Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
File:                     oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft (raw, json)
Hash identifier:          SQnxxnyeDtebmLwqpr+ZNsxfuH/Q1QKYVH1dNcNVi6U=
Subject key identifier:   CB:6C:7C:2D:EC:11:D7:52:2E:65:DA:B8:DF:E2:C3:3F:E2:9F:E4:04
Authority key identifier: A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10
Certificate issuer:       /CN=a223d15344c02a551e63f831c604f80dbec4ba10
Certificate serial:       019923A0D937EC2CF0AC0947B5DA60855907
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
Manifest number:          0AC7
Signing time:             Sun 07 Sep 2025 10:02:47 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:47 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:47 +0000
Files and hashes:         1: oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl (hash: pvyYdFG0gw8OsNJzBIS9XSF3zgH9vbovWgxtZmy3jYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:d9:37:ec:2c:f0:ac:09:47:b5:da:60:85:59:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a223d15344c02a551e63f831c604f80dbec4ba10
        Validity
            Not Before: Sep  7 10:02:47 2025 GMT
            Not After : Sep  8 10:02:47 2025 GMT
        Subject: CN=cb6c7c2dec11d7522e65dab8dfe2c33fe29fe404
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e7:f9:b1:2b:3c:a6:2a:e0:f6:ac:bf:bd:64:
                    5b:c2:3f:83:7a:79:56:90:08:76:2e:0c:b0:fb:3e:
                    b0:e7:eb:2a:1d:24:2a:17:b0:f0:20:64:13:fc:ec:
                    23:23:29:67:23:68:62:55:89:0e:02:04:e2:78:08:
                    db:5e:d4:90:05:4f:3d:f9:74:bf:13:fd:ba:4e:56:
                    a2:00:38:cb:86:f7:82:e0:29:0e:db:0a:d1:4f:4c:
                    3b:2f:84:8d:1b:57:fa:17:19:01:82:19:45:b2:88:
                    1e:61:bf:aa:c3:b0:8f:45:64:2f:3d:95:a8:0d:e0:
                    fa:4d:5b:8f:e0:f6:8d:06:d4:af:4c:8b:55:ba:e1:
                    86:1d:fb:0b:bd:14:32:d2:4d:39:e8:74:39:cf:5f:
                    c7:2b:f4:7d:0f:a6:8a:26:07:cf:d2:f6:5e:8b:89:
                    6a:00:ed:a0:f4:06:90:94:29:74:8f:85:fb:8f:dd:
                    32:f7:90:06:a0:4d:6a:18:c8:93:fc:f3:75:de:f0:
                    a5:6b:3d:45:b1:de:43:53:9d:83:2a:ef:05:f9:b6:
                    e3:8a:73:35:14:fc:23:8b:24:c5:59:e9:76:5a:d2:
                    18:22:3f:e8:75:2a:4c:a9:10:f7:86:a1:3c:81:2a:
                    7e:65:30:0c:0e:d2:33:43:8c:45:33:77:5c:d1:19:
                    99:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:6C:7C:2D:EC:11:D7:52:2E:65:DA:B8:DF:E2:C3:3F:E2:9F:E4:04
            X509v3 Authority Key Identifier:
                keyid:A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:df:17:77:c3:6f:24:2a:7e:2f:97:72:e5:90:95:2d:ce:3d:
         e6:a5:ce:6d:46:43:f0:81:68:6d:10:7b:a4:af:3d:56:21:e2:
         df:f5:02:f0:f3:46:de:27:88:81:ea:47:48:e2:d8:b2:2f:d5:
         d3:49:da:8a:17:e2:7c:7d:a1:fd:cc:c0:00:3c:a0:73:a7:31:
         25:fa:8c:4d:c4:bb:8a:c7:ca:8c:d9:90:62:5c:0f:40:bc:ba:
         bb:c6:67:c8:e3:d3:9d:6b:f0:46:bc:e5:ae:5c:2e:84:0b:aa:
         b3:93:8e:21:9f:a9:b9:30:49:e7:5d:cc:d7:ed:4e:41:3d:42:
         32:26:12:76:e6:86:54:41:dd:98:25:1e:a8:02:a0:f8:a3:ce:
         84:50:ed:ae:b0:ae:7d:46:6a:6f:33:db:57:44:06:f7:87:aa:
         ca:17:3a:d6:07:a3:2d:e3:71:bc:54:4f:27:af:34:f1:a1:53:
         68:59:a0:82:f3:b3:6b:85:84:83:35:6a:44:24:1e:fa:5e:13:
         99:9e:95:dc:7d:b3:36:a1:e2:5b:1a:b6:9f:70:a7:49:bf:a2:
         14:e3:0f:6b:52:93:ec:ab:84:ec:29:a1:a8:52:ef:8f:48:6c:
         04:61:c6:49:87:15:74:a5:4f:cb:e1:d7:4c:63:76:07:2d:bd:
         e5:99:b9:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoNk37CzwrAlHtdpghVkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjNkMTUzNDRjMDJhNTUxZTYzZjgzMWM2MDRmODBkYmVj
NGJhMTAwHhcNMjUwOTA3MTAwMjQ3WhcNMjUwOTA4MTAwMjQ3WjAzMTEwLwYDVQQD
EyhjYjZjN2MyZGVjMTFkNzUyMmU2NWRhYjhkZmUyYzMzZmUyOWZlNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+f5sSs8pirg9qy/vWRbwj+DenlW
kAh2Lgyw+z6w5+sqHSQqF7DwIGQT/OwjIylnI2hiVYkOAgTieAjbXtSQBU89+XS/
E/26TlaiADjLhveC4CkO2wrRT0w7L4SNG1f6FxkBghlFsogeYb+qw7CPRWQvPZWo
DeD6TVuP4PaNBtSvTItVuuGGHfsLvRQy0k056HQ5z1/HK/R9D6aKJgfP0vZei4lq
AO2g9AaQlCl0j4X7j90y95AGoE1qGMiT/PN13vClaz1Fsd5DU52DKu8F+bbjinM1
FPwjiyTFWel2WtIYIj/odSpMqRD3hqE8gSp+ZTAMDtIzQ4xFM3dc0RmZ4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtsfC3sEddSLmXauN/iwz/in+QEMB8GA1UdIwQY
MBaAFKIj0VNEwCpVHmP4McYE+A2+xLoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTct
ODA5YTJkN2ZmMzQ4LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTctODA5YTJkN2ZmMzQ4
LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAst8Xd8Nv
JCp+L5dy5ZCVLc495qXObUZD8IFobRB7pK89ViHi3/UC8PNG3ieIgepHSOLYsi/V
00naihfifH2h/czAADygc6cxJfqMTcS7isfKjNmQYlwPQLy6u8ZnyOPTnWvwRrzl
rlwuhAuqs5OOIZ+puTBJ513M1+1OQT1CMiYSduaGVEHdmCUeqAKg+KPOhFDtrrCu
fUZqbzPbV0QG94eqyhc61gejLeNxvFRPJ6808aFTaFmggvOza4WEgzVqRCQe+l4T
mZ6V3H2zNqHiWxq2n3CnSb+iFOMPa1KT7KuE7CmhqFLvj0hsBGHGSYcVdKVPy+HX
TGN2By295Zm5BA==
-----END CERTIFICATE-----