Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          mO169ZIsq5+O1TwZAlCR2sK9PNJI8hNUn60AVEW0bfs=
Subject key identifier:   9E:D7:86:C9:D1:4E:D1:C8:19:84:F5:52:75:B6:71:B7:44:BA:9D:E1
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       0199228CB909668AFE60E5594FD8F43B10CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          05ED
Signing time:             Sun 07 Sep 2025 05:01:11 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:11 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:11 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: z1sPcoT/Y2OPorjEGvwGj4RlHxJpUi2W4SJrSgCWIrs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:b9:09:66:8a:fe:60:e5:59:4f:d8:f4:3b:10:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Sep  7 05:01:11 2025 GMT
            Not After : Sep  8 05:01:11 2025 GMT
        Subject: CN=9ed786c9d14ed1c81984f55275b671b744ba9de1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:49:e5:b7:d1:ef:de:3b:f6:31:71:1b:d5:4e:
                    61:3d:cc:42:51:0a:70:53:0c:92:ca:c7:23:55:22:
                    b2:c0:1d:a1:dc:a2:0b:2a:27:4f:21:24:25:0b:b3:
                    50:cc:70:fa:c4:c5:81:f1:aa:21:33:78:75:35:a7:
                    48:0f:43:4b:8a:09:fe:f0:9a:be:ef:ea:e8:41:97:
                    9b:67:40:8b:9a:4e:2a:ce:1b:b8:b1:f4:ad:1d:95:
                    5d:ad:72:b4:84:81:fa:e0:09:0c:d0:3a:52:c0:09:
                    df:26:0e:cc:bd:d1:55:71:ba:23:03:5a:0d:c5:a4:
                    50:0d:29:14:3d:a6:f8:54:32:a3:37:24:47:36:74:
                    dd:91:af:a4:ca:9b:b2:67:41:4a:fe:d0:8b:56:2c:
                    57:23:e0:18:ad:29:56:5d:3f:69:38:3e:72:4d:74:
                    a7:ff:98:07:a6:46:77:38:c8:3c:7a:a1:aa:b7:e5:
                    53:6f:22:6e:a3:82:d3:c8:74:75:a1:e3:33:c7:67:
                    e3:75:ed:1c:44:86:c9:01:ff:39:10:92:11:5e:3b:
                    23:ea:0b:75:37:88:8f:92:49:68:b6:3f:16:74:aa:
                    75:7e:b4:d2:3c:70:ed:d5:62:d1:69:62:10:78:75:
                    20:11:41:51:50:c4:09:6e:11:84:da:ad:94:a2:16:
                    d5:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D7:86:C9:D1:4E:D1:C8:19:84:F5:52:75:B6:71:B7:44:BA:9D:E1
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:1b:a5:14:87:f3:4b:20:f0:d2:e8:17:92:81:f4:6a:25:94:
         47:d2:19:d3:cf:ad:ba:c6:ea:71:9f:1e:5c:e0:7c:47:3c:a6:
         15:bd:fc:68:f0:f4:6d:6f:a9:02:58:e8:02:c0:d3:c9:08:4b:
         68:07:10:46:9b:4a:08:e1:eb:fc:1e:2a:90:1f:1a:92:04:0c:
         0d:b2:15:14:b7:78:7a:81:14:d8:d2:d9:74:e3:a6:9c:37:c1:
         fb:8f:4e:e7:60:8a:62:9e:56:2e:f5:cb:b0:94:da:c0:31:6c:
         b4:bf:07:b7:2b:06:d8:c6:f8:45:4f:2a:26:08:e3:d2:ab:9a:
         78:b7:02:ad:58:83:58:1c:41:a1:c6:f8:45:13:c9:42:0d:8d:
         91:fd:22:f0:c6:35:31:6e:ec:54:57:bd:72:5e:9b:e4:37:35:
         0e:27:f2:a7:ef:81:1e:9e:66:28:b0:0c:a7:c3:ad:81:0c:2e:
         8c:ad:9d:74:db:77:de:c2:34:13:65:b9:5c:73:53:6d:e4:6b:
         8e:59:5d:ec:37:fe:b0:6c:ff:a9:f5:3a:39:0d:e1:6c:f5:94:
         ba:b5:20:4f:96:89:55:41:4c:d8:a3:4a:f5:c2:31:8c:ac:6b:
         41:fe:56:68:46:9e:7e:d4:87:62:f3:e0:06:3c:6f:7f:e2:cd:
         0b:d4:de:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijLkJZor+YOVZT9j0OxDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjUwOTA3MDUwMTExWhcNMjUwOTA4MDUwMTExWjAzMTEwLwYDVQQD
Eyg5ZWQ3ODZjOWQxNGVkMWM4MTk4NGY1NTI3NWI2NzFiNzQ0YmE5ZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Unlt9Hv3jv2MXEb1U5hPcxCUQpw
UwySyscjVSKywB2h3KILKidPISQlC7NQzHD6xMWB8aohM3h1NadID0NLign+8Jq+
7+roQZebZ0CLmk4qzhu4sfStHZVdrXK0hIH64AkM0DpSwAnfJg7MvdFVcbojA1oN
xaRQDSkUPab4VDKjNyRHNnTdka+kypuyZ0FK/tCLVixXI+AYrSlWXT9pOD5yTXSn
/5gHpkZ3OMg8eqGqt+VTbyJuo4LTyHR1oeMzx2fjde0cRIbJAf85EJIRXjsj6gt1
N4iPkklotj8WdKp1frTSPHDt1WLRaWIQeHUgEUFRUMQJbhGE2q2UohbV/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7XhsnRTtHIGYT1UnW2cbdEup3hMB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApRulFIfz
SyDw0ugXkoH0aiWUR9IZ08+tusbqcZ8eXOB8RzymFb38aPD0bW+pAljoAsDTyQhL
aAcQRptKCOHr/B4qkB8akgQMDbIVFLd4eoEU2NLZdOOmnDfB+49O52CKYp5WLvXL
sJTawDFstL8HtysG2Mb4RU8qJgjj0quaeLcCrViDWBxBocb4RRPJQg2Nkf0i8MY1
MW7sVFe9cl6b5Dc1Difyp++BHp5mKLAMp8OtgQwujK2ddNt33sI0E2W5XHNTbeRr
jlld7Df+sGz/qfU6OQ3hbPWUurUgT5aJVUFM2KNK9cIxjKxrQf5WaEaeftSHYvPg
Bjxvf+LNC9TeEg==
-----END CERTIFICATE-----