Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.mft
File:                     OOdr5zhCITzgy8kz0aN0g1fyKD8.mft (raw, json)
Hash identifier:          z+ydZgCBpB9nCvE2C/0+uArFSXU1U0F5KVTeEQA98Pw=
Subject key identifier:   40:9A:51:D9:D3:B3:AD:15:4F:24:BF:8F:4C:E5:E3:C1:E6:88:D9:72
Authority key identifier: 38:E7:6B:E7:38:42:21:3C:E0:CB:C9:33:D1:A3:74:83:57:F2:28:3F
Certificate issuer:       /CN=38e76be73842213ce0cbc933d1a3748357f2283f
Certificate serial:       01992367D527FDCE63F88938CEAAD274C4B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OOdr5zhCITzgy8kz0aN0g1fyKD8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.mft
Manifest number:          8D
Signing time:             Sun 07 Sep 2025 09:00:31 +0000
Manifest this update:     Sun 07 Sep 2025 09:00:31 +0000
Manifest next update:     Mon 08 Sep 2025 09:00:31 +0000
Files and hashes:         1: OOdr5zhCITzgy8kz0aN0g1fyKD8.crl (hash: cSDB0nDi6zc6Lfvz9yLEAPw8wjMvhdN56dj0Uq0lqfA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OOdr5zhCITzgy8kz0aN0g1fyKD8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:67:d5:27:fd:ce:63:f8:89:38:ce:aa:d2:74:c4:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38e76be73842213ce0cbc933d1a3748357f2283f
        Validity
            Not Before: Sep  7 09:00:31 2025 GMT
            Not After : Sep  8 09:00:31 2025 GMT
        Subject: CN=409a51d9d3b3ad154f24bf8f4ce5e3c1e688d972
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ba:c8:37:cf:2a:56:8c:ac:29:1f:b8:0d:85:
                    b6:be:4f:18:0d:ed:9b:e0:8f:79:4b:d8:d3:b2:26:
                    ec:3d:70:36:21:3c:5d:6a:11:0f:1a:a6:05:5a:05:
                    91:82:fa:60:8d:13:7f:c7:f3:fe:ff:42:2d:14:37:
                    d9:51:6e:c1:8d:3c:a9:c2:8f:3f:77:14:de:05:af:
                    e4:ba:9b:aa:53:10:0a:bb:0d:86:c6:9c:39:73:0b:
                    f0:96:8c:22:2a:3a:27:48:0a:eb:bf:db:cd:a9:1a:
                    4d:9a:db:68:35:3c:4c:d2:48:79:af:4f:f5:45:2a:
                    b9:65:69:00:34:06:b3:a3:57:6c:72:8b:d8:10:de:
                    c0:21:19:65:8f:36:b2:c3:9f:e3:f7:ae:ea:ed:2d:
                    2b:31:51:a8:15:25:bf:5f:9a:d2:36:ba:8f:15:43:
                    b0:6c:00:cf:3f:3c:94:7c:b7:a4:80:7a:ba:a2:6e:
                    55:dc:d9:e0:a3:c2:8e:72:5c:72:36:6e:de:ed:52:
                    88:53:02:85:c0:d2:68:c7:23:de:d6:2a:55:89:c4:
                    74:95:2f:20:0c:13:b7:ea:04:62:25:4f:0c:b6:97:
                    c4:c3:1a:f5:91:c2:01:61:85:8b:cc:e1:ac:37:5b:
                    c0:f6:64:2b:4e:9c:77:71:17:20:6e:21:13:e5:7d:
                    3f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:9A:51:D9:D3:B3:AD:15:4F:24:BF:8F:4C:E5:E3:C1:E6:88:D9:72
            X509v3 Authority Key Identifier:
