu 03 Jul 2025 23:01:29 +0000
Manifest next update:     Fri 04 Jul 2025 23:01:29 +0000
Files and hashes:         1: o8B3uDdyoALVxPi5IY7A3H8EDL8.crl (hash: O3QLvSKtDhzstZgivRxWMP8bVpI89YX47KFi03M+0q4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 17:39:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d2:86:0a:e1:1d:0d:ba:15:46:fc:08:80:3d:08:20:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3c077b83772a002d5c4f8b9218ec0dc7f040cbf
        Validity
            Not Before: Jul  3 23:01:29 2025 GMT
            Not After : Jul  4 23:01:29 2025 GMT
        Subject: CN=845ba8f9fd92c82007ba31f706dd27976c99e0ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5b:69:99:94:79:60:6e:c5:a9:9a:c8:a1:78:
                    72:23:c1:fc:04:bc:0b:59:da:9e:16:86:89:79:29:
                    47:61:2d:f4:37:7f:bb:e1:ac:ff:5b:75:d0:28:e2:
                    70:97:46:53:29:15:d2:80:c0:21:2e:43:8a:39:1e:
                    c5:09:25:09:ec:04:c2:64:5d:f1:fa:dd:d3:09:a5:
                    d5:53:90:12:22:54:62:d0:b2:16:82:36:54:27:49:
                    4e:0f:5b:07:d1:aa:48:ff:19:bb:67:a2:2d:a2:e6:
                    48:bc:e8:79:47:d4:05:82:a2:09:24:be:19:fc:a1:
                    71:d0:c5:80:6c:b7:4d:a2:6c:a6:d0:47:e4:91:78:
                    3f:d4:5b:be:5f:43:11:80:40:94:03:03:a9:16:77:
                    6f:7a:a2:82:d6:e1:57:93:a1:67:84:fe:1f:c6:c0:
                    8d:46:11:c6:bf:50:6a:28:8f:87:5e:51:f3:c9:e1:
                    00:e0:59:f2:dc:43:1d:be:ab:7f:41:0b:bf:cb:dc:
                    99:f2:25:1c:22:c2:65:3c:fd:06:04:d5:3c:3f:af:
                    a8:2f:ac:89:10:19:8c:63:e5:42:fa:9f:55:4a:b7:
                    7a:51:4a:9a:17:70:ed:ac:25:82:40:24:e8:16:12:
                    98:c1:5d:3b:83:02:ee:eb:96:89:f7:e8:c4:38:78:
                    dd:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:5B:A8:F9:FD:92:C8:20:07:BA:31:F7:06:DD:27:97:6C:99:E0:FF
            X509v3 Authority Key Identifier:
                keyid:A3:C0:77:B8:37:72:A0:02:D5:C4:F8:B9:21:8E:C0:DC:7F:04:0C:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:91:c5:d9:57:83:12:e0:ce:d4:c7:66:0b:b7:41:51:6d:e2:
         dd:d6:2e:0c:78:a6:90:72:04:7a:2b:e2:81:1f:c9:69:51:37:
         68:c4:dc:81:79:f8:66:62:2a:97:f8:2d:1a:51:5e:9b:cd:02:
         52:65:dd:61:5e:ce:c3:37:4a:10:09:bd:70:2e:df:6c:64:6b:
         22:b2:36:fd:24:b6:ff:34:c9:37:e1:c4:81:f7:47:98:ac:c6:
         7b:84:bb:ce:51:da:9d:12:27:64:c8:3d:5b:4a:88:ae:e3:c5:
         d4:a4:c1:4e:bc:6e:1c:2d:77:a1:64:7f:ac:2c:c7:26:5e:3a:
         b8:4f:52:98:c2:76:6a:d1:75:8f:81:07:4a:da:95:c1:56:9c:
         6f:67:d8:02:48:41:76:27:18:c5:aa:cc:32:25:d2:a1:6c:d8:
         61:9c:df:2b:f3:4c:91:5a:d4:69:b1:f3:73:20:ff:0c:e0:80:
         4f:62:c4:a2:7c:c7:20:1a:19:9e:2e:51:d6:2c:ed:ea:4e:9d:
         8f:30:d9:b8:62:0e:5d:96:9a:a8:7f:15:0c:86:fa:a3:40:c9:
         5e:09:ae:80:ba:6e:2f:1f:13:87:b4:1e:56:4e:14:40:bc:01:
         ec:73:70:79:8b:3d:54:ca:48:0d:2b:19:02:ef:19:63:bb:0b:
         23:d5:a8:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfShgrhHQ26FUb8CIA9CCCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzA3N2I4Mzc3MmEwMDJkNWM0ZjhiOTIxOGVjMGRjN2Yw
NDBjYmYwHhcNMjUwNzAzMjMwMTI5WhcNMjUwNzA0MjMwMTI5WjAzMTEwLwYDVQQD
Eyg4NDViYThmOWZkOTJjODIwMDdiYTMxZjcwNmRkMjc5NzZjOTllMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVtpmZR5YG7FqZrIoXhyI8H8BLwL
WdqeFoaJeSlHYS30N3+74az/W3XQKOJwl0ZTKRXSgMAhLkOKOR7FCSUJ7ATCZF3x
+t3TCaXVU5ASIlRi0LIWgjZUJ0lOD1sH0apI/xm7Z6ItouZIvOh5R9QFgqIJJL4Z
/KFx0MWAbLdNomym0EfkkXg/1Fu+X0MRgECUAwOpFndveqKC1uFXk6FnhP4fxsCN
RhHGv1BqKI+HXlHzyeEA4Fny3EMdvqt/QQu/y9yZ8iUcIsJlPP0GBNU8P6+oL6yJ
EBmMY+VC+p9VSrd6UUqaF3DtrCWCQCToFhKYwV07gwLu65aJ9+jEOHjdawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRbqPn9ksggB7ox9wbdJ5dsmeD/MB8GA1UdIwQY
MBaAFKPAd7g3cqAC1cT4uSGOwNx/BAy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9mY2ViMDItYjBmMS00OTE3LTg1YzIt
NzA2YWIzZTgzZDFkLzEvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9mY2ViMDItYjBmMS00OTE3LTg1YzItNzA2YWIzZTgzZDFk
LzEvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeZHF2VeD
EuDO1MdmC7dBUW3i3dYuDHimkHIEeivigR/JaVE3aMTcgXn4ZmIql/gtGlFem80C
UmXdYV7OwzdKEAm9cC7fbGRrIrI2/SS2/zTJN+HEgfdHmKzGe4S7zlHanRInZMg9
W0qIruPF1KTBTrxuHC13oWR/rCzHJl46uE9SmMJ2atF1j4EHStqVwVacb2fYAkhB
dicYxarMMiXSoWzYYZzfK/NMkVrUabHzcyD/DOCAT2LEonzHIBoZni5R1izt6k6d
jzDZuGIOXZaaqH8VDIb6o0DJXgmugLpuLx8Th7QeVk4UQLwB7HNweYs9VMpIDSsZ
Au8ZY7sLI9Wo3A==
-----END CERTIFICATE-----