Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
File:                     Os5p2XnZoNxneVEGweVayhVHCH8.mft (raw, json)
Hash identifier:          OHGaHtsSVYtMl9zXpem4rj8I5BtqGUl6yWgxXijdLfY=
Subject key identifier:   D1:73:4B:29:90:B4:A0:23:85:07:81:B1:A8:39:91:DE:BF:BB:70:B9
Authority key identifier: 3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F
Certificate issuer:       /CN=3ace69d979d9a0dc67795106c1e55aca1547087f
Certificate serial:       019A4DAAAE9B86705D13D4175CDFED5FBF54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
Manifest number:          1706
Signing time:             Tue 04 Nov 2025 07:00:22 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:22 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:22 +0000
Files and hashes:         1: Os5p2XnZoNxneVEGweVayhVHCH8.crl (hash: aXf2jMrYX0tgxl+i10HypdOyCOkgi+klDz0zAY7fumM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:ae:9b:86:70:5d:13:d4:17:5c:df:ed:5f:bf:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ace69d979d9a0dc67795106c1e55aca1547087f
        Validity
            Not Before: Nov  4 07:00:22 2025 GMT
            Not After : Nov  5 07:00:22 2025 GMT
        Subject: CN=d1734b2990b4a023850781b1a83991debfbb70b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:86:89:19:38:84:34:83:fa:ab:22:1b:50:e3:
                    b4:69:dc:f2:20:21:f8:70:80:12:04:99:7e:d0:6e:
                    a7:b1:78:84:23:4d:da:94:b8:f9:9a:bc:28:79:9b:
                    86:d6:a3:8a:fe:6f:cc:f5:fa:10:be:68:a5:2a:07:
                    64:50:d7:18:28:bc:e5:02:c8:7f:9a:81:c9:6c:12:
                    ed:12:9f:72:0a:8a:d7:85:04:b8:5f:ff:ec:10:40:
                    a6:1f:2c:43:eb:34:48:90:f3:38:f8:eb:b8:5e:92:
                    76:dd:78:99:dd:14:5d:56:d9:86:fe:28:c6:cc:67:
                    d4:53:e5:a4:f8:02:4f:cc:03:c5:10:6a:82:83:77:
                    0f:6b:82:b3:a2:ad:98:df:b1:e1:a0:35:83:96:06:
                    f9:dc:6c:87:67:94:63:34:72:c1:ec:16:17:92:e7:
                    09:83:6b:1c:39:f6:b7:bd:2d:07:1d:c7:b8:d9:be:
                    f9:6e:78:cc:5b:65:98:9c:a9:4b:7c:c8:a2:ff:f9:
                    11:6a:d2:f1:b2:5e:9d:01:e6:15:21:0e:ba:c7:7a:
                    aa:32:0c:e6:66:3a:61:13:79:cd:82:1c:e5:80:5a:
                    c5:46:70:1a:30:f2:c9:b6:e1:d1:87:3b:2b:7d:bb:
                    b6:5f:30:fe:01:bc:05:d3:0a:d6:5c:68:d2:69:81:
                    6d:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:73:4B:29:90:B4:A0:23:85:07:81:B1:A8:39:91:DE:BF:BB:70:B9
            X509v3 Authority Key Identifier:
                keyid:3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:6e:39:55:d0:dd:e8:42:65:38:84:0f:24:2b:20:ae:27:20:
         fd:77:26:af:2c:b2:61:7e:57:05:c6:5e:5a:11:51:38:d9:b1:
         3f:bd:6d:d4:89:b7:c2:25:6f:7e:ee:89:63:77:f5:91:05:3d:
         90:84:0d:4f:49:c2:5a:9b:bd:c9:f1:bf:38:4a:54:c4:5f:a0:
         34:4e:18:47:d9:a3:a5:59:ec:78:66:59:64:56:1b:7c:fd:2b:
         7d:f4:c9:0d:8c:e3:e3:2f:c7:3a:83:9e:48:ba:d5:a4:74:a8:
         b4:bb:a2:58:a4:ff:9c:2b:3d:31:1d:26:ef:30:f2:bb:d7:22:
         e3:48:6b:0b:12:c6:bd:05:ad:d3:fa:2a:e4:51:cb:89:75:56:
         45:ee:13:e0:22:03:50:c4:bf:8e:f8:22:b9:4e:89:6f:b9:d4:
         62:d7:c4:3f:fc:6a:69:9f:12:54:47:17:df:8a:dd:20:ea:92:
         14:c5:fc:21:be:12:16:c7:c8:8e:5b:92:98:53:af:76:46:2b:
         08:23:f9:0c:e8:12:78:83:88:f7:79:28:16:17:34:b8:91:ff:
         21:f8:25:98:c5:ba:cd:4f:b7:58:14:cf:a0:10:64:7a:1e:7b:
         fe:d7:ea:a6:6a:5c:50:7b:20:c8:13:72:f0:85:c7:62:81:e0:
         80:14:49:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqq6bhnBdE9QXXN/tX79UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2U2OWQ5NzlkOWEwZGM2Nzc5NTEwNmMxZTU1YWNhMTU0
NzA4N2YwHhcNMjUxMTA0MDcwMDIyWhcNMjUxMTA1MDcwMDIyWjAzMTEwLwYDVQQD
EyhkMTczNGIyOTkwYjRhMDIzODUwNzgxYjFhODM5OTFkZWJmYmI3MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IaJGTiENIP6qyIbUOO0adzyICH4
cIASBJl+0G6nsXiEI03alLj5mrwoeZuG1qOK/m/M9foQvmilKgdkUNcYKLzlAsh/
moHJbBLtEp9yCorXhQS4X//sEECmHyxD6zRIkPM4+Ou4XpJ23XiZ3RRdVtmG/ijG
zGfUU+Wk+AJPzAPFEGqCg3cPa4Kzoq2Y37HhoDWDlgb53GyHZ5RjNHLB7BYXkucJ
g2scOfa3vS0HHce42b75bnjMW2WYnKlLfMii//kRatLxsl6dAeYVIQ66x3qqMgzm
ZjphE3nNghzlgFrFRnAaMPLJtuHRhzsrfbu2XzD+AbwF0wrWXGjSaYFtjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFzSymQtKAjhQeBsag5kd6/u3C5MB8GA1UdIwQY
MBaAFDrOadl52aDcZ3lRBsHlWsoVRwh/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEt
YTk3NzVhYThkODEyLzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEtYTk3NzVhYThkODEy
LzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACG45VdDd
6EJlOIQPJCsgricg/XcmryyyYX5XBcZeWhFRONmxP71t1Im3wiVvfu6JY3f1kQU9
kIQNT0nCWpu9yfG/OEpUxF+gNE4YR9mjpVnseGZZZFYbfP0rffTJDYzj4y/HOoOe
SLrVpHSotLuiWKT/nCs9MR0m7zDyu9ci40hrCxLGvQWt0/oq5FHLiXVWRe4T4CID
UMS/jvgiuU6Jb7nUYtfEP/xqaZ8SVEcX34rdIOqSFMX8Ib4SFsfIjluSmFOvdkYr
CCP5DOgSeIOI93koFhc0uJH/IfglmMW6zU+3WBTPoBBkeh57/tfqpmpcUHsgyBNy
8IXHYoHggBRJcQ==
-----END CERTIFICATE-----