Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
File:                     oewv8gIW07xkdbhQpGXjYvTs7s0.mft (raw, json)
Hash identifier:          NJoFjkkAuu2ZXIWbuf+HSXBWPoOvX9gJF/LUQqdZaSc=
Subject key identifier:   CB:56:D5:D2:EC:E0:DF:D1:CA:86:51:42:DC:5A:EA:3F:92:EA:69:48
Authority key identifier: A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD
Certificate issuer:       /CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
Certificate serial:       0199228C79158C4DBEB395EF33DBC2B4B31C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
Manifest number:          02F3
Signing time:             Sun 07 Sep 2025 05:00:55 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:55 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:55 +0000
Files and hashes:         1: oewv8gIW07xkdbhQpGXjYvTs7s0.crl (hash: F3IL9WSp/6Z2U1UIuXih2MxSxUQ4+6yljnjua3WDV9o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:79:15:8c:4d:be:b3:95:ef:33:db:c2:b4:b3:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
        Validity
            Not Before: Sep  7 05:00:55 2025 GMT
            Not After : Sep  8 05:00:55 2025 GMT
        Subject: CN=cb56d5d2ece0dfd1ca865142dc5aea3f92ea6948
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:db:e4:05:ba:8f:49:fa:c2:6b:08:92:db:98:
                    30:34:79:ce:b6:aa:de:cd:5b:cb:a3:b3:e8:89:ac:
                    22:50:fa:8c:99:b5:91:fa:b0:f3:51:91:4b:2c:db:
                    6d:4a:97:66:0c:ff:7c:e6:a2:ac:4e:a5:bf:91:1e:
                    e4:3c:06:dc:1b:c2:3a:48:23:ed:75:00:ff:89:b9:
                    5d:07:ce:ac:c5:cf:dc:e7:4e:f9:4f:c1:e5:ba:ad:
                    a6:d8:5f:0e:cd:64:7a:d7:97:ad:46:87:f0:0d:29:
                    19:45:fa:c2:de:c2:14:e0:b2:2a:d1:19:32:12:fb:
                    be:a9:62:dc:85:0a:1e:ef:ed:fa:fd:ce:24:95:57:
                    0d:cb:18:20:36:ac:45:8b:89:6e:22:8d:be:d7:10:
                    a7:fb:74:8c:9b:1e:b2:99:ec:1b:96:f9:96:f4:55:
                    61:52:11:84:05:fc:04:e8:85:68:9f:9d:13:f7:22:
                    de:1b:4d:66:52:88:a4:52:45:93:30:11:da:15:0d:
                    de:90:dc:8d:a4:2d:e3:b2:f3:16:fe:3f:9e:10:e7:
                    9b:7e:2b:4d:41:9f:26:92:2d:07:44:15:02:ac:38:
                    d4:60:7b:ae:4f:c5:70:ee:6b:72:1c:80:94:0e:36:
                    a8:ca:81:40:88:a1:bc:a2:c1:6c:ff:e8:65:06:4e:
                    64:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:56:D5:D2:EC:E0:DF:D1:CA:86:51:42:DC:5A:EA:3F:92:EA:69:48
            X509v3 Authority Key Identifier:
                keyid:A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:bc:29:93:48:bf:34:0f:5f:b1:e5:8d:02:c0:2e:03:c2:43:
         56:a9:79:19:5c:73:28:ea:9b:20:07:c2:30:a7:7f:98:f1:da:
         15:8c:06:68:14:f0:40:b2:4d:8c:c9:5c:ee:d9:ea:b4:00:f6:
         13:a0:14:19:30:f4:e8:d7:44:7a:7a:51:f4:5a:00:0d:25:f3:
         28:25:90:e2:17:c2:ce:07:99:b9:c1:6f:82:a3:4b:73:e8:b7:
         96:10:4d:ed:70:e2:db:97:8f:92:ef:4a:7a:24:35:95:63:11:
         7d:07:a8:bd:9e:0d:58:5d:23:32:66:bc:10:f2:44:89:70:86:
         63:1c:b2:98:13:47:ce:e1:14:eb:39:07:7a:2c:c9:86:14:93:
         8a:58:e5:1a:46:18:57:64:38:50:ac:53:fa:c3:6a:3b:05:89:
         a7:12:c9:9e:5b:1d:eb:c2:6d:7a:c0:30:02:70:80:52:8d:64:
         88:48:6e:5c:b1:5e:98:a3:45:c3:1d:dd:aa:4d:86:37:31:fb:
         24:f8:97:52:56:2a:45:4f:c3:c0:f1:44:ca:d5:20:a3:af:8e:
         3f:7f:64:2b:a2:6b:0a:ce:aa:8a:cb:74:d7:a3:64:0a:f0:a8:
         74:cc:e5:f6:b4:45:6d:d4:2f:25:ab:9e:9b:39:ec:9c:33:c5:
         92:52:5d:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijHkVjE2+s5XvM9vCtLMcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZWMyZmYyMDIxNmQzYmM2NDc1Yjg1MGE0NjVlMzYyZjRl
Y2VlY2QwHhcNMjUwOTA3MDUwMDU1WhcNMjUwOTA4MDUwMDU1WjAzMTEwLwYDVQQD
EyhjYjU2ZDVkMmVjZTBkZmQxY2E4NjUxNDJkYzVhZWEzZjkyZWE2OTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9vkBbqPSfrCawiS25gwNHnOtqre
zVvLo7PoiawiUPqMmbWR+rDzUZFLLNttSpdmDP985qKsTqW/kR7kPAbcG8I6SCPt
dQD/ibldB86sxc/c5075T8Hluq2m2F8OzWR615etRofwDSkZRfrC3sIU4LIq0Rky
Evu+qWLchQoe7+36/c4klVcNyxggNqxFi4luIo2+1xCn+3SMmx6ymewblvmW9FVh
UhGEBfwE6IVon50T9yLeG01mUoikUkWTMBHaFQ3ekNyNpC3jsvMW/j+eEOebfitN
QZ8mki0HRBUCrDjUYHuuT8Vw7mtyHICUDjaoyoFAiKG8osFs/+hlBk5kOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtW1dLs4N/RyoZRQtxa6j+S6mlIMB8GA1UdIwQY
MBaAFKHsL/ICFtO8ZHW4UKRl42L07O7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMt
NTA3NTYzODg1NDAzLzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMtNTA3NTYzODg1NDAz
LzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARbwpk0i/
NA9fseWNAsAuA8JDVql5GVxzKOqbIAfCMKd/mPHaFYwGaBTwQLJNjMlc7tnqtAD2
E6AUGTD06NdEenpR9FoADSXzKCWQ4hfCzgeZucFvgqNLc+i3lhBN7XDi25ePku9K
eiQ1lWMRfQeovZ4NWF0jMma8EPJEiXCGYxyymBNHzuEU6zkHeizJhhSTiljlGkYY
V2Q4UKxT+sNqOwWJpxLJnlsd68JtesAwAnCAUo1kiEhuXLFemKNFwx3dqk2GNzH7
JPiXUlYqRU/DwPFEytUgo6+OP39kK6JrCs6qist016NkCvCodMzl9rRFbdQvJaue
mznsnDPFklJdyQ==
-----END CERTIFICATE-----