Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          aQFOptQwpekSpVuUiBpG/dqG4SLb2Dn5X/lbs7dVS4w=
Subject key identifier:   F7:F1:E6:35:05:27:F3:B1:45:D3:B5:67:DC:50:39:84:CB:DD:E8:ED
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       01976026BD2927A86617484F15BC586946F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0A8E
Signing time:             Wed 11 Jun 2025 18:00:40 +0000
Manifest this update:     Wed 11 Jun 2025 18:00:40 +0000
Manifest next update:     Thu 12 Jun 2025 18:00:40 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: PcngYXE2u4j2mx7s3JePWR410pWzQhTlWrgRDJlhpq8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 18:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:26:bd:29:27:a8:66:17:48:4f:15:bc:58:69:46:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Jun 11 18:00:40 2025 GMT
            Not After : Jun 12 18:00:40 2025 GMT
        Subject: CN=f7f1e6350527f3b145d3b567dc503984cbdde8ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:38:a9:c7:40:d4:9f:60:28:85:e0:33:c2:80:
                    b9:15:e6:22:c7:a5:ee:11:7f:ed:2c:c3:c6:22:40:
                    aa:81:2b:58:dc:8d:68:56:9a:8b:c3:0c:7a:35:57:
                    f8:a3:70:77:61:61:e1:f3:5f:5e:b7:e6:be:47:3b:
                    4e:e7:0b:ad:83:f0:92:78:f2:af:e4:95:af:43:1a:
                    77:12:05:31:a7:c5:fe:04:79:dc:2e:25:5c:e3:3a:
                    7d:17:f2:dd:fc:bb:b9:17:23:d8:83:06:1c:00:35:
                    e3:85:0e:91:f6:b3:54:17:93:13:05:09:03:3e:34:
                    0e:58:c1:46:52:bc:2f:7f:b0:ca:a1:10:07:66:3b:
                    5b:02:f8:98:9e:5a:33:fd:34:95:13:cc:97:90:f5:
                    ec:df:68:cf:68:98:3e:24:03:a8:be:db:c3:d6:78:
                    01:fd:e4:22:f8:be:8a:c8:07:e9:2e:c7:4d:ef:88:
                    ca:b4:8f:2d:98:a9:a8:73:5e:ac:de:00:8b:26:11:
                    42:a4:4b:5b:e4:ec:db:a5:74:81:3a:ab:f3:a0:40:
                    77:b5:b1:d5:79:e3:4f:7b:f9:84:85:0d:a3:3d:81:
                    33:45:03:5b:74:4e:7a:05:b1:cd:f1:96:82:53:e1:
                    0c:76:9a:62:51:fb:ab:8d:6e:bb:78:4e:e3:a1:e3:
                    2a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:F1:E6:35:05:27:F3:B1:45:D3:B5:67:DC:50:39:84:CB:DD:E8:ED
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:99:69:c3:b2:86:21:35:ce:c6:cf:dd:1e:fe:68:7a:55:1e:
         03:fb:22:b1:73:9a:f9:ef:c7:8f:14:a2:2f:51:2d:ef:3a:c3:
         85:1a:42:79:1c:ae:dc:84:4a:5d:c8:fd:d7:94:f2:24:45:fb:
         6e:92:84:85:5b:24:bd:1e:21:12:f4:54:38:f3:8c:36:0e:6f:
         d3:29:ec:99:99:06:77:d2:fe:61:fd:42:3a:b9:93:16:8e:2f:
         21:ab:89:1a:c1:c2:cc:8a:cf:d0:36:4e:41:36:9c:6f:a4:a2:
         23:a2:4d:20:17:58:c1:2e:28:1b:67:24:ce:9d:1e:2e:df:75:
         5f:35:e8:ef:77:54:08:79:04:26:f5:84:52:08:f1:c6:c1:e8:
         8f:05:15:63:e4:39:f7:72:f4:ca:4a:0a:c3:10:66:b2:8d:c8:
         1e:0f:fd:87:10:02:65:a3:03:66:ff:35:7c:ef:1c:c5:1a:c7:
         6b:d5:30:c9:dc:6b:b8:c7:11:03:56:c0:23:91:27:8a:f9:cb:
         b3:72:00:44:51:af:f9:45:22:c5:08:c9:e1:13:1d:62:dc:34:
         82:e4:d8:5d:1c:25:fe:df:31:4a:21:03:22:9f:81:50:b1:7e:
         03:69:f7:7b:d8:8a:a0:bc:c1:f0:2f:21:20:49:74:c6:1f:ca:
         62:4d:1f:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgJr0pJ6hmF0hPFbxYaUb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjUwNjExMTgwMDQwWhcNMjUwNjEyMTgwMDQwWjAzMTEwLwYDVQQD
EyhmN2YxZTYzNTA1MjdmM2IxNDVkM2I1NjdkYzUwMzk4NGNiZGRlOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujipx0DUn2AoheAzwoC5FeYix6Xu
EX/tLMPGIkCqgStY3I1oVpqLwwx6NVf4o3B3YWHh819et+a+RztO5wutg/CSePKv
5JWvQxp3EgUxp8X+BHncLiVc4zp9F/Ld/Lu5FyPYgwYcADXjhQ6R9rNUF5MTBQkD
PjQOWMFGUrwvf7DKoRAHZjtbAviYnloz/TSVE8yXkPXs32jPaJg+JAOovtvD1ngB
/eQi+L6KyAfpLsdN74jKtI8tmKmoc16s3gCLJhFCpEtb5OzbpXSBOqvzoEB3tbHV
eeNPe/mEhQ2jPYEzRQNbdE56BbHN8ZaCU+EMdppiUfurjW67eE7joeMqRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfx5jUFJ/OxRdO1Z9xQOYTL3ejtMB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANJlpw7KG
ITXOxs/dHv5oelUeA/sisXOa+e/HjxSiL1Et7zrDhRpCeRyu3IRKXcj915TyJEX7
bpKEhVskvR4hEvRUOPOMNg5v0ynsmZkGd9L+Yf1COrmTFo4vIauJGsHCzIrP0DZO
QTacb6SiI6JNIBdYwS4oG2ckzp0eLt91XzXo73dUCHkEJvWEUgjxxsHojwUVY+Q5
93L0ykoKwxBmso3IHg/9hxACZaMDZv81fO8cxRrHa9UwydxruMcRA1bAI5EnivnL
s3IARFGv+UUixQjJ4RMdYtw0guTYXRwl/t8xSiEDIp+BULF+A2n3e9iKoLzB8C8h
IEl0xh/KYk0fZg==
-----END CERTIFICATE-----