Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft
File:                     O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft (raw, json)
Hash identifier:          M/X3Ic7i40BiG1jJtl8EC93NXhHT2j25u424oO2qHsI=
Subject key identifier:   23:34:AC:24:86:77:90:07:00:CE:73:C2:D4:1B:AC:49:FE:C4:FE:33
Authority key identifier: 3B:EE:60:66:BB:65:2C:64:8C:7A:87:09:9D:0D:93:54:54:60:60:D3
Certificate issuer:       /CN=3bee6066bb652c648c7a87099d0d9354546060d3
Certificate serial:       019A50E2E43CB97DE1BB58FDCA23F3647774
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O-5gZrtlLGSMeocJnQ2TVFRgYNM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft
Manifest number:          170E
Signing time:             Tue 04 Nov 2025 22:00:38 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:38 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:38 +0000
Files and hashes:         1: O-5gZrtlLGSMeocJnQ2TVFRgYNM.crl (hash: LBSRZNdL5aVRxynnBX2U2+itQSEE/vpEoMd7PNq+je0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O-5gZrtlLGSMeocJnQ2TVFRgYNM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:e4:3c:b9:7d:e1:bb:58:fd:ca:23:f3:64:77:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bee6066bb652c648c7a87099d0d9354546060d3
        Validity
            Not Before: Nov  4 22:00:38 2025 GMT
            Not After : Nov  5 22:00:38 2025 GMT
        Subject: CN=2334ac248677900700ce73c2d41bac49fec4fe33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a6:b6:71:32:a9:c5:46:95:45:8a:b6:28:a2:
                    be:30:dc:17:57:f6:8e:71:c3:09:ac:92:45:9d:46:
                    67:8c:a0:65:31:d6:11:29:a4:c6:cf:cb:b9:13:86:
                    f0:6e:20:7e:7c:c7:b7:a1:94:00:5f:ec:75:7c:e0:
                    18:a0:59:6c:1b:43:0a:9c:b0:0d:e7:10:a9:d5:af:
                    f4:d2:e7:28:69:fa:c4:d6:86:e6:cc:57:b1:2f:32:
                    14:27:6f:4f:37:b1:f2:ec:e1:97:03:12:f0:42:51:
                    ab:3f:4b:b2:33:47:ed:5a:5f:67:ba:63:39:db:50:
                    2d:7b:57:da:ca:c1:a9:df:55:09:6f:98:8e:ff:05:
                    33:28:5e:de:87:ce:f8:79:55:5f:b4:e1:06:75:e5:
                    40:3f:f1:50:34:a9:fe:3c:d8:17:ed:ee:2a:22:86:
                    a9:61:35:29:c4:c7:b3:b6:16:f7:1c:a6:86:77:a7:
                    65:ed:6d:2b:7c:c0:ff:c6:9a:d5:0d:c0:30:6a:a9:
                    fb:ea:a7:d0:68:ca:0b:b6:81:f8:c1:d3:3c:ff:cc:
                    1f:3c:e1:d5:28:b1:fd:91:d8:1c:65:c0:2c:ab:c2:
                    37:42:02:26:d2:14:c3:1e:bb:e0:b6:36:3f:a8:1f:
                    56:86:85:99:08:94:20:87:ce:f5:65:b0:9f:e2:28:
                    92:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:34:AC:24:86:77:90:07:00:CE:73:C2:D4:1B:AC:49:FE:C4:FE:33
            X509v3 Authority Key Identifier:
