Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
File:                     aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft (raw, json)
Hash identifier:          4MxJ8/5uJI7W8q4RrgILK4DS+3Teht9pNlLTIN91LHM=
Subject key identifier:   C5:4A:B7:8C:99:45:86:5A:76:CA:45:DD:E5:2B:3A:E3:9D:A9:AE:A6
Authority key identifier: 68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2
Certificate issuer:       /CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
Certificate serial:       019921B0BE691CFA51419FA5804ECF929DB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
Manifest number:          1655
Signing time:             Sun 07 Sep 2025 01:00:55 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:55 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:55 +0000
Files and hashes:         1: aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl (hash: 0JeYPRvfEGKm+2dF/jk9rC2YieHylVS6bXuiuu/cc44=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:be:69:1c:fa:51:41:9f:a5:80:4e:cf:92:9d:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
        Validity
            Not Before: Sep  7 01:00:55 2025 GMT
            Not After : Sep  8 01:00:55 2025 GMT
        Subject: CN=c54ab78c9945865a76ca45dde52b3ae39da9aea6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:7e:19:2a:72:b3:fe:33:f5:ce:9b:5b:b5:29:
                    8e:a3:64:c6:c4:90:21:0c:38:a3:41:ec:f1:e8:ab:
                    59:8d:78:ff:af:c6:f2:ef:9a:d0:27:c3:06:9e:46:
                    76:7e:8f:d4:ee:3b:b3:c0:b5:50:f6:e6:de:03:f3:
                    28:26:f4:2c:22:0d:c7:a5:a3:d7:fe:d8:90:b4:8f:
                    00:b3:bc:04:ec:ec:a5:c3:ba:e3:f0:f2:c3:16:89:
                    11:53:b3:1a:98:02:71:47:59:22:c7:42:6d:83:5e:
                    e9:fd:76:e0:f6:06:42:de:ef:72:a2:cc:cc:8a:43:
                    7e:47:83:13:9e:09:e8:2e:32:25:dd:b5:49:33:04:
                    e1:ad:77:ed:1b:0e:65:8c:48:ed:4b:73:8b:7b:8c:
                    f6:76:62:72:9b:ba:b8:13:05:2e:82:e3:88:54:1d:
                    d3:ee:df:43:8b:0d:e5:9f:03:a1:a6:4d:73:05:f5:
                    33:c7:c2:c9:1f:6c:af:10:ce:de:0a:3a:96:fd:b7:
                    46:45:25:33:85:32:dd:52:0c:0d:0b:03:c6:52:9d:
                    15:2f:9e:6b:5a:d8:ab:4d:f5:be:75:59:8e:0a:ae:
                    98:fb:27:64:1d:94:83:49:2a:ec:b8:d5:52:44:6f:
                    6a:5a:8d:2f:f9:39:d1:6c:18:8f:06:ee:26:60:1b:
                    c5:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:4A:B7:8C:99:45:86:5A:76:CA:45:DD:E5:2B:3A:E3:9D:A9:AE:A6
            X509v3 Authority Key Identifier:
                keyid:68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:99:32:b1:e6:e2:a2:68:fe:fb:f3:1c:58:2d:1a:35:e0:d5:
         91:1b:a5:0a:46:7c:1c:87:22:f0:fa:17:78:0c:48:66:97:1a:
         8b:e6:9d:6a:e7:30:ac:d8:64:b7:0b:5d:8b:a5:61:43:3e:db:
         cc:ef:70:92:33:38:bb:95:e1:c3:f2:7b:df:b3:f8:cd:56:a3:
         15:00:23:c2:c5:da:69:02:ad:73:97:e0:fd:0a:e1:1e:80:b8:
         77:67:8c:5c:e3:10:6d:5e:0e:e3:94:65:2f:fe:ea:bb:b0:7f:
         bc:3b:1c:cd:12:68:77:c6:f4:eb:de:8f:04:1d:01:c7:c4:d3:
         cb:95:22:ae:77:65:f1:3e:b3:21:b1:6a:94:54:95:eb:ed:4c:
         1e:42:46:97:ef:f4:ec:85:ff:a6:bb:41:1b:24:61:00:fc:18:
         d3:cf:69:d1:51:29:f6:6a:60:73:c8:65:26:4b:f2:12:7c:06:
         e2:97:be:eb:cf:b5:0e:3c:38:0e:a5:32:05:bd:61:91:c3:18:
         a0:7f:5a:c0:1c:68:55:e6:ab:6c:da:83:b0:c4:7f:75:5f:12:
         db:9e:6f:a6:3c:83:9f:0e:ec:8d:39:9c:86:b3:5b:45:8f:2b:
         2b:ba:83:c5:e1:a2:be:1c:e4:51:54:3a:01:6a:a4:02:f0:9c:
         80:0c:a5:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsL5pHPpRQZ+lgE7Pkp2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTFlNmVhNTI3ZGMzODVhNzlhM2UwODgyN2RiZjY5MGM5
MWM0YzIwHhcNMjUwOTA3MDEwMDU1WhcNMjUwOTA4MDEwMDU1WjAzMTEwLwYDVQQD
EyhjNTRhYjc4Yzk5NDU4NjVhNzZjYTQ1ZGRlNTJiM2FlMzlkYTlhZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1X4ZKnKz/jP1zptbtSmOo2TGxJAh
DDijQezx6KtZjXj/r8by75rQJ8MGnkZ2fo/U7juzwLVQ9ubeA/MoJvQsIg3HpaPX
/tiQtI8As7wE7Oylw7rj8PLDFokRU7MamAJxR1kix0Jtg17p/Xbg9gZC3u9yoszM
ikN+R4MTngnoLjIl3bVJMwThrXftGw5ljEjtS3OLe4z2dmJym7q4EwUuguOIVB3T
7t9Diw3lnwOhpk1zBfUzx8LJH2yvEM7eCjqW/bdGRSUzhTLdUgwNCwPGUp0VL55r
WtirTfW+dVmOCq6Y+ydkHZSDSSrsuNVSRG9qWo0v+TnRbBiPBu4mYBvF8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVKt4yZRYZadspF3eUrOuOdqa6mMB8GA1UdIwQY
MBaAFGjh5upSfcOFp5o+CIJ9v2kMkcTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4Mzkt
MTdkMDk3ZmY4OWMyLzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4MzktMTdkMDk3ZmY4OWMy
LzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe5kysebi
omj++/McWC0aNeDVkRulCkZ8HIci8PoXeAxIZpcai+adaucwrNhktwtdi6VhQz7b
zO9wkjM4u5Xhw/J737P4zVajFQAjwsXaaQKtc5fg/QrhHoC4d2eMXOMQbV4O45Rl
L/7qu7B/vDsczRJod8b0696PBB0Bx8TTy5Uirndl8T6zIbFqlFSV6+1MHkJGl+/0
7IX/prtBGyRhAPwY089p0VEp9mpgc8hlJkvyEnwG4pe+68+1Djw4DqUyBb1hkcMY
oH9awBxoVearbNqDsMR/dV8S255vpjyDnw7sjTmchrNbRY8rK7qDxeGivhzkUVQ6
AWqkAvCcgAyliQ==
-----END CERTIFICATE-----