Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
File:                     ogqr6NvAhXg0PCW4xomHpevAOMk.mft (raw, json)
Hash identifier:          4YD/Vc6t2/aNK5KOyy8JWFwXVgQbHw3XTyi4+Jjc/Ng=
Subject key identifier:   45:A4:D1:F8:DE:FF:13:84:B8:33:5C:2A:29:50:55:05:35:53:31:F9
Authority key identifier: A2:0A:AB:E8:DB:C0:85:78:34:3C:25:B8:C6:89:87:A5:EB:C0:38:C9
Certificate issuer:       /CN=a20aabe8dbc08578343c25b8c68987a5ebc038c9
Certificate serial:       01992444129FE417D19E6CECB0A62B757192
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
Manifest number:          C2
Signing time:             Sun 07 Sep 2025 13:01:04 +0000
Manifest this update:     Sun 07 Sep 2025 13:01:04 +0000
Manifest next update:     Mon 08 Sep 2025 13:01:04 +0000
Files and hashes:         1: ogqr6NvAhXg0PCW4xomHpevAOMk.crl (hash: Qvqzeu3MpNoxfdjcbLUbw2OT34vZ8NaQCJq32Gp4g7M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:44:12:9f:e4:17:d1:9e:6c:ec:b0:a6:2b:75:71:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a20aabe8dbc08578343c25b8c68987a5ebc038c9
        Validity
            Not Before: Sep  7 13:01:04 2025 GMT
            Not After : Sep  8 13:01:04 2025 GMT
        Subject: CN=45a4d1f8deff1384b8335c2a29505505355331f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e3:6f:19:25:a0:dd:d1:6b:dd:cc:d9:c1:20:
                    29:e7:d8:84:6d:e6:aa:28:3b:cb:bf:55:d4:bd:ac:
                    c7:5d:37:ec:7a:71:f9:92:f0:18:25:3b:56:ac:7e:
                    8c:3c:a4:eb:9a:bd:e2:5d:81:4c:43:bb:72:77:1a:
                    29:21:51:ee:9c:26:6c:ec:a5:2f:97:d3:ae:56:f2:
                    c7:35:87:05:3a:5f:52:f4:46:d0:0b:49:39:e5:28:
                    73:17:c1:28:3c:33:61:7c:58:a7:eb:74:b7:8d:4a:
                    73:d7:14:19:fa:a9:b0:d2:ba:93:6c:da:fa:f5:4a:
                    df:98:c1:5e:8d:fb:a6:23:9e:c0:fa:1d:80:22:ef:
                    bc:25:af:99:3c:5a:3c:8b:1a:cc:4d:8e:85:8c:e0:
                    a0:83:a0:be:bf:b2:a4:c6:b3:96:73:42:37:39:5f:
                    d9:34:75:90:ac:80:d9:6a:d1:70:79:11:20:de:51:
                    a8:db:88:37:49:d5:6b:0e:02:12:3a:fa:47:5d:ad:
                    e4:9e:12:e5:dd:7f:fa:98:79:06:0f:19:b4:89:81:
                    c9:ac:00:5a:3d:a3:d6:9a:29:a8:f2:d3:7e:20:b7:
                    07:32:ca:a0:c9:d5:2e:9c:8e:bb:6a:bd:67:5d:53:
                    ab:91:1b:07:76:ef:26:ee:b4:0f:6d:39:f1:2b:49:
                    49:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:A4:D1:F8:DE:FF:13:84:B8:33:5C:2A:29:50:55:05:35:53:31:F9
