Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          iteppT8kZ6lOzshxs4Sek5UbUjmlCfcOXg/Z2GTlXH8=
Subject key identifier:   27:AF:82:CE:B5:7B:D6:DC:65:D3:B5:53:9D:A0:0E:77:D9:6E:2C:35
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       019922FA3AB1B2EEB50E6FE3478104024A07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0A81
Signing time:             Sun 07 Sep 2025 07:00:48 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:48 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:48 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: Px2mpjJYOCHVVRIGLhEeUI3hU6MS9MTGsWZNZsDE3yo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:3a:b1:b2:ee:b5:0e:6f:e3:47:81:04:02:4a:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Sep  7 07:00:48 2025 GMT
            Not After : Sep  8 07:00:48 2025 GMT
        Subject: CN=27af82ceb57bd6dc65d3b5539da00e77d96e2c35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:39:6e:85:90:1f:d3:45:09:d6:5d:fe:45:0f:
                    bb:71:8b:7b:cc:3e:09:ae:47:5c:d2:96:17:1f:58:
                    2e:b1:b9:cd:a4:0d:a2:09:bc:d8:29:2d:2d:07:ea:
                    aa:d2:5a:c3:85:c4:dd:d4:d3:6f:e7:f8:e6:bc:e4:
                    15:ba:60:04:c8:22:f1:88:6a:74:ab:fc:d5:65:e8:
                    93:00:79:c0:6a:86:47:75:06:cb:d6:c6:ad:6c:ae:
                    a5:20:2a:9d:f5:90:90:c7:c3:e7:88:b2:05:96:79:
                    d3:ad:ce:cc:7e:0f:31:ba:05:fd:97:eb:ea:c6:ef:
                    7f:9f:c6:f8:2e:1c:ec:58:bb:00:cd:b3:78:70:33:
                    e6:b0:f1:5e:89:aa:58:d5:55:7b:7b:0f:37:12:01:
                    a1:62:3f:4f:f3:58:33:3f:7c:00:c7:7b:00:90:91:
                    bd:8b:ef:75:8f:9d:65:4b:29:e3:a6:eb:4c:c7:3b:
                    e3:3e:2e:0d:29:7c:fe:13:16:04:09:6a:2b:de:8c:
                    69:12:a8:68:d2:19:10:68:9a:70:1f:37:9d:4c:2f:
                    d9:0a:2e:04:64:3f:5a:0b:f4:de:2a:f8:78:4c:84:
                    87:3f:fd:f5:e9:9d:b6:02:cd:ef:e7:ca:ce:80:87:
                    53:78:2f:fa:08:82:b1:be:ed:b4:1e:8f:14:42:de:
                    9c:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:AF:82:CE:B5:7B:D6:DC:65:D3:B5:53:9D:A0:0E:77:D9:6E:2C:35
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:b4:00:c0:0d:a0:66:be:5e:fd:74:d2:50:f6:0b:a6:e3:98:
         ad:b3:18:88:f0:3a:00:3f:8b:f6:21:fa:7d:e4:e1:c0:ab:d3:
         e1:24:62:39:c6:14:a9:88:2d:46:5b:a1:8d:53:a5:54:8f:3d:
         ef:17:7f:b5:c8:40:ca:fc:68:7a:02:69:88:5f:95:54:2b:56:
         45:41:88:f4:e2:df:95:39:db:c6:91:57:35:36:80:f5:5d:a2:
         47:8e:b7:b9:cc:c3:87:88:1a:8b:ff:7a:c4:f1:c9:69:5f:f5:
         12:b1:a6:17:e9:63:e1:1c:29:7d:d1:19:14:21:64:9a:e4:60:
         6d:16:0c:86:82:85:0d:46:0d:5c:8b:1d:90:ba:45:f2:01:7d:
         30:44:b2:80:ab:34:e5:7e:10:34:dd:5e:c7:f8:21:77:9b:90:
         25:a2:d3:3c:50:90:37:20:73:ba:4f:ed:df:c9:00:ab:ae:54:
         8e:60:84:65:86:6a:22:fb:12:9c:40:6d:64:e6:81:10:94:0b:
         5b:d4:48:0e:2e:9f:31:88:08:33:35:ae:32:10:1c:ac:f6:5e:
         91:dd:18:6f:23:96:79:5a:03:bd:b6:bf:5f:94:11:ba:80:29:
         f3:6c:ab:e8:b1:2d:c8:bc:50:3b:89:71:00:03:86:e0:40:d2:
         39:7a:37:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+jqxsu61Dm/jR4EEAkoHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjUwOTA3MDcwMDQ4WhcNMjUwOTA4MDcwMDQ4WjAzMTEwLwYDVQQD
EygyN2FmODJjZWI1N2JkNmRjNjVkM2I1NTM5ZGEwMGU3N2Q5NmUyYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDluhZAf00UJ1l3+RQ+7cYt7zD4J
rkdc0pYXH1gusbnNpA2iCbzYKS0tB+qq0lrDhcTd1NNv5/jmvOQVumAEyCLxiGp0
q/zVZeiTAHnAaoZHdQbL1satbK6lICqd9ZCQx8PniLIFlnnTrc7Mfg8xugX9l+vq
xu9/n8b4LhzsWLsAzbN4cDPmsPFeiapY1VV7ew83EgGhYj9P81gzP3wAx3sAkJG9
i+91j51lSynjputMxzvjPi4NKXz+ExYECWor3oxpEqho0hkQaJpwHzedTC/ZCi4E
ZD9aC/TeKvh4TISHP/316Z22As3v58rOgIdTeC/6CIKxvu20Ho8UQt6cvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCevgs61e9bcZdO1U52gDnfZbiw1MB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn7QAwA2g
Zr5e/XTSUPYLpuOYrbMYiPA6AD+L9iH6feThwKvT4SRiOcYUqYgtRluhjVOlVI89
7xd/tchAyvxoegJpiF+VVCtWRUGI9OLflTnbxpFXNTaA9V2iR463uczDh4gai/96
xPHJaV/1ErGmF+lj4RwpfdEZFCFkmuRgbRYMhoKFDUYNXIsdkLpF8gF9MESygKs0
5X4QNN1ex/ghd5uQJaLTPFCQNyBzuk/t38kAq65UjmCEZYZqIvsSnEBtZOaBEJQL
W9RIDi6fMYgIMzWuMhAcrPZekd0YbyOWeVoDvba/X5QRuoAp82yr6LEtyLxQO4lx
AAOG4EDSOXo3Vg==
-----END CERTIFICATE-----