Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
File:                     OoLcXHHOpyxlsCahJnifOIZXC6Y.mft (raw, json)
Hash identifier:          F5aHnut3qICJXF/HyWLSrj2UKdfbxO+X4p2tPJJ1PEs=
Subject key identifier:   1A:DA:D5:24:A8:E5:0C:53:04:6B:B4:67:61:53:B0:9A:C3:E8:19:81
Authority key identifier: 3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6
Certificate issuer:       /CN=3a82dc5c71cea72c65b026a126789f3886570ba6
Certificate serial:       019923A0A3EB1A64D5EDE73A9787D91887B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 10:02:34 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:34 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:34 +0000
Files and hashes:         1: OoLcXHHOpyxlsCahJnifOIZXC6Y.crl (hash: zrG28R3IR1e0hcC6fuoeQXT0f8FE1HeS58aBQztXq9o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:a3:eb:1a:64:d5:ed:e7:3a:97:87:d9:18:87:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a82dc5c71cea72c65b026a126789f3886570ba6
        Validity
            Not Before: Sep  7 10:02:34 2025 GMT
            Not After : Sep  8 10:02:34 2025 GMT
        Subject: CN=1adad524a8e50c53046bb4676153b09ac3e81981
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:86:ec:8d:48:da:05:13:30:7d:44:e9:fd:e3:
                    01:54:2b:d6:42:50:9b:c7:da:0a:d9:c1:f1:6d:f4:
                    91:1c:d4:55:23:dd:f6:f3:d0:cc:5f:01:11:a9:54:
                    bb:8f:31:44:94:dd:86:59:fc:35:ac:2c:51:0b:fa:
                    b8:2e:74:d1:5e:5a:3a:45:20:99:26:cc:91:1a:8c:
                    73:c3:5d:38:d6:b8:fd:84:e1:27:3e:42:1c:76:b7:
                    d4:05:14:48:98:78:c8:b4:5b:a7:36:94:13:88:91:
                    53:27:5d:fe:2a:bd:e6:71:71:d6:55:a9:c1:a4:dd:
                    0e:d3:9d:83:33:1e:e2:4f:e5:83:67:91:87:03:05:
                    10:f5:4a:53:99:7c:8f:71:3d:68:8d:6c:25:02:97:
                    9c:1b:2d:e4:7b:19:c4:31:f7:4f:5d:18:0c:b5:3f:
                    4d:1b:7f:3f:86:d6:ee:22:15:ef:ca:73:44:5f:0f:
                    d3:3c:bb:44:88:84:34:b4:9d:14:fc:7b:53:b7:9e:
                    36:e6:ce:de:2e:bb:c5:78:98:1d:15:fa:de:29:5a:
                    6b:73:0b:db:c0:6e:3e:19:b6:10:e9:91:db:38:d6:
                    39:61:6d:26:73:23:1a:df:f5:59:67:4d:b5:1d:47:
                    84:c4:41:9c:36:12:63:67:82:25:0a:49:69:0b:bf:
                    ae:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:DA:D5:24:A8:E5:0C:53:04:6B:B4:67:61:53:B0:9A:C3:E8:19:81
            X509v3 Authority Key Identifier:
                keyid:3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:c2:a2:24:f0:d8:ab:f2:bb:30:00:7e:2e:2e:c9:d2:64:7f:
         27:b2:78:35:c7:cd:19:f8:07:10:1d:e6:f1:db:75:5f:bd:88:
         a1:55:e2:98:0a:23:b3:ee:19:86:37:ba:23:69:09:21:03:0f:
         bc:db:f8:64:65:20:e8:96:1e:87:d6:82:28:e0:f0:31:12:bb:
         ad:32:6d:30:eb:8a:fc:ac:40:a9:05:15:ed:56:da:20:a2:20:
         86:55:0b:b1:aa:80:81:9c:a0:1f:4b:35:5b:00:48:ad:5d:d2:
         d9:86:68:47:95:1f:cc:14:16:e1:2d:4c:5d:13:90:83:6d:8e:
         23:5d:dc:a3:f0:96:6c:ca:bc:33:a5:f7:ad:80:28:53:7e:c2:
         12:9f:10:5b:4d:47:27:bd:3f:be:68:70:84:83:a5:68:5a:80:
         b9:bf:2d:84:0b:b6:68:d3:77:55:15:14:c7:c7:28:2f:c7:1a:
         37:f1:44:f6:19:e0:88:66:1d:5d:03:d6:ae:5b:dd:af:d8:53:
         f9:4e:73:9a:ce:dc:68:b1:1d:2f:b8:82:22:00:01:b9:f5:c2:
         c3:2e:de:d5:8e:e9:eb:46:2b:34:24:a4:54:a8:e3:91:74:bf:
         83:b7:ed:9c:c3:6f:82:01:0b:db:8e:20:51:d0:d7:42:75:f6:
         f8:fd:c3:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoKPrGmTV7ec6l4fZGIeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODJkYzVjNzFjZWE3MmM2NWIwMjZhMTI2Nzg5ZjM4ODY1
NzBiYTYwHhcNMjUwOTA3MTAwMjM0WhcNMjUwOTA4MTAwMjM0WjAzMTEwLwYDVQQD
EygxYWRhZDUyNGE4ZTUwYzUzMDQ2YmI0Njc2MTUzYjA5YWMzZTgxOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnobsjUjaBRMwfUTp/eMBVCvWQlCb
x9oK2cHxbfSRHNRVI93289DMXwERqVS7jzFElN2GWfw1rCxRC/q4LnTRXlo6RSCZ
JsyRGoxzw1041rj9hOEnPkIcdrfUBRRImHjItFunNpQTiJFTJ13+Kr3mcXHWVanB
pN0O052DMx7iT+WDZ5GHAwUQ9UpTmXyPcT1ojWwlApecGy3kexnEMfdPXRgMtT9N
G38/htbuIhXvynNEXw/TPLtEiIQ0tJ0U/HtTt5425s7eLrvFeJgdFfreKVprcwvb
wG4+GbYQ6ZHbONY5YW0mcyMa3/VZZ021HUeExEGcNhJjZ4IlCklpC7+unwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBra1SSo5QxTBGu0Z2FTsJrD6BmBMB8GA1UdIwQY
MBaAFDqC3FxxzqcsZbAmoSZ4nziGVwumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDIt
ZGMxZmFiNDM5ZTMwLzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDItZGMxZmFiNDM5ZTMw
LzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcMKiJPDY
q/K7MAB+Li7J0mR/J7J4NcfNGfgHEB3m8dt1X72IoVXimAojs+4Zhje6I2kJIQMP
vNv4ZGUg6JYeh9aCKODwMRK7rTJtMOuK/KxAqQUV7VbaIKIghlULsaqAgZygH0s1
WwBIrV3S2YZoR5UfzBQW4S1MXROQg22OI13co/CWbMq8M6X3rYAoU37CEp8QW01H
J70/vmhwhIOlaFqAub8thAu2aNN3VRUUx8coL8caN/FE9hngiGYdXQPWrlvdr9hT
+U5zms7caLEdL7iCIgABufXCwy7e1Y7p60YrNCSkVKjjkXS/g7ftnMNvggEL244g
UdDXQnX2+P3Dlw==
-----END CERTIFICATE-----