Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          DNq01BzcmpXJrJy6eH7HISOrOwYInQq7ac0OOFPDyUU=
Subject key identifier:   C6:99:73:C1:72:84:AB:87:B1:7F:5C:46:C3:07:2D:8A:7C:97:DE:E8
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       019922556A63913EFCB3593E5879B5419F50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0D01
Signing time:             Sun 07 Sep 2025 04:00:46 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:46 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:46 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: zMPH00F9gIdoww5HSaALXHWPo5GqaVBjSzTIGZ5E83Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:6a:63:91:3e:fc:b3:59:3e:58:79:b5:41:9f:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Sep  7 04:00:46 2025 GMT
            Not After : Sep  8 04:00:46 2025 GMT
        Subject: CN=c69973c17284ab87b17f5c46c3072d8a7c97dee8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:4a:8c:ab:6a:d6:0d:f6:06:67:e6:54:52:02:
                    83:d6:00:c5:95:f3:71:ad:88:87:18:7a:ae:89:22:
                    7a:ff:93:34:bc:26:7f:6b:e6:a2:b8:21:89:ff:10:
                    33:63:3f:6c:e2:df:6f:33:01:78:f1:79:fd:bc:a1:
                    45:b0:30:f5:54:d3:97:c5:e5:fc:44:ba:cf:13:33:
                    ca:19:d1:69:30:99:a3:01:dd:40:03:17:1f:ce:0b:
                    81:6d:c8:65:3a:bc:b4:0c:1a:38:3a:9d:0a:05:83:
                    fb:97:e1:9d:5d:ad:e3:8b:31:eb:83:92:d0:18:ec:
                    f3:33:61:b3:ee:fd:7f:6d:e0:c9:ac:6f:0a:f2:7c:
                    80:8d:04:e5:d6:44:bd:c8:79:6f:f6:1e:95:58:6e:
                    fd:50:b0:bd:03:21:47:94:b0:5e:d5:0a:e1:de:16:
                    78:6a:bd:d6:da:81:95:5a:1f:d0:d0:c5:b1:91:c2:
                    1e:d0:71:89:38:ec:03:c3:35:ac:f1:39:f0:b6:51:
                    5d:47:0e:f6:73:79:66:ad:2a:b5:42:b8:25:65:2f:
                    86:6f:ac:50:5a:b1:37:a2:a5:e6:f5:72:e9:4c:32:
                    07:5f:b0:e3:05:ad:17:a7:15:28:94:cd:1a:8f:64:
                    bd:4d:f2:53:ae:d7:b9:26:a4:4b:f9:4d:91:18:b5:
                    41:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:99:73:C1:72:84:AB:87:B1:7F:5C:46:C3:07:2D:8A:7C:97:DE:E8
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:b7:e7:b5:64:da:4d:c9:55:04:cf:59:45:b4:7c:4f:58:80:
         4c:65:2e:fe:4e:04:87:d5:9a:23:f2:e0:0e:d5:0c:c3:e2:89:
         10:cd:72:a7:72:5a:3a:af:30:6a:d8:5b:a5:ab:63:43:c8:1a:
         71:55:6d:f0:ee:8c:45:75:a7:86:00:f0:e7:69:b8:e4:b2:f2:
         b9:67:70:87:c8:8f:3b:98:b4:84:37:07:c2:45:75:fa:9e:a6:
         d0:da:90:a1:c1:83:75:a4:a9:1d:42:59:e6:7a:3f:95:7b:4a:
         68:0e:f4:70:8a:97:76:26:6a:64:dc:cd:d1:4b:2b:23:4d:3b:
         07:1a:5a:ce:aa:5d:81:de:06:94:a5:41:c8:1c:6b:e8:2b:cb:
         fb:00:f3:bd:1a:56:28:c0:e5:97:16:95:0a:f8:f1:19:d0:db:
         6c:0a:6f:dc:bd:80:3d:27:fa:f5:be:5f:2f:54:e8:71:7f:d0:
         dd:44:79:f8:67:7f:4a:ea:11:f4:50:a7:5b:97:4d:66:0d:17:
         f9:ef:22:5b:98:e0:75:33:59:b3:8b:c3:0e:28:5c:6e:b7:af:
         bb:65:4b:71:49:2b:c6:8a:b1:3b:19:d1:37:1b:c6:85:6d:1a:
         a2:6c:b5:fe:1e:b6:a0:2e:38:30:86:17:4f:4d:17:0d:3f:46:
         aa:72:61:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVWpjkT78s1k+WHm1QZ9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUwOTA3MDQwMDQ2WhcNMjUwOTA4MDQwMDQ2WjAzMTEwLwYDVQQD
EyhjNjk5NzNjMTcyODRhYjg3YjE3ZjVjNDZjMzA3MmQ4YTdjOTdkZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UqMq2rWDfYGZ+ZUUgKD1gDFlfNx
rYiHGHquiSJ6/5M0vCZ/a+aiuCGJ/xAzYz9s4t9vMwF48Xn9vKFFsDD1VNOXxeX8
RLrPEzPKGdFpMJmjAd1AAxcfzguBbchlOry0DBo4Op0KBYP7l+GdXa3jizHrg5LQ
GOzzM2Gz7v1/beDJrG8K8nyAjQTl1kS9yHlv9h6VWG79ULC9AyFHlLBe1Qrh3hZ4
ar3W2oGVWh/Q0MWxkcIe0HGJOOwDwzWs8TnwtlFdRw72c3lmrSq1QrglZS+Gb6xQ
WrE3oqXm9XLpTDIHX7DjBa0XpxUolM0aj2S9TfJTrte5JqRL+U2RGLVBZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMaZc8FyhKuHsX9cRsMHLYp8l97oMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVbfntWTa
TclVBM9ZRbR8T1iATGUu/k4Eh9WaI/LgDtUMw+KJEM1yp3JaOq8wathbpatjQ8ga
cVVt8O6MRXWnhgDw52m45LLyuWdwh8iPO5i0hDcHwkV1+p6m0NqQocGDdaSpHUJZ
5no/lXtKaA70cIqXdiZqZNzN0UsrI007Bxpazqpdgd4GlKVByBxr6CvL+wDzvRpW
KMDllxaVCvjxGdDbbApv3L2APSf69b5fL1TocX/Q3UR5+Gd/SuoR9FCnW5dNZg0X
+e8iW5jgdTNZs4vDDihcbrevu2VLcUkrxoqxOxnRNxvGhW0aomy1/h62oC44MIYX
T00XDT9GqnJhtg==
-----END CERTIFICATE-----