Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
File:                     tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json)
Hash identifier:          9Q64Vcgjezro8GdLFfOo91XyQWguORpVAfFwplfMxPw=
Subject key identifier:   30:20:0B:96:9B:89:3C:72:96:1E:DC:FD:75:F2:A6:2A:C7:D2:C9:8F
Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
Certificate issuer:       /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Certificate serial:       019A4D7475DA6AA96863E17AF60089037169
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
Manifest number:          0921
Signing time:             Tue 04 Nov 2025 06:01:09 +0000
Manifest this update:     Tue 04 Nov 2025 06:01:09 +0000
Manifest next update:     Wed 05 Nov 2025 06:01:09 +0000
Files and hashes:         1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: Bn/pCPw+P7H2xaur3MS2/F0aCdvOOAYh+3U0eZ64BGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:74:75:da:6a:a9:68:63:e1:7a:f6:00:89:03:71:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
        Validity
            Not Before: Nov  4 06:01:09 2025 GMT
            Not After : Nov  5 06:01:09 2025 GMT
        Subject: CN=30200b969b893c72961edcfd75f2a62ac7d2c98f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:b8:d8:5b:9d:51:6b:52:47:ef:08:fc:5b:58:
                    96:b8:a4:68:29:c2:32:88:74:ae:9a:f0:0c:98:d2:
                    88:87:9a:51:65:ee:51:ad:52:9c:3e:2c:ea:3c:7a:
                    0c:ba:5e:2e:e4:9b:6e:27:25:de:54:8d:f2:93:ff:
                    f3:2c:ca:25:58:f1:bd:da:18:ee:37:a0:bd:c7:93:
                    18:88:56:43:6a:fe:4f:cd:e5:fb:83:82:51:51:b5:
                    b7:e5:fa:56:9b:66:76:f9:f0:82:c1:a1:38:82:b1:
                    6e:d2:3d:e6:9c:86:54:b1:e1:44:cd:ef:5b:2d:27:
                    05:8d:e9:b1:3b:da:78:26:56:41:28:c3:a0:1f:99:
                    c3:0d:f9:38:27:38:37:23:05:56:32:3d:0a:62:c0:
                    6c:a5:c6:ce:94:a8:9b:e5:cb:3d:7b:d6:19:c3:2b:
                    52:33:86:51:e3:5c:50:c7:b2:24:05:d9:13:56:a6:
                    4a:95:5c:1c:af:45:46:45:dc:1f:d0:39:10:fa:e7:
                    4e:30:6f:47:00:04:38:b7:9f:90:00:27:2b:a6:30:
                    c2:f7:ce:21:1b:68:fa:e7:d3:85:d0:74:5c:17:2a:
                    44:e4:0b:f2:c2:74:c6:87:0f:52:2c:f8:29:8e:a7:
                    89:c3:ee:8c:aa:27:08:d8:13:49:d3:8b:db:1f:69:
                    fa:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:20:0B:96:9B:89:3C:72:96:1E:DC:FD:75:F2:A6:2A:C7:D2:C9:8F
            X509v3 Authority Key Identifier:
                keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:17:ec:6a:5f:c3:9b:6e:ea:27:d7:fc:6f:90:01:c9:6f:0d:
         e9:57:7d:d8:73:c9:16:41:0c:95:2d:b3:34:09:c0:a8:94:a1:
         64:a2:28:4c:65:73:bb:de:4c:fb:b0:62:9a:3b:b4:c2:a0:d6:
         14:df:0c:20:d3:57:0f:a3:20:bf:1c:c8:86:84:a8:cb:dd:58:
         a3:c5:fc:46:97:b9:60:1f:c6:44:fd:6c:e5:98:74:10:f3:ea:
         5a:1d:3a:08:e0:e3:a0:e6:39:64:54:d3:4b:62:69:d5:71:9e:
         c8:93:f6:68:6b:bf:80:1b:09:ff:ec:ff:e1:10:de:0a:47:de:
         ed:29:93:02:c1:c2:3e:d2:cb:78:4f:28:2e:cc:b8:f5:73:d0:
         22:46:77:b9:bd:fe:f7:b6:19:39:a1:ad:e0:58:37:b3:a8:4f:
         c2:c1:ff:cd:7e:3a:aa:b2:cb:30:65:f0:f9:a4:08:89:65:fb:
         17:3c:67:d7:f6:28:b3:78:66:27:c2:de:cb:08:e2:64:fc:bf:
         ed:83:bb:48:98:68:04:fa:cd:18:30:24:b0:0d:6c:42:f5:bc:
         50:6f:bf:bf:26:de:27:8b:f5:83:27:2f:ad:e7:83:7b:63:af:
         05:35:ff:29:74:e5:8e:72:b3:e4:ae:4e:99:e0:f3:c6:9b:68:
         4a:71:88:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdHXaaqloY+F69gCJA3FpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl
YTNjZDgwHhcNMjUxMTA0MDYwMTA5WhcNMjUxMTA1MDYwMTA5WjAzMTEwLwYDVQQD
EygzMDIwMGI5NjliODkzYzcyOTYxZWRjZmQ3NWYyYTYyYWM3ZDJjOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7jYW51Ra1JH7wj8W1iWuKRoKcIy
iHSumvAMmNKIh5pRZe5RrVKcPizqPHoMul4u5JtuJyXeVI3yk//zLMolWPG92hju
N6C9x5MYiFZDav5PzeX7g4JRUbW35fpWm2Z2+fCCwaE4grFu0j3mnIZUseFEze9b
LScFjemxO9p4JlZBKMOgH5nDDfk4Jzg3IwVWMj0KYsBspcbOlKib5cs9e9YZwytS
M4ZR41xQx7IkBdkTVqZKlVwcr0VGRdwf0DkQ+udOMG9HAAQ4t5+QACcrpjDC984h
G2j659OF0HRcFypE5AvywnTGhw9SLPgpjqeJw+6MqicI2BNJ04vbH2n62wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDAgC5abiTxylh7c/XXypirH0smPMB8GA1UdIwQY
MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt
MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3
LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAURfsal/D
m27qJ9f8b5AByW8N6Vd92HPJFkEMlS2zNAnAqJShZKIoTGVzu95M+7Bimju0wqDW
FN8MINNXD6MgvxzIhoSoy91Yo8X8Rpe5YB/GRP1s5Zh0EPPqWh06CODjoOY5ZFTT
S2Jp1XGeyJP2aGu/gBsJ/+z/4RDeCkfe7SmTAsHCPtLLeE8oLsy49XPQIkZ3ub3+
97YZOaGt4Fg3s6hPwsH/zX46qrLLMGXw+aQIiWX7Fzxn1/Yos3hmJ8LeywjiZPy/
7YO7SJhoBPrNGDAksA1sQvW8UG+/vybeJ4v1gycvreeDe2OvBTX/KXTljnKz5K5O
meDzxptoSnGIfA==
-----END CERTIFICATE-----