Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          5OQihl5CQZtTHt7zb/+3WN+6Z29oM5MTEXdiggh/NxA=
Subject key identifier:   F3:17:C5:AA:50:8E:7E:71:80:16:03:99:8B:29:23:EC:7A:23:E5:8D
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       019922FA72364E3E8D577004D8C7EE1BB225
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          0AC3
Signing time:             Sun 07 Sep 2025 07:01:02 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:02 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:02 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: EsStu8TMo3ecFwZZ6die8RUIm4eEuB3DJzxEaAkYkKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:72:36:4e:3e:8d:57:70:04:d8:c7:ee:1b:b2:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: Sep  7 07:01:02 2025 GMT
            Not After : Sep  8 07:01:02 2025 GMT
        Subject: CN=f317c5aa508e7e71801603998b2923ec7a23e58d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:85:ce:45:f3:ed:4e:3f:c7:e5:eb:98:ad:99:
                    40:fb:6e:9a:4f:55:d5:f3:0e:08:e0:63:ed:9d:af:
                    5c:46:bf:59:61:e9:ef:9e:58:1c:e5:d0:9d:79:14:
                    35:94:31:0d:88:f2:30:4a:77:04:0b:21:a8:2d:44:
                    a1:fb:96:3b:f1:82:cd:98:85:82:43:16:59:50:66:
                    99:df:5b:39:a8:29:2e:5d:46:99:ae:7f:5c:20:e4:
                    62:ed:f6:b4:7a:a0:f7:fc:33:a3:18:ae:19:45:2b:
                    c8:49:ba:e7:fc:3d:64:71:8c:84:94:95:8f:47:53:
                    ae:85:5c:19:ff:c3:ac:24:57:f6:0c:24:6e:c2:1a:
                    e1:22:63:40:72:bd:90:f9:50:15:48:9f:fa:66:73:
                    79:83:18:e9:f9:11:73:df:89:58:75:3e:87:24:58:
                    1b:f8:22:fc:0a:31:ee:ca:b9:24:e6:75:02:aa:51:
                    7c:d7:6d:82:04:4b:36:30:8e:17:a3:2f:b4:d8:0f:
                    9c:9c:0b:04:cd:ea:c0:73:2f:47:c8:3c:37:dc:d3:
                    eb:5c:16:ce:97:10:5d:1e:11:e8:4c:0f:6c:57:03:
                    7e:f9:02:e8:f4:ef:42:d3:c4:5f:46:78:a9:32:fb:
                    97:03:cb:05:84:65:2e:39:08:6b:d4:78:be:d6:ae:
                    8b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:17:C5:AA:50:8E:7E:71:80:16:03:99:8B:29:23:EC:7A:23:E5:8D
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:31:02:d0:44:45:f1:d7:3c:cf:fb:f9:cf:37:8b:b6:33:ce:
         23:10:9f:63:7a:52:a4:4b:91:db:88:63:d9:58:f5:b8:c2:f2:
         db:6c:b3:01:3e:ab:61:6c:40:91:52:09:b6:52:a7:2e:38:4f:
         e1:d8:39:a5:09:ec:d4:04:47:64:e9:f1:bd:3c:05:46:64:1e:
         94:fe:5f:69:1d:f7:8b:a7:71:f1:9f:0e:f6:4c:34:8b:dd:a0:
         1f:03:72:20:a2:ad:a7:6f:0a:ab:19:d4:73:d5:c7:c9:78:fc:
         b1:7e:5c:01:a3:7e:38:2b:57:7c:eb:ce:a8:63:c7:1f:98:20:
         1a:20:b5:86:23:7a:11:ed:56:01:2f:ec:7d:2c:0d:1a:4a:57:
         e4:9a:ae:6e:42:c2:7f:1a:3b:71:92:80:91:88:46:4f:e1:aa:
         20:e1:b2:29:1e:8e:c4:1e:f7:b7:be:96:dc:93:d9:d5:af:ee:
         e3:a4:63:b1:f9:fe:9f:80:b8:9d:1d:60:8b:37:8e:18:4b:0d:
         64:23:15:97:82:4f:76:87:6a:4c:ff:19:c0:df:22:da:59:90:
         6d:5b:f0:35:62:7d:ad:e1:3c:5f:fb:86:ee:07:87:3a:36:ca:
         88:11:76:b8:33:77:d5:d5:cf:f2:43:e5:4d:cf:c3:a2:2d:f6:
         78:a9:2d:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+nI2Tj6NV3AE2MfuG7IlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjUwOTA3MDcwMTAyWhcNMjUwOTA4MDcwMTAyWjAzMTEwLwYDVQQD
EyhmMzE3YzVhYTUwOGU3ZTcxODAxNjAzOTk4YjI5MjNlYzdhMjNlNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIXORfPtTj/H5euYrZlA+26aT1XV
8w4I4GPtna9cRr9ZYenvnlgc5dCdeRQ1lDENiPIwSncECyGoLUSh+5Y78YLNmIWC
QxZZUGaZ31s5qCkuXUaZrn9cIORi7fa0eqD3/DOjGK4ZRSvISbrn/D1kcYyElJWP
R1OuhVwZ/8OsJFf2DCRuwhrhImNAcr2Q+VAVSJ/6ZnN5gxjp+RFz34lYdT6HJFgb
+CL8CjHuyrkk5nUCqlF8122CBEs2MI4Xoy+02A+cnAsEzerAcy9HyDw33NPrXBbO
lxBdHhHoTA9sVwN++QLo9O9C08RfRnipMvuXA8sFhGUuOQhr1Hi+1q6L+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMXxapQjn5xgBYDmYspI+x6I+WNMB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbDEC0ERF
8dc8z/v5zzeLtjPOIxCfY3pSpEuR24hj2Vj1uMLy22yzAT6rYWxAkVIJtlKnLjhP
4dg5pQns1ARHZOnxvTwFRmQelP5faR33i6dx8Z8O9kw0i92gHwNyIKKtp28KqxnU
c9XHyXj8sX5cAaN+OCtXfOvOqGPHH5ggGiC1hiN6Ee1WAS/sfSwNGkpX5JqubkLC
fxo7cZKAkYhGT+GqIOGyKR6OxB73t76W3JPZ1a/u46Rjsfn+n4C4nR1gizeOGEsN
ZCMVl4JPdodqTP8ZwN8i2lmQbVvwNWJ9reE8X/uG7geHOjbKiBF2uDN31dXP8kPl
Tc/Doi32eKktNg==
-----END CERTIFICATE-----