                keyid:38:E7:6B:E7:38:42:21:3C:E0:CB:C9:33:D1:A3:74:83:57:F2:28:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OOdr5zhCITzgy8kz0aN0g1fyKD8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:dc:a0:d1:b5:fd:33:fc:af:2e:8a:0b:a1:bd:61:1f:f5:2f:
         b5:23:73:2d:b9:5b:02:59:8c:e4:f8:0b:8d:e6:61:46:f7:7b:
         04:3c:07:1c:71:6b:78:55:b8:65:2d:7c:10:e4:3d:84:d9:9f:
         69:64:63:34:19:9f:0a:69:32:4c:3f:3d:3d:6a:cd:d7:61:5e:
         58:21:0b:d5:34:d7:d4:80:71:29:41:8b:8a:90:0a:8a:41:12:
         af:fb:c5:2c:3b:cc:87:19:fb:64:36:bc:45:f6:49:1d:db:1b:
         b8:bb:c7:f3:67:f7:bf:f1:d8:80:ee:84:f6:9f:02:66:60:c4:
         8d:15:41:09:e0:13:a6:d4:9b:5e:c3:c2:1e:25:d9:5d:4d:e1:
         c8:89:e7:55:62:26:93:96:31:3c:4b:1b:19:2b:b1:60:4f:bb:
         91:cc:c4:d6:2e:bf:21:19:12:52:20:bf:59:d1:6f:bc:4d:4c:
         17:63:0f:bd:98:8d:c2:25:8d:5f:24:4c:d5:fc:cd:a8:9c:3c:
         be:65:58:02:f1:f1:c8:86:64:a8:99:e9:12:4f:93:31:85:b5:
         60:22:72:ad:a9:6b:63:fe:57:97:5e:e2:00:66:a2:cf:d6:67:
         a7:0d:de:28:83:83:d4:42:e4:93:6d:19:45:ac:13:6b:93:01:
         e9:75:c2:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjZ9Un/c5j+Ik4zqrSdMS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZTc2YmU3Mzg0MjIxM2NlMGNiYzkzM2QxYTM3NDgzNTdm
MjI4M2YwHhcNMjUwOTA3MDkwMDMxWhcNMjUwOTA4MDkwMDMxWjAzMTEwLwYDVQQD
Eyg0MDlhNTFkOWQzYjNhZDE1NGYyNGJmOGY0Y2U1ZTNjMWU2ODhkOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrrIN88qVoysKR+4DYW2vk8YDe2b
4I95S9jTsibsPXA2ITxdahEPGqYFWgWRgvpgjRN/x/P+/0ItFDfZUW7BjTypwo8/
dxTeBa/kupuqUxAKuw2Gxpw5cwvwlowiKjonSArrv9vNqRpNmttoNTxM0kh5r0/1
RSq5ZWkANAazo1dscovYEN7AIRlljzayw5/j967q7S0rMVGoFSW/X5rSNrqPFUOw
bADPPzyUfLekgHq6om5V3Nngo8KOclxyNm7e7VKIUwKFwNJoxyPe1ipVicR0lS8g
DBO36gRiJU8MtpfEwxr1kcIBYYWLzOGsN1vA9mQrTpx3cRcgbiET5X0/nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECaUdnTs60VTyS/j0zl48HmiNlyMB8GA1UdIwQY
MBaAFDjna+c4QiE84MvJM9GjdINX8ig/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT09kcjV6aENJVHpneThrejBhTjBnMWZ5S0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yN2M4NmMtYTVhZC00MjUzLTgxZGMt
MTU1MjZiZjdmNGViLzEvT09kcjV6aENJVHpneThrejBhTjBnMWZ5S0Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yN2M4NmMtYTVhZC00MjUzLTgxZGMtMTU1MjZiZjdmNGVi
LzEvT09kcjV6aENJVHpneThrejBhTjBnMWZ5S0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxtyg0bX9
M/yvLooLob1hH/UvtSNzLblbAlmM5PgLjeZhRvd7BDwHHHFreFW4ZS18EOQ9hNmf
aWRjNBmfCmkyTD89PWrN12FeWCEL1TTX1IBxKUGLipAKikESr/vFLDvMhxn7ZDa8
RfZJHdsbuLvH82f3v/HYgO6E9p8CZmDEjRVBCeATptSbXsPCHiXZXU3hyInnVWIm
k5YxPEsbGSuxYE+7kczE1i6/IRkSUiC/WdFvvE1MF2MPvZiNwiWNXyRM1fzNqJw8
vmVYAvHxyIZkqJnpEk+TMYW1YCJyralrY/5Xl17iAGaiz9Znpw3eKIOD1ELkk20Z
RawTa5MB6XXC7g==
-----END CERTIFICATE-----