Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
File:                     Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft (raw, json)
Hash identifier:          4e/9ETaQyFErHBrTibINRyh4lFqyi5BezaHF3yW9k9A=
Subject key identifier:   45:0C:FD:87:7A:13:18:6E:E7:40:D6:B5:94:80:A2:F9:B0:68:DB:23
Authority key identifier: 3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33
Certificate issuer:       /CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
Certificate serial:       019921B239B99BAD4CC4791D039D6B2F3091
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
Manifest number:          0A7D
Signing time:             Sun 07 Sep 2025 01:02:32 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:32 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:32 +0000
Files and hashes:         1: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl (hash: qIZ5eAdas9ARLP/6tH1+sMIT73KNwGA5aOOZCepL/kA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b2:39:b9:9b:ad:4c:c4:79:1d:03:9d:6b:2f:30:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
        Validity
            Not Before: Sep  7 01:02:32 2025 GMT
            Not After : Sep  8 01:02:32 2025 GMT
        Subject: CN=450cfd877a13186ee740d6b59480a2f9b068db23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1e:f8:b9:66:7d:b5:08:ef:ee:b9:a9:40:ba:
                    3d:7e:dc:90:1a:dd:77:19:f3:34:2a:af:10:d1:be:
                    63:f2:ac:60:bc:1a:66:8e:3b:f9:d3:21:a0:dc:b0:
                    d0:4e:d0:fa:19:52:df:74:e3:1f:6c:6f:83:ca:3e:
                    14:7a:93:ad:6b:15:ef:44:cf:3b:a6:ca:74:f1:75:
                    ee:2a:27:48:28:58:20:8b:ec:e3:a1:71:45:d9:66:
                    0f:cd:42:d4:00:b4:f1:e3:69:c6:a4:3f:1b:19:99:
                    5b:c1:b3:70:70:28:a2:b1:00:46:d1:1f:ae:8b:a2:
                    0d:26:3e:01:6f:d9:49:36:62:84:f7:93:c4:29:28:
                    39:d2:3b:d7:d0:5c:af:c7:b5:3e:c6:05:5b:91:a0:
                    63:95:a3:d4:ad:7c:4c:46:52:51:2f:dd:7f:82:ec:
                    36:42:ec:35:fb:c2:59:7b:b5:71:d0:41:f8:3e:f6:
                    02:3c:ed:6b:3e:b5:87:5e:d4:96:f6:c3:d9:d2:2f:
                    ea:a3:58:6d:01:48:7b:e2:a0:a5:c2:f5:2f:2e:4b:
                    f9:30:ff:5e:2a:5b:73:d1:a9:b4:47:9e:a8:8a:dc:
                    46:54:97:a7:7d:20:47:67:dc:13:c5:7d:e9:39:51:
                    24:a0:2c:84:e4:e0:58:59:4c:55:59:9e:e7:7f:c9:
                    48:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:0C:FD:87:7A:13:18:6E:E7:40:D6:B5:94:80:A2:F9:B0:68:DB:23
            X509v3 Authority Key Identifier:
                keyid:3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:8e:1d:dd:ec:cd:52:f4:13:19:bf:2c:3b:6c:82:47:82:de:
         8b:08:c0:e4:fb:6e:6c:d6:91:5b:4c:50:2a:37:44:72:6e:2e:
         bb:10:88:74:e4:36:25:7e:c2:4b:56:63:26:2a:fc:67:cf:0e:
         ac:83:70:19:e8:59:2c:6b:c9:b2:65:f6:50:6f:06:36:3d:d6:
         e6:19:7d:72:63:38:7a:7b:dd:bd:5d:0d:53:ae:f9:dd:33:9f:
         ec:19:99:f6:57:d8:ab:be:5e:c8:2e:18:11:bb:52:c6:f2:06:
         9b:91:d7:e0:d0:2e:a5:a4:17:37:a5:34:33:8f:4e:d5:14:43:
         47:b3:b2:e0:17:51:06:df:7c:62:b8:21:70:1e:2a:36:29:e5:
         44:54:08:7a:34:25:a1:83:a6:f5:74:cb:b5:f9:bd:1b:f0:bf:
         05:5f:65:58:b2:85:e6:d2:d0:5c:62:bf:be:d2:25:b2:a9:79:
         67:38:42:94:e7:7c:82:8e:5e:2c:2c:15:c0:dc:db:79:47:5d:
         00:2b:03:25:67:d0:66:4c:0e:f0:68:83:23:73:17:06:93:7f:
         35:3b:e4:9e:52:3d:e2:df:7f:ba:3c:a9:32:45:d3:59:26:22:
         35:a6:5e:57:40:e8:91:bf:2c:56:53:9e:cc:14:36:38:74:03:
         3f:ee:e2:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsjm5m61MxHkdA51rLzCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWYzMWIzNjgyNjg3OWM3ZWJjMTEyYzYyOTQxYTFjZDNh
MmJiMzMwHhcNMjUwOTA3MDEwMjMyWhcNMjUwOTA4MDEwMjMyWjAzMTEwLwYDVQQD
Eyg0NTBjZmQ4NzdhMTMxODZlZTc0MGQ2YjU5NDgwYTJmOWIwNjhkYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh74uWZ9tQjv7rmpQLo9ftyQGt13
GfM0Kq8Q0b5j8qxgvBpmjjv50yGg3LDQTtD6GVLfdOMfbG+Dyj4UepOtaxXvRM87
psp08XXuKidIKFggi+zjoXFF2WYPzULUALTx42nGpD8bGZlbwbNwcCiisQBG0R+u
i6INJj4Bb9lJNmKE95PEKSg50jvX0Fyvx7U+xgVbkaBjlaPUrXxMRlJRL91/guw2
Quw1+8JZe7Vx0EH4PvYCPO1rPrWHXtSW9sPZ0i/qo1htAUh74qClwvUvLkv5MP9e
Kltz0am0R56oitxGVJenfSBHZ9wTxX3pOVEkoCyE5OBYWUxVWZ7nf8lIAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUM/Yd6Exhu50DWtZSAovmwaNsjMB8GA1UdIwQY
MBaAFDrvMbNoJoecfrwRLGKUGhzTorszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMt
ZDlhZjcxMGJhMWRlLzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMtZDlhZjcxMGJhMWRl
LzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeY4d3ezN
UvQTGb8sO2yCR4LeiwjA5PtubNaRW0xQKjdEcm4uuxCIdOQ2JX7CS1ZjJir8Z88O
rINwGehZLGvJsmX2UG8GNj3W5hl9cmM4envdvV0NU6753TOf7BmZ9lfYq75eyC4Y
EbtSxvIGm5HX4NAupaQXN6U0M49O1RRDR7Oy4BdRBt98YrghcB4qNinlRFQIejQl
oYOm9XTLtfm9G/C/BV9lWLKF5tLQXGK/vtIlsql5ZzhClOd8go5eLCwVwNzbeUdd
ACsDJWfQZkwO8GiDI3MXBpN/NTvknlI94t9/ujypMkXTWSYiNaZeV0Dokb8sVlOe
zBQ2OHQDP+7i8A==
-----END CERTIFICATE-----