Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
File:                     AOezY1s9V4VgNwpYMDz81c2SkQU.mft (raw, json)
Hash identifier:          ob0KmPIILkFMhHYZme2H4neglbeIdu6+2gpwYzq+vf8=
Subject key identifier:   A1:71:B8:1F:32:CD:25:D7:F4:B7:12:29:55:16:49:38:64:38:2D:CC
Authority key identifier: 00:E7:B3:63:5B:3D:57:85:60:37:0A:58:30:3C:FC:D5:CD:92:91:05
Certificate issuer:       /CN=00e7b3635b3d578560370a58303cfcd5cd929105
Certificate serial:       019921B15D1EC4CA204181CF1AB5BDF1648A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
Manifest number:          0D83
Signing time:             Sun 07 Sep 2025 01:01:35 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:35 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:35 +0000
Files and hashes:         1: AOezY1s9V4VgNwpYMDz81c2SkQU.crl (hash: tUd+43LUqY0XKJTmgQjDV0+LjSId1r11lXQoC3GqZTg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:5d:1e:c4:ca:20:41:81:cf:1a:b5:bd:f1:64:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e7b3635b3d578560370a58303cfcd5cd929105
        Validity
            Not Before: Sep  7 01:01:35 2025 GMT
            Not After : Sep  8 01:01:35 2025 GMT
        Subject: CN=a171b81f32cd25d7f4b712295516493864382dcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:cc:ce:db:dd:8a:0c:03:23:93:92:da:1c:8e:
                    bf:0c:67:39:f2:20:e7:52:d8:e0:76:cf:59:c7:28:
                    8f:a2:c8:ff:74:9a:3c:fc:2d:50:f1:54:fb:0b:bf:
                    40:12:44:c3:d2:7a:af:98:57:dd:cc:ad:58:67:0d:
                    51:57:a2:1b:d4:5c:57:ee:11:38:d9:e7:f7:6c:4d:
                    ef:0a:53:2e:6a:9f:6a:8a:1c:bf:27:9e:ed:c0:9a:
                    46:68:46:b7:41:9b:7e:4e:c5:11:32:c5:6b:6d:42:
                    29:f9:41:d8:ee:9a:92:fb:ee:77:4c:39:29:af:9e:
                    58:a0:ba:88:92:d0:f8:c7:cb:f9:84:37:6b:bf:d4:
                    22:95:e3:ca:ea:fb:42:41:c4:37:f7:dd:d8:1f:ff:
                    e1:db:ab:da:18:df:70:f2:30:04:3e:e7:2d:8d:d8:
                    66:ad:ad:50:7d:63:c5:d6:13:32:5d:4a:52:74:96:
                    8f:d1:da:f6:2e:ec:3e:64:19:30:79:78:9a:d7:a7:
                    5b:c4:f2:71:41:48:c9:42:af:a1:fe:05:8b:31:89:
                    a7:5b:5c:82:d1:51:20:29:d4:c3:3e:91:ff:48:90:
                    5f:12:90:41:42:e1:70:d4:4a:bc:7b:d5:b1:b7:fe:
                    9d:40:12:7a:bb:47:8c:00:ea:77:f6:db:6a:cc:6a:
                    4c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:71:B8:1F:32:CD:25:D7:F4:B7:12:29:55:16:49:38:64:38:2D:CC
