Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
File:                     O5pBDtUm-GwybZG2KApEGhbAxnY.mft (raw, json)
Hash identifier:          oCYxZKyjAA4DJQH2kg7m3ZiqslfkrIGb6v0ZwHLQnNg=
Subject key identifier:   AA:A6:05:35:5F:1F:49:80:4D:DB:BF:E9:34:FB:AD:66:3C:98:AA:FE
Authority key identifier: 3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76
Certificate issuer:       /CN=3b9a410ed526f86c326d91b6280a441a16c0c676
Certificate serial:       0199221E69ED4ECA55EC80966964C87B4E45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
Manifest number:          07DB
Signing time:             Sun 07 Sep 2025 03:00:42 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:42 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:42 +0000
Files and hashes:         1: O5pBDtUm-GwybZG2KApEGhbAxnY.crl (hash: S7yQPGrOCOgpwisYsqNyC1lIXaR15YY9vcGNxD9YnNo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:69:ed:4e:ca:55:ec:80:96:69:64:c8:7b:4e:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b9a410ed526f86c326d91b6280a441a16c0c676
        Validity
            Not Before: Sep  7 03:00:42 2025 GMT
            Not After : Sep  8 03:00:42 2025 GMT
        Subject: CN=aaa605355f1f49804ddbbfe934fbad663c98aafe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:71:05:99:4e:63:c4:f7:4a:ed:49:73:a7:63:
                    68:f3:df:ac:1a:0c:e1:e7:b1:c8:a3:ab:3a:c9:3e:
                    84:fd:bc:72:7c:61:c1:5c:ab:5b:62:b4:f6:23:fd:
                    07:f8:33:60:f7:da:9f:ed:74:50:b2:c1:58:0b:03:
                    40:7c:f8:8e:62:52:57:40:08:db:cd:b4:ad:7b:f1:
                    18:ae:f4:06:a0:08:4f:bd:d2:4a:b4:89:39:ab:25:
                    ac:9e:12:7e:7f:33:8b:c0:12:97:60:b7:9f:15:f7:
                    d0:0b:6d:97:67:04:37:0f:81:52:ab:fa:7c:ba:70:
                    a3:8c:be:3d:60:4b:7b:3c:fc:2d:1d:33:68:5c:5b:
                    c9:be:f3:15:d5:b9:e8:32:06:95:95:4d:82:f9:06:
                    47:34:bd:ab:de:b4:98:4c:84:ea:67:1c:e3:ff:36:
                    0b:8d:29:db:7a:e6:84:5a:16:0e:23:5d:83:66:69:
                    d6:5b:8e:ca:d6:2e:0f:1a:1c:3e:41:a3:29:86:da:
                    f1:34:1a:4c:5a:aa:75:d7:52:1a:7b:57:e7:e0:0d:
                    3e:67:ae:34:1e:a1:48:a4:83:10:12:40:60:27:77:
                    07:7c:fb:96:6c:d5:7a:8c:4f:ba:38:81:b6:59:86:
                    ae:9c:97:e9:ba:6d:28:ad:55:25:81:52:59:cf:40:
                    42:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:A6:05:35:5F:1F:49:80:4D:DB:BF:E9:34:FB:AD:66:3C:98:AA:FE
            X509v3 Authority Key Identifier:
                keyid:3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:51:9b:56:45:cd:6b:0a:7c:4a:1c:5e:e3:1a:3a:cd:5a:7b:
         6e:f8:2a:59:f4:3d:94:96:40:ed:a9:59:d4:9e:68:46:cb:6e:
         b0:2c:31:ba:24:83:84:73:41:f5:b2:87:4c:2e:71:b2:44:d5:
         01:42:bb:c6:24:6e:ec:47:8d:85:b9:0a:d6:87:43:4e:97:fc:
         4f:a0:6f:a9:77:fa:65:cd:90:8e:6b:32:69:a5:11:2b:10:50:
         a4:56:17:63:45:50:90:74:3b:ad:bb:f5:06:68:fe:4c:c7:14:
         96:d6:57:a3:5f:28:2c:7d:5b:ae:66:f7:54:16:88:69:a7:94:
         67:8c:ee:f5:17:55:68:c8:d4:61:ab:38:9d:cb:c9:58:5e:02:
         c5:58:9b:5d:7e:78:b3:5c:fd:db:e9:40:82:fc:8e:23:a4:fa:
         7b:44:41:ee:e1:a2:a7:4b:f2:7f:15:69:06:25:a1:1b:ae:02:
         b0:85:51:6d:c9:60:02:6b:af:a6:4d:cf:70:07:21:82:64:dd:
         0f:7f:ff:a8:6a:b5:cb:99:d8:6e:b5:7d:a1:d9:25:2c:42:a5:
         5e:20:49:7d:d2:67:22:56:f9:e8:19:f9:df:cd:5b:2b:67:39:
         70:f7:b3:07:0a:38:5c:3e:ea:96:bf:d4:be:f6:22:2b:68:1b:
         a3:b9:b1:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHmntTspV7ICWaWTIe05FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOWE0MTBlZDUyNmY4NmMzMjZkOTFiNjI4MGE0NDFhMTZj
MGM2NzYwHhcNMjUwOTA3MDMwMDQyWhcNMjUwOTA4MDMwMDQyWjAzMTEwLwYDVQQD
EyhhYWE2MDUzNTVmMWY0OTgwNGRkYmJmZTkzNGZiYWQ2NjNjOThhYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnEFmU5jxPdK7Ulzp2No89+sGgzh
57HIo6s6yT6E/bxyfGHBXKtbYrT2I/0H+DNg99qf7XRQssFYCwNAfPiOYlJXQAjb
zbSte/EYrvQGoAhPvdJKtIk5qyWsnhJ+fzOLwBKXYLefFffQC22XZwQ3D4FSq/p8
unCjjL49YEt7PPwtHTNoXFvJvvMV1bnoMgaVlU2C+QZHNL2r3rSYTITqZxzj/zYL
jSnbeuaEWhYOI12DZmnWW47K1i4PGhw+QaMphtrxNBpMWqp111Iae1fn4A0+Z640
HqFIpIMQEkBgJ3cHfPuWbNV6jE+6OIG2WYaunJfpum0orVUlgVJZz0BCTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqmBTVfH0mATdu/6TT7rWY8mKr+MB8GA1UdIwQY
MBaAFDuaQQ7VJvhsMm2RtigKRBoWwMZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjct
ZGYwYTZkYzI4MmEwLzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjctZGYwYTZkYzI4MmEw
LzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt1GbVkXN
awp8Shxe4xo6zVp7bvgqWfQ9lJZA7alZ1J5oRstusCwxuiSDhHNB9bKHTC5xskTV
AUK7xiRu7EeNhbkK1odDTpf8T6BvqXf6Zc2QjmsyaaURKxBQpFYXY0VQkHQ7rbv1
Bmj+TMcUltZXo18oLH1brmb3VBaIaaeUZ4zu9RdVaMjUYas4ncvJWF4CxVibXX54
s1z92+lAgvyOI6T6e0RB7uGip0vyfxVpBiWhG64CsIVRbclgAmuvpk3PcAchgmTd
D3//qGq1y5nYbrV9odklLEKlXiBJfdJnIlb56Bn5381bK2c5cPezBwo4XD7qlr/U
vvYiK2gbo7mxcQ==
-----END CERTIFICATE-----