Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft
File:                     OEzdzXTQQilYPSwr7tBz4AlrozU.mft (raw, json)
Hash identifier:          a5Azsu1YRyo0SgtGRMRF7DgvrjaaGikbgsGKtAXWn4w=
Subject key identifier:   64:1C:21:95:B6:A9:7C:29:E3:F6:46:84:D6:C7:F5:90:A1:D5:9B:39
Authority key identifier: 38:4C:DD:CD:74:D0:42:29:58:3D:2C:2B:EE:D0:73:E0:09:6B:A3:35
Certificate issuer:       /CN=384cddcd74d04229583d2c2beed073e0096ba335
Certificate serial:       019921B0E4113C44D886E7A272A22DE81CA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft
Manifest number:          06C3
Signing time:             Sun 07 Sep 2025 01:01:04 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:04 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:04 +0000
Files and hashes:         1: OEzdzXTQQilYPSwr7tBz4AlrozU.crl (hash: kVtE4J/bq3dQUwCqq1zRuMxDrS99rs9yqVpaQb9dsY8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:e4:11:3c:44:d8:86:e7:a2:72:a2:2d:e8:1c:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384cddcd74d04229583d2c2beed073e0096ba335
        Validity
            Not Before: Sep  7 01:01:04 2025 GMT
            Not After : Sep  8 01:01:04 2025 GMT
        Subject: CN=641c2195b6a97c29e3f64684d6c7f590a1d59b39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:6a:74:d4:02:30:b7:35:7f:c7:84:b1:29:a0:
                    55:55:7e:d4:b7:c4:8c:b3:29:2e:c8:84:45:24:c5:
                    49:bc:20:b1:0a:63:7b:f4:c9:08:ae:b7:11:9c:01:
                    b7:32:97:e1:3d:bd:56:1a:e7:4b:c1:8d:fd:95:03:
                    f6:3f:9b:3e:19:ae:5d:ac:09:fe:36:18:6a:f4:e5:
                    99:2f:bb:04:fa:9d:47:e5:ac:9b:e2:5a:35:b6:a8:
                    2f:f9:1d:ff:66:7c:ba:d8:9e:96:c0:58:a0:63:2c:
                    8b:1c:0c:26:19:d0:a7:84:f7:12:06:8d:d1:b6:86:
                    59:bd:f9:05:9d:eb:7a:10:b4:0a:cd:bd:d9:cf:3c:
                    96:c2:b6:0e:9f:03:85:3b:a2:2e:33:c7:ba:03:25:
                    d5:10:26:77:d2:84:9a:7b:14:61:c0:4a:5f:98:c7:
                    b3:ea:d4:a8:9e:0d:d6:64:c0:a0:ef:54:b0:66:94:
                    35:0e:f3:7d:25:f6:a8:36:94:02:19:41:c0:18:4d:
                    bf:ff:b3:25:3a:20:3c:84:13:75:46:a5:e8:03:86:
                    fb:cb:07:b7:ec:5d:23:87:5a:f6:36:46:42:bb:fc:
                    61:76:88:df:e0:12:e2:0d:e2:3c:8e:9a:76:58:60:
                    95:b4:64:9c:d1:40:79:b2:3b:b0:b4:e7:44:79:ec:
                    82:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:1C:21:95:B6:A9:7C:29:E3:F6:46:84:D6:C7:F5:90:A1:D5:9B:39