                keyid:3B:EE:60:66:BB:65:2C:64:8C:7A:87:09:9D:0D:93:54:54:60:60:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-5gZrtlLGSMeocJnQ2TVFRgYNM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d29cf0-4064-498a-8de3-11646be16723/1/O-5gZrtlLGSMeocJnQ2TVFRgYNM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:b5:6e:47:34:3a:a4:56:a4:f8:d5:e6:3b:16:ea:ee:73:19:
         5d:cf:16:ee:57:38:0f:0d:58:28:48:d2:ff:a8:68:5b:7e:30:
         56:00:e4:41:57:31:0f:fb:e3:e6:6e:b7:92:bb:51:28:39:77:
         29:dd:21:59:df:ea:8a:5e:2c:8c:82:29:26:2d:91:e9:60:8f:
         35:b8:a7:9d:c6:b5:86:04:1f:b7:95:b0:13:fd:b9:04:80:64:
         1d:b7:b3:64:a7:2f:cc:71:41:83:09:a3:18:67:ed:62:e4:45:
         6d:30:62:fd:09:05:aa:ee:5e:ff:7a:3d:28:42:a0:e1:11:bf:
         00:09:56:f3:b7:f5:36:35:27:65:cf:f7:1b:a8:b4:36:96:e1:
         8f:da:bb:e4:b9:6b:73:7e:f0:3b:c8:76:7c:a5:65:3e:42:1d:
         0f:79:4c:53:5a:2a:3f:26:fe:fb:fe:7b:29:a4:64:7a:46:12:
         9d:8d:c5:2f:17:b9:80:c0:20:d3:9a:f8:8b:7a:27:51:05:43:
         76:a2:e4:9b:4d:b5:8b:35:1c:70:ff:9f:93:66:a8:03:d8:2d:
         1e:fd:d3:28:ed:94:37:e2:c7:8f:64:52:e8:fe:b8:18:17:87:
         f6:21:59:24:30:9d:d1:43:c1:24:79:97:b9:e8:8f:9b:33:84:
         ee:7f:61:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4uQ8uX3hu1j9yiPzZHd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZWU2MDY2YmI2NTJjNjQ4YzdhODcwOTlkMGQ5MzU0NTQ2
MDYwZDMwHhcNMjUxMTA0MjIwMDM4WhcNMjUxMTA1MjIwMDM4WjAzMTEwLwYDVQQD
EygyMzM0YWMyNDg2Nzc5MDA3MDBjZTczYzJkNDFiYWM0OWZlYzRmZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6a2cTKpxUaVRYq2KKK+MNwXV/aO
ccMJrJJFnUZnjKBlMdYRKaTGz8u5E4bwbiB+fMe3oZQAX+x1fOAYoFlsG0MKnLAN
5xCp1a/00ucoafrE1obmzFexLzIUJ29PN7Hy7OGXAxLwQlGrP0uyM0ftWl9numM5
21Ate1faysGp31UJb5iO/wUzKF7eh874eVVftOEGdeVAP/FQNKn+PNgX7e4qIoap
YTUpxMezthb3HKaGd6dl7W0rfMD/xprVDcAwaqn76qfQaMoLtoH4wdM8/8wfPOHV
KLH9kdgcZcAsq8I3QgIm0hTDHrvgtjY/qB9WhoWZCJQgh871ZbCf4iiSrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCM0rCSGd5AHAM5zwtQbrEn+xP4zMB8GA1UdIwQY
MBaAFDvuYGa7ZSxkjHqHCZ0Nk1RUYGDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy01Z1pydGxMR1NNZW9jSm5RMlRWRlJnWU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kMjljZjAtNDA2NC00OThhLThkZTMt
MTE2NDZiZTE2NzIzLzEvTy01Z1pydGxMR1NNZW9jSm5RMlRWRlJnWU5NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9kMjljZjAtNDA2NC00OThhLThkZTMtMTE2NDZiZTE2NzIz
LzEvTy01Z1pydGxMR1NNZW9jSm5RMlRWRlJnWU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLVuRzQ6
pFak+NXmOxbq7nMZXc8W7lc4Dw1YKEjS/6hoW34wVgDkQVcxD/vj5m63krtRKDl3
Kd0hWd/qil4sjIIpJi2R6WCPNbinnca1hgQft5WwE/25BIBkHbezZKcvzHFBgwmj
GGftYuRFbTBi/QkFqu5e/3o9KEKg4RG/AAlW87f1NjUnZc/3G6i0Npbhj9q75Llr
c37wO8h2fKVlPkIdD3lMU1oqPyb++/57KaRkekYSnY3FLxe5gMAg05r4i3onUQVD
dqLkm021izUccP+fk2aoA9gtHv3TKO2UN+LHj2RS6P64GBeH9iFZJDCd0UPBJHmX
ueiPmzOE7n9hTg==
-----END CERTIFICATE-----