Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          t8I/d97WfX+0UJfqSwvthSxEWKawdtyZfK8OcRlhICo=
Subject key identifier:   80:52:1D:2A:07:80:8E:84:5B:BF:06:64:B5:FA:1D:70:24:9D:2E:FD
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       0199221EA5E8159A6239119068A364D7DF14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0B77
Signing time:             Sun 07 Sep 2025 03:00:57 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:57 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:57 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: pcQdhJUTJp6pfwaNflfzpLr9DUFTsYSTwfck6AWIkRc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:a5:e8:15:9a:62:39:11:90:68:a3:64:d7:df:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Sep  7 03:00:57 2025 GMT
            Not After : Sep  8 03:00:57 2025 GMT
        Subject: CN=80521d2a07808e845bbf0664b5fa1d70249d2efd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:2f:e4:23:65:c8:ff:f0:a6:37:4b:a7:74:0d:
                    9a:b0:9a:17:82:c1:a3:b2:4b:b8:60:93:3c:f4:ff:
                    95:d6:59:bd:7e:88:97:48:46:78:ae:40:b0:f6:e0:
                    4f:fa:3b:98:c2:a8:f8:43:b5:a7:55:91:2e:fc:45:
                    37:ea:61:83:f0:c4:e0:91:e8:74:6a:e4:c1:4e:fe:
                    62:bb:0d:ff:c9:ce:a7:b1:41:b6:8f:5e:80:e3:4b:
                    93:78:a0:f2:26:9a:66:85:81:f9:20:4d:ee:b1:a4:
                    66:ca:8e:ae:8f:d8:1f:83:1b:86:12:f9:45:1a:82:
                    e9:6a:70:9c:d0:9f:73:b5:e7:f2:1c:ba:b3:ab:cc:
                    58:0b:85:74:d7:ff:48:58:1c:6b:d5:09:c1:7c:fc:
                    eb:95:f4:11:07:1b:ef:bb:7f:9a:e3:a3:14:a9:e2:
                    e9:98:ca:54:52:d4:65:8e:59:f5:19:18:c1:b2:9d:
                    2e:f9:8e:5b:cf:fc:97:b1:66:e0:03:01:29:46:66:
                    b5:3c:e2:16:b5:e2:2f:ab:3d:57:af:c2:65:25:e5:
                    c5:56:c7:d5:a9:10:f2:40:b5:26:55:ec:36:f5:b5:
                    35:ec:53:12:7a:1c:e1:ce:7d:1b:af:70:0e:c1:54:
                    06:cf:c0:0f:86:ff:c8:45:25:58:de:0d:91:2b:a4:
                    d5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:52:1D:2A:07:80:8E:84:5B:BF:06:64:B5:FA:1D:70:24:9D:2E:FD
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:72:c1:60:91:23:a5:df:4c:a7:36:86:a2:e0:0b:62:75:57:
         1e:8a:8d:fd:fc:96:11:e2:c8:19:c3:b3:ad:07:c6:90:dd:ff:
         de:0e:7c:e0:2d:e8:a7:85:ef:c2:70:8c:e0:a4:9e:ef:b0:34:
         b8:5a:bd:88:f8:22:c6:21:9c:82:12:69:57:ef:ec:7a:c0:6f:
         71:d4:6b:7b:1d:44:52:71:3d:d0:fe:25:7f:dc:6d:eb:9a:67:
         67:da:8d:a9:34:27:4e:36:bd:59:56:c8:de:10:0c:a0:32:7a:
         3d:7a:2a:a7:34:8d:81:a9:ea:83:f9:25:31:22:7e:ba:2e:dc:
         24:9b:d5:f7:67:f4:49:2b:03:66:ea:ef:97:97:49:11:c3:79:
         38:93:e0:c6:02:56:73:31:88:3f:87:b4:93:50:c4:d1:57:12:
         0e:bc:e7:37:64:63:97:e5:7a:e1:ff:b4:11:aa:0e:e0:df:d0:
         96:f6:a4:c1:0c:42:bf:f4:0e:49:c0:fa:c5:dc:a4:7e:64:7a:
         6c:cf:54:a0:a2:ef:f0:a7:6d:a0:a0:d4:b7:ee:85:e0:d0:a8:
         f2:4d:32:fc:03:ca:27:49:b2:b5:93:73:1a:ea:20:f7:45:fc:
         b3:4a:92:06:23:1d:3b:5c:d6:7c:de:74:7e:fd:82:3e:2c:6b:
         bd:0b:75:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHqXoFZpiORGQaKNk198UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjUwOTA3MDMwMDU3WhcNMjUwOTA4MDMwMDU3WjAzMTEwLwYDVQQD
Eyg4MDUyMWQyYTA3ODA4ZTg0NWJiZjA2NjRiNWZhMWQ3MDI0OWQyZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuC/kI2XI//CmN0undA2asJoXgsGj
sku4YJM89P+V1lm9foiXSEZ4rkCw9uBP+juYwqj4Q7WnVZEu/EU36mGD8MTgkeh0
auTBTv5iuw3/yc6nsUG2j16A40uTeKDyJppmhYH5IE3usaRmyo6uj9gfgxuGEvlF
GoLpanCc0J9ztefyHLqzq8xYC4V01/9IWBxr1QnBfPzrlfQRBxvvu3+a46MUqeLp
mMpUUtRljln1GRjBsp0u+Y5bz/yXsWbgAwEpRma1POIWteIvqz1Xr8JlJeXFVsfV
qRDyQLUmVew29bU17FMSehzhzn0br3AOwVQGz8APhv/IRSVY3g2RK6TV3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIBSHSoHgI6EW78GZLX6HXAknS79MB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh3LBYJEj
pd9MpzaGouALYnVXHoqN/fyWEeLIGcOzrQfGkN3/3g584C3op4XvwnCM4KSe77A0
uFq9iPgixiGcghJpV+/sesBvcdRrex1EUnE90P4lf9xt65pnZ9qNqTQnTja9WVbI
3hAMoDJ6PXoqpzSNganqg/klMSJ+ui7cJJvV92f0SSsDZurvl5dJEcN5OJPgxgJW
czGIP4e0k1DE0VcSDrznN2Rjl+V64f+0EaoO4N/QlvakwQxCv/QOScD6xdykfmR6
bM9UoKLv8KdtoKDUt+6F4NCo8k0y/APKJ0mytZNzGuog90X8s0qSBiMdO1zWfN50
fv2CPixrvQt1qw==
-----END CERTIFICATE-----