            X509v3 Authority Key Identifier:
                keyid:38:4C:DD:CD:74:D0:42:29:58:3D:2C:2B:EE:D0:73:E0:09:6B:A3:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:eb:66:8e:54:09:a9:59:ab:7d:55:4f:0c:12:dc:a6:96:66:
         a9:04:57:74:10:d6:33:35:c8:41:03:f7:bb:b4:0d:50:9b:96:
         63:b0:b4:c8:00:2f:79:db:8d:a7:d8:96:3c:6d:94:e1:c5:f8:
         ae:9c:e3:92:95:79:56:f6:92:bb:74:74:95:78:a3:bd:05:87:
         16:95:27:d0:62:31:22:31:a3:4a:9a:c4:79:fc:8c:91:c7:4d:
         e1:98:9c:81:b9:ed:24:ab:ff:3f:80:d9:96:24:7e:71:bc:e1:
         94:82:48:ca:0c:7f:c1:6e:38:62:56:36:79:48:ee:e6:3d:b4:
         da:50:6a:4a:83:98:c8:25:82:ba:91:5b:c0:17:80:7c:9c:5e:
         a1:d8:e9:75:e9:e8:63:7c:b5:aa:62:03:65:73:fb:af:ba:ac:
         2c:c7:9d:ed:9b:d0:b2:81:46:30:88:16:7b:65:c7:91:fc:5c:
         26:a7:c6:93:a6:70:54:58:0c:7c:c2:e1:24:60:9b:e8:dc:31:
         47:b3:f1:ea:fa:75:ee:ec:88:72:ba:5b:ba:78:5c:18:7b:90:
         2c:1d:89:35:af:e7:06:53:b2:b8:36:d3:b1:85:a2:90:4e:8f:
         fc:20:2a:03:77:7c:60:3f:6c:03:41:a0:f9:7e:76:19:ce:ab:
         08:94:ea:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsOQRPETYhueicqIt6ByhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGNkZGNkNzRkMDQyMjk1ODNkMmMyYmVlZDA3M2UwMDk2
YmEzMzUwHhcNMjUwOTA3MDEwMTA0WhcNMjUwOTA4MDEwMTA0WjAzMTEwLwYDVQQD
Eyg2NDFjMjE5NWI2YTk3YzI5ZTNmNjQ2ODRkNmM3ZjU5MGExZDU5YjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2p01AIwtzV/x4SxKaBVVX7Ut8SM
sykuyIRFJMVJvCCxCmN79MkIrrcRnAG3MpfhPb1WGudLwY39lQP2P5s+Ga5drAn+
Nhhq9OWZL7sE+p1H5ayb4lo1tqgv+R3/Zny62J6WwFigYyyLHAwmGdCnhPcSBo3R
toZZvfkFnet6ELQKzb3ZzzyWwrYOnwOFO6IuM8e6AyXVECZ30oSaexRhwEpfmMez
6tSong3WZMCg71SwZpQ1DvN9JfaoNpQCGUHAGE2//7MlOiA8hBN1RqXoA4b7ywe3
7F0jh1r2NkZCu/xhdojf4BLiDeI8jpp2WGCVtGSc0UB5sjuwtOdEeeyC0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQcIZW2qXwp4/ZGhNbH9ZCh1Zs5MB8GA1UdIwQY
MBaAFDhM3c100EIpWD0sK+7Qc+AJa6M1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNTFjM2UtOTVkOC00ODNiLThkYzIt
OTk4YWQ1MGY0YTJhLzEvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNTFjM2UtOTVkOC00ODNiLThkYzItOTk4YWQ1MGY0YTJh
LzEvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApOtmjlQJ
qVmrfVVPDBLcppZmqQRXdBDWMzXIQQP3u7QNUJuWY7C0yAAveduNp9iWPG2U4cX4
rpzjkpV5VvaSu3R0lXijvQWHFpUn0GIxIjGjSprEefyMkcdN4ZicgbntJKv/P4DZ
liR+cbzhlIJIygx/wW44YlY2eUju5j202lBqSoOYyCWCupFbwBeAfJxeodjpdeno
Y3y1qmIDZXP7r7qsLMed7ZvQsoFGMIgWe2XHkfxcJqfGk6ZwVFgMfMLhJGCb6Nwx
R7Px6vp17uyIcrpbunhcGHuQLB2JNa/nBlOyuDbTsYWikE6P/CAqA3d8YD9sA0Gg
+X52Gc6rCJTqeg==
-----END CERTIFICATE-----