Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          qw8FbGtSmE901e63XAv3hj2fhHtbWLtgjmuqQOCIEDQ=
Subject key identifier:   0E:E9:29:A9:62:92:82:A7:48:6D:83:0B:8D:4A:4A:A3:18:83:C5:BB
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       019745F8F959D7D837926971A8A1A698B2BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          098B
Signing time:             Fri 06 Jun 2025 16:00:34 +0000
Manifest this update:     Fri 06 Jun 2025 16:00:34 +0000
Manifest next update:     Sat 07 Jun 2025 16:00:34 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: 587YzFhizleygPYuZD7g5d/4M0o1guxc/aXufMfJSCY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 16:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:45:f8:f9:59:d7:d8:37:92:69:71:a8:a1:a6:98:b2:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: Jun  6 16:00:34 2025 GMT
            Not After : Jun  7 16:00:34 2025 GMT
        Subject: CN=0ee929a9629282a7486d830b8d4a4aa31883c5bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bf:8c:8c:6f:2a:98:af:94:f7:29:ee:d1:58:
                    38:c4:53:f4:3d:dd:60:21:95:32:5f:e8:84:77:fb:
                    af:ad:02:09:83:e3:25:7e:7e:1b:f8:4a:78:3c:9f:
                    05:e3:9f:a5:6a:0b:e9:fa:4b:23:ea:9f:bc:c8:e6:
                    c0:48:f9:59:b3:1c:ee:5d:dc:d4:81:f0:40:da:d4:
                    ab:55:cf:55:38:10:d3:ac:64:5a:0f:de:cd:b3:37:
                    2c:5a:09:5a:74:ad:30:77:97:05:74:31:67:24:04:
                    84:02:4a:6c:05:d4:6d:f7:74:df:85:64:8f:f6:2e:
                    88:a0:09:e0:76:31:b2:dd:a6:97:a7:0a:fa:13:bd:
                    c8:f9:93:44:8f:a9:68:66:1f:d0:9a:3b:71:22:c7:
                    9a:2b:04:29:88:ea:9b:a5:83:11:75:9b:50:f0:5b:
                    94:47:17:e9:b7:23:bb:9a:97:a6:6b:39:ec:2a:09:
                    d2:5f:ab:bd:a6:2c:64:a0:3e:79:e0:90:eb:21:44:
                    53:61:0f:ef:e0:c3:66:a5:d6:21:c8:6c:3e:84:84:
                    1e:a9:b0:df:f2:f4:04:d5:c6:8f:2e:d2:08:79:ad:
                    89:69:b2:af:b7:72:64:50:b1:3b:4e:e4:06:06:e1:
                    b1:6a:78:34:3d:f1:7b:64:8e:99:58:b0:36:6f:0b:
                    d5:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:E9:29:A9:62:92:82:A7:48:6D:83:0B:8D:4A:4A:A3:18:83:C5:BB
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:93:0c:35:77:5c:5e:35:dc:3a:ca:8b:70:00:de:d5:12:18:
         e3:48:c4:70:95:46:16:72:66:e6:ba:1e:f1:67:5c:0e:4f:bd:
         1e:13:bc:24:23:4d:2a:fd:fb:63:3e:7f:b6:e2:4d:46:41:ce:
         94:4d:ba:86:78:56:7a:a4:30:83:83:59:b4:d3:87:5b:7c:49:
         46:c3:10:ea:00:70:84:ff:c6:58:d5:ea:8e:b5:c5:85:52:d3:
         fb:e7:e2:c6:cb:d3:b6:73:e9:b7:84:10:a2:36:79:af:c5:9c:
         12:c6:5f:13:e7:24:4e:c8:15:ee:b9:03:d1:45:48:ad:9a:55:
         a9:70:d6:7e:c0:3d:31:96:51:19:d4:8b:ac:40:dc:03:39:4b:
         a9:20:1f:d8:f1:7c:b0:86:e5:ee:63:3d:e4:6d:2c:50:a7:7b:
         de:6f:b5:2a:fb:bd:60:55:92:f2:91:9f:fb:42:d8:7b:5b:cb:
         17:73:9b:e4:1b:03:10:ef:29:78:31:b6:f7:ca:93:ff:f9:08:
         7f:77:ad:92:8c:4e:d6:e1:ee:7d:ff:91:8f:73:3a:39:a7:e0:
         d9:0c:39:c0:fe:b3:f0:82:92:1e:72:83:12:a7:98:11:6f:2e:
         78:03:05:39:cb:2e:a4:31:93:d2:23:1a:2a:ba:fe:e7:a5:37:
         d7:5d:35:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdF+PlZ19g3kmlxqKGmmLK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjUwNjA2MTYwMDM0WhcNMjUwNjA3MTYwMDM0WjAzMTEwLwYDVQQD
EygwZWU5MjlhOTYyOTI4MmE3NDg2ZDgzMGI4ZDRhNGFhMzE4ODNjNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb+MjG8qmK+U9ynu0Vg4xFP0Pd1g
IZUyX+iEd/uvrQIJg+Mlfn4b+Ep4PJ8F45+lagvp+ksj6p+8yObASPlZsxzuXdzU
gfBA2tSrVc9VOBDTrGRaD97NszcsWgladK0wd5cFdDFnJASEAkpsBdRt93TfhWSP
9i6IoAngdjGy3aaXpwr6E73I+ZNEj6loZh/QmjtxIseaKwQpiOqbpYMRdZtQ8FuU
RxfptyO7mpemaznsKgnSX6u9pixkoD554JDrIURTYQ/v4MNmpdYhyGw+hIQeqbDf
8vQE1caPLtIIea2JabKvt3JkULE7TuQGBuGxang0PfF7ZI6ZWLA2bwvVqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7pKalikoKnSG2DC41KSqMYg8W7MB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxpMMNXdc
XjXcOsqLcADe1RIY40jEcJVGFnJm5roe8WdcDk+9HhO8JCNNKv37Yz5/tuJNRkHO
lE26hnhWeqQwg4NZtNOHW3xJRsMQ6gBwhP/GWNXqjrXFhVLT++fixsvTtnPpt4QQ
ojZ5r8WcEsZfE+ckTsgV7rkD0UVIrZpVqXDWfsA9MZZRGdSLrEDcAzlLqSAf2PF8
sIbl7mM95G0sUKd73m+1Kvu9YFWS8pGf+0LYe1vLF3Ob5BsDEO8peDG298qT//kI
f3etkoxO1uHuff+Rj3M6Oafg2Qw5wP6z8IKSHnKDEqeYEW8ueAMFOcsupDGT0iMa
Krr+56U311011w==
-----END CERTIFICATE-----