Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
File:                     OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json)
Hash identifier:          0W41xNQGA7tH5JYqaqOSTNYiim7cr/p0YWou7Y7dsbA=
Subject key identifier:   ED:AB:65:88:3E:E7:0E:3D:51:E6:71:BD:A2:46:49:40:60:1F:CA:39
Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
Certificate issuer:       /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Certificate serial:       019A4DAA756F0DF85E06E82A042BA1A56142
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
Manifest number:          0356
Signing time:             Tue 04 Nov 2025 07:00:08 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:08 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:08 +0000
Files and hashes:         1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: dIgQDaXpeGawYRXzPN+EjZHuPe/Y4sfXf/r2LFREWA0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:75:6f:0d:f8:5e:06:e8:2a:04:2b:a1:a5:61:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
        Validity
            Not Before: Nov  4 07:00:08 2025 GMT
            Not After : Nov  5 07:00:08 2025 GMT
        Subject: CN=edab65883ee70e3d51e671bda2464940601fca39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:b4:37:69:32:1c:de:a3:5f:82:e6:6a:cc:4a:
                    95:6e:9f:6e:d4:f6:b3:fe:93:56:22:2f:57:ac:4a:
                    87:74:97:34:71:bb:83:bd:be:5c:58:c4:69:e6:c0:
                    71:c3:c1:ca:bd:98:9e:5d:5b:c3:57:f8:f9:1d:3f:
                    86:0f:a8:b1:53:af:20:34:8e:3c:7c:64:50:06:35:
                    b4:d9:13:56:e6:b2:5c:c2:ec:3a:24:6d:dc:5b:a3:
                    49:8f:31:23:e6:3f:51:6e:80:92:19:50:c7:3e:72:
                    e8:f9:b1:b6:3d:8a:73:21:61:be:04:76:d2:7e:48:
                    05:cd:a5:05:f3:34:20:e3:d7:56:c3:c6:eb:4c:22:
                    4e:b0:d2:ae:f3:cc:0d:17:e0:7c:4e:9a:d2:17:02:
                    1a:2a:26:bb:27:8b:10:32:cd:13:72:7d:f9:59:f6:
                    61:67:b8:d6:97:46:ea:46:da:ec:88:dc:1f:38:1e:
                    33:ee:fb:db:c6:48:dd:b2:64:ab:cb:1e:5c:84:54:
                    18:17:dd:02:44:aa:27:a0:06:e2:78:8f:32:07:b5:
                    4a:b0:35:a9:62:c6:79:16:7f:04:86:56:ee:b0:4f:
                    10:06:98:85:aa:c9:a7:a8:c6:9a:d3:b6:64:b6:82:
                    81:a9:17:ad:6f:15:d1:04:5e:e2:6a:92:3b:0e:e1:
                    42:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:AB:65:88:3E:E7:0E:3D:51:E6:71:BD:A2:46:49:40:60:1F:CA:39
            X509v3 Authority Key Identifier:
                keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:3d:8b:3e:c6:6d:92:32:ba:e7:ba:dc:6d:af:64:b9:1b:09:
         51:94:79:c4:da:fa:1a:6b:99:97:68:ba:65:8b:00:28:58:a8:
         87:b0:f5:75:94:ca:68:26:61:2f:d0:70:14:35:59:3a:dd:e3:
         e1:dc:0c:f1:83:40:23:10:f3:b6:24:30:16:33:07:52:6b:96:
         9b:20:b9:b8:df:25:71:4f:12:0b:cb:61:0a:d4:ce:dc:49:5e:
         65:34:bf:dc:01:0c:e3:38:c0:ac:2c:c8:0f:82:ae:6b:ac:6e:
         93:46:02:23:8f:ea:dd:dd:f5:a7:cb:1a:f3:ad:1d:a9:77:b7:
         32:e7:3b:89:99:7d:bb:85:82:a2:40:a2:7a:68:c5:77:40:af:
         ec:80:ef:91:63:76:d3:36:08:cb:12:2a:c5:d2:b3:57:01:58:
         7d:54:5b:cf:44:3f:ab:42:c0:ae:6f:29:ec:ad:df:91:10:86:
         da:c7:ae:42:bd:e0:e3:45:c7:16:fe:0a:d2:d8:58:79:b8:4d:
         35:c0:8b:95:03:74:53:e0:fd:39:47:2f:07:86:e5:12:1b:79:
         ff:8b:9f:f9:61:db:f4:38:16:4c:94:a5:4e:6a:62:e3:0f:50:
         14:f7:6d:ca:76:9b:26:a4:d9:de:92:96:cf:9c:36:3b:11:c4:
         e8:04:e7:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqnVvDfheBugqBCuhpWFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw
YjU3YmEwHhcNMjUxMTA0MDcwMDA4WhcNMjUxMTA1MDcwMDA4WjAzMTEwLwYDVQQD
EyhlZGFiNjU4ODNlZTcwZTNkNTFlNjcxYmRhMjQ2NDk0MDYwMWZjYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27Q3aTIc3qNfguZqzEqVbp9u1Paz
/pNWIi9XrEqHdJc0cbuDvb5cWMRp5sBxw8HKvZieXVvDV/j5HT+GD6ixU68gNI48
fGRQBjW02RNW5rJcwuw6JG3cW6NJjzEj5j9RboCSGVDHPnLo+bG2PYpzIWG+BHbS
fkgFzaUF8zQg49dWw8brTCJOsNKu88wNF+B8TprSFwIaKia7J4sQMs0Tcn35WfZh
Z7jWl0bqRtrsiNwfOB4z7vvbxkjdsmSryx5chFQYF90CRKonoAbieI8yB7VKsDWp
YsZ5Fn8EhlbusE8QBpiFqsmnqMaa07ZktoKBqRetbxXRBF7iapI7DuFChQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2rZYg+5w49UeZxvaJGSUBgH8o5MB8GA1UdIwQY
MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt
YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz
LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADT2LPsZt
kjK657rcba9kuRsJUZR5xNr6GmuZl2i6ZYsAKFioh7D1dZTKaCZhL9BwFDVZOt3j
4dwM8YNAIxDztiQwFjMHUmuWmyC5uN8lcU8SC8thCtTO3EleZTS/3AEM4zjArCzI
D4Kua6xuk0YCI4/q3d31p8sa860dqXe3Muc7iZl9u4WCokCiemjFd0Cv7IDvkWN2
0zYIyxIqxdKzVwFYfVRbz0Q/q0LArm8p7K3fkRCG2seuQr3g40XHFv4K0thYebhN
NcCLlQN0U+D9OUcvB4blEht5/4uf+WHb9DgWTJSlTmpi4w9QFPdtynabJqTZ3pKW
z5w2OxHE6ATnZA==
-----END CERTIFICATE-----