            X509v3 Authority Key Identifier:
                keyid:00:E7:B3:63:5B:3D:57:85:60:37:0A:58:30:3C:FC:D5:CD:92:91:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:d6:a6:c8:de:46:27:5e:51:a1:fd:78:c2:82:ea:c3:09:37:
         10:b1:35:e4:77:8c:d7:f3:71:a6:3d:db:70:45:ee:a3:dd:3c:
         dd:96:83:a5:10:78:22:3c:0a:3c:56:7f:85:42:66:a7:19:76:
         f7:ed:c6:be:db:35:5a:a6:ae:8b:79:84:81:9b:fc:bd:c5:dc:
         65:25:cd:0a:4b:da:07:f3:9f:d1:d2:4c:97:ee:cf:e9:07:d7:
         d9:d6:67:e8:de:ab:ca:8d:1e:5a:4b:07:9f:c6:d3:63:27:3c:
         ec:ba:7b:b9:34:34:8a:1c:74:65:81:62:d2:ea:3e:f9:39:b7:
         d0:66:76:41:f5:f1:ab:f7:39:5e:98:96:b8:30:aa:9a:18:13:
         31:c3:38:15:b5:ea:63:bd:cf:de:77:96:a9:b1:47:e9:80:2b:
         f3:3b:43:e8:76:bb:66:05:a9:26:79:b5:79:61:56:6b:b2:69:
         c7:f9:0a:f2:66:c0:a2:ec:94:53:a7:e6:f1:c6:5a:e3:34:69:
         30:74:15:d5:30:57:07:e4:40:50:96:74:0d:19:1a:be:80:8c:
         a7:59:13:4b:01:ce:3b:17:3e:07:92:89:cc:e2:63:09:1b:c7:
         2e:1c:0c:24:12:db:45:a4:4c:1d:5c:83:36:0a:7c:73:c6:15:
         4d:da:94:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsV0exMogQYHPGrW98WSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTdiMzYzNWIzZDU3ODU2MDM3MGE1ODMwM2NmY2Q1Y2Q5
MjkxMDUwHhcNMjUwOTA3MDEwMTM1WhcNMjUwOTA4MDEwMTM1WjAzMTEwLwYDVQQD
EyhhMTcxYjgxZjMyY2QyNWQ3ZjRiNzEyMjk1NTE2NDkzODY0MzgyZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwszO292KDAMjk5LaHI6/DGc58iDn
Utjgds9ZxyiPosj/dJo8/C1Q8VT7C79AEkTD0nqvmFfdzK1YZw1RV6Ib1FxX7hE4
2ef3bE3vClMuap9qihy/J57twJpGaEa3QZt+TsURMsVrbUIp+UHY7pqS++53TDkp
r55YoLqIktD4x8v5hDdrv9QilePK6vtCQcQ3993YH//h26vaGN9w8jAEPuctjdhm
ra1QfWPF1hMyXUpSdJaP0dr2Luw+ZBkweXia16dbxPJxQUjJQq+h/gWLMYmnW1yC
0VEgKdTDPpH/SJBfEpBBQuFw1Eq8e9Wxt/6dQBJ6u0eMAOp39ttqzGpMEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKFxuB8yzSXX9LcSKVUWSThkOC3MMB8GA1UdIwQY
MBaAFADns2NbPVeFYDcKWDA8/NXNkpEFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NjIzOGEtYTE5YS00OTE1LThhNDct
YTBjZDE0MTUxM2NiLzEvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NjIzOGEtYTE5YS00OTE1LThhNDctYTBjZDE0MTUxM2Ni
LzEvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMdamyN5G
J15Rof14woLqwwk3ELE15HeM1/Nxpj3bcEXuo9083ZaDpRB4IjwKPFZ/hUJmpxl2
9+3Gvts1Wqaui3mEgZv8vcXcZSXNCkvaB/Of0dJMl+7P6QfX2dZn6N6ryo0eWksH
n8bTYyc87Lp7uTQ0ihx0ZYFi0uo++Tm30GZ2QfXxq/c5XpiWuDCqmhgTMcM4FbXq
Y73P3neWqbFH6YAr8ztD6Ha7ZgWpJnm1eWFWa7Jpx/kK8mbAouyUU6fm8cZa4zRp
MHQV1TBXB+RAUJZ0DRkavoCMp1kTSwHOOxc+B5KJzOJjCRvHLhwMJBLbRaRMHVyD
Ngp8c8YVTdqU/w==
-----END CERTIFICATE-----