            X509v3 Authority Key Identifier:
                keyid:A2:0A:AB:E8:DB:C0:85:78:34:3C:25:B8:C6:89:87:A5:EB:C0:38:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:ad:b5:a6:ae:97:32:b6:97:34:62:30:35:76:a6:2e:1c:fe:
         48:e5:3d:95:5c:0b:59:50:bc:03:31:c0:15:5c:73:86:e0:44:
         eb:f7:b9:43:9c:05:24:d0:68:16:8b:ff:04:5c:4f:5c:4a:36:
         30:86:29:55:f3:3f:c3:75:94:29:5b:a3:be:14:88:1a:d5:ba:
         a5:62:05:b9:6f:ec:53:69:7e:75:6c:45:b4:ff:97:a8:4f:dd:
         b2:08:39:3e:25:a2:c1:23:84:51:4e:12:c7:51:0b:68:00:fe:
         ae:56:7f:3f:d9:a0:25:ca:cb:e2:d4:ff:f3:2c:02:16:61:28:
         79:30:9f:44:c7:5a:5c:69:1b:06:b5:9f:db:c7:b7:25:27:21:
         b9:ed:16:26:90:be:6e:5f:dd:c3:e0:ef:22:de:16:b7:16:d2:
         9b:b9:c6:d8:4c:98:c0:9f:a2:a7:c2:0c:39:23:c8:97:ff:ba:
         38:bf:c5:89:fc:5c:6e:2d:20:14:2c:2e:d4:f6:fe:b5:91:44:
         e1:d6:43:5b:29:11:1f:f6:cb:ed:d5:16:36:52:88:08:77:9d:
         d7:b8:dd:0b:ea:e7:e1:a2:3d:45:73:1f:f3:16:4a:30:bf:7e:
         ab:6b:b6:76:54:3e:c5:57:c9:57:78:23:cc:e4:d9:21:13:c5:
         72:3e:87:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkRBKf5BfRnmzssKYrdXGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMGFhYmU4ZGJjMDg1NzgzNDNjMjViOGM2ODk4N2E1ZWJj
MDM4YzkwHhcNMjUwOTA3MTMwMTA0WhcNMjUwOTA4MTMwMTA0WjAzMTEwLwYDVQQD
Eyg0NWE0ZDFmOGRlZmYxMzg0YjgzMzVjMmEyOTUwNTUwNTM1NTMzMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeNvGSWg3dFr3czZwSAp59iEbeaq
KDvLv1XUvazHXTfsenH5kvAYJTtWrH6MPKTrmr3iXYFMQ7tydxopIVHunCZs7KUv
l9OuVvLHNYcFOl9S9EbQC0k55ShzF8EoPDNhfFin63S3jUpz1xQZ+qmw0rqTbNr6
9UrfmMFejfumI57A+h2AIu+8Ja+ZPFo8ixrMTY6FjOCgg6C+v7KkxrOWc0I3OV/Z
NHWQrIDZatFweREg3lGo24g3SdVrDgISOvpHXa3knhLl3X/6mHkGDxm0iYHJrABa
PaPWmimo8tN+ILcHMsqgydUunI67ar1nXVOrkRsHdu8m7rQPbTnxK0lJqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWk0fje/xOEuDNcKilQVQU1UzH5MB8GA1UdIwQY
MBaAFKIKq+jbwIV4NDwluMaJh6XrwDjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC84N2NkMzMtZDYyMy00ZjExLWFjMjYt
NzFkNjQ5YzNmZDM1LzEvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC84N2NkMzMtZDYyMy00ZjExLWFjMjYtNzFkNjQ5YzNmZDM1
LzEvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuq21pq6X
MraXNGIwNXamLhz+SOU9lVwLWVC8AzHAFVxzhuBE6/e5Q5wFJNBoFov/BFxPXEo2
MIYpVfM/w3WUKVujvhSIGtW6pWIFuW/sU2l+dWxFtP+XqE/dsgg5PiWiwSOEUU4S
x1ELaAD+rlZ/P9mgJcrL4tT/8ywCFmEoeTCfRMdaXGkbBrWf28e3JSchue0WJpC+
bl/dw+DvIt4WtxbSm7nG2EyYwJ+ip8IMOSPIl/+6OL/Fifxcbi0gFCwu1Pb+tZFE
4dZDWykRH/bL7dUWNlKICHed17jdC+rn4aI9RXMf8xZKML9+q2u2dlQ+xVfJV3gj
zOTZIRPFcj6HPg==
-----END CERTIFICATE-----