Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          nVB7jTTWKl2oCHf9168CQ8TmvFP/p+H3/dIHkHOji4M=
Subject key identifier:   66:85:C3:11:8E:8F:9E:76:EB:20:C1:3D:66:C3:F9:6B:C7:03:AE:E1
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       019A4DE1F03CCAB824A1424822EB1CDB3F7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          0609
Signing time:             Tue 04 Nov 2025 08:00:43 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:43 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:43 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: G5IAYGFIfYbSxlCTAKYM2uEVhHpSEpYdsMsow2oWYxI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:f0:3c:ca:b8:24:a1:42:48:22:eb:1c:db:3f:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Nov  4 08:00:43 2025 GMT
            Not After : Nov  5 08:00:43 2025 GMT
        Subject: CN=6685c3118e8f9e76eb20c13d66c3f96bc703aee1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ab:f7:54:85:63:11:86:ed:29:77:22:ad:15:
                    09:36:34:15:bb:19:83:86:ce:06:e6:08:12:87:19:
                    59:72:43:31:5d:72:98:06:2e:bc:4c:80:10:b7:bb:
                    1d:dc:f7:f8:92:32:7d:80:f2:b4:e1:aa:9e:09:94:
                    5d:fe:af:af:d1:ae:ec:5a:6b:ca:ef:7f:9b:e0:92:
                    bc:5b:09:b1:32:61:17:d4:a8:bd:6c:b9:64:39:ad:
                    15:88:9f:4f:9b:ea:e3:9a:26:f6:3b:98:c8:cb:de:
                    1d:02:f1:9a:36:f1:95:71:dd:0c:3e:95:8b:fa:8a:
                    54:94:1c:be:ff:f4:55:07:78:01:5a:f2:40:ec:e6:
                    b1:cb:bc:6a:a3:1a:f6:74:61:66:bd:5d:18:9e:68:
                    03:7b:b2:6d:a5:d4:63:60:46:81:cd:66:6c:0f:fb:
                    8c:09:b9:98:59:a2:27:b6:53:c8:3b:6a:f8:bd:28:
                    fa:18:c0:75:11:52:a7:16:cc:74:c8:3e:70:28:45:
                    75:69:69:3c:ec:9d:2e:4c:05:10:9c:2e:57:fc:69:
                    b0:7e:fa:4d:43:c7:ac:86:25:bf:a2:e4:76:70:f5:
                    2e:f9:a6:4e:35:8f:4e:11:69:a6:03:1a:6d:34:ac:
                    a3:8d:27:e2:8e:c5:fc:ea:a1:01:a7:b9:37:ed:28:
                    7c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:85:C3:11:8E:8F:9E:76:EB:20:C1:3D:66:C3:F9:6B:C7:03:AE:E1
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:7a:29:70:a5:ee:f4:4f:8f:f9:cd:70:01:44:5a:1a:9b:c3:
         e5:9f:ee:16:23:a9:76:0a:89:83:58:29:fd:22:5f:4f:4d:dd:
         26:aa:f7:3a:5a:42:34:ec:6a:69:f8:70:54:83:89:ed:74:6b:
         6d:08:e6:5b:0a:3d:ec:a3:84:c3:9c:0c:7a:72:ea:91:fe:93:
         e7:55:2a:9c:52:67:a2:bf:11:47:a5:d7:c2:bb:1d:5b:6a:ed:
         8f:53:d2:bb:94:84:79:5e:cc:b7:a8:af:ca:07:05:a7:95:a9:
         bd:7d:38:3e:83:71:4f:a3:d4:57:e6:40:2e:23:8f:4f:28:3d:
         7d:51:23:f6:f4:34:5e:15:e7:ba:d5:f1:af:a2:d7:04:ec:d4:
         38:5a:d4:e6:02:56:2d:41:f6:a1:c4:f0:24:c6:38:ee:5f:cb:
         5f:78:7f:e6:81:7b:4f:d6:dc:07:30:d3:92:1a:38:4c:1a:31:
         43:c4:19:a6:2b:5c:78:be:0c:ca:12:ed:db:16:20:9f:3e:82:
         b8:fd:2e:9e:79:c6:fe:b5:40:96:55:41:e6:71:f4:47:ca:65:
         f0:a9:ce:bb:90:c7:41:d1:00:4a:1b:82:a1:ef:1d:c1:24:30:
         ed:11:c8:5b:1d:9e:ad:e0:f4:9c:98:3b:24:19:64:70:fe:af:
         ff:24:d6:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4fA8yrgkoUJIIusc2z98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUxMTA0MDgwMDQzWhcNMjUxMTA1MDgwMDQzWjAzMTEwLwYDVQQD
Eyg2Njg1YzMxMThlOGY5ZTc2ZWIyMGMxM2Q2NmMzZjk2YmM3MDNhZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiav3VIVjEYbtKXcirRUJNjQVuxmD
hs4G5ggShxlZckMxXXKYBi68TIAQt7sd3Pf4kjJ9gPK04aqeCZRd/q+v0a7sWmvK
73+b4JK8WwmxMmEX1Ki9bLlkOa0ViJ9Pm+rjmib2O5jIy94dAvGaNvGVcd0MPpWL
+opUlBy+//RVB3gBWvJA7Oaxy7xqoxr2dGFmvV0YnmgDe7JtpdRjYEaBzWZsD/uM
CbmYWaIntlPIO2r4vSj6GMB1EVKnFsx0yD5wKEV1aWk87J0uTAUQnC5X/GmwfvpN
Q8eshiW/ouR2cPUu+aZONY9OEWmmAxptNKyjjSfijsX86qEBp7k37Sh8FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGaFwxGOj5526yDBPWbD+WvHA67hMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT3opcKXu
9E+P+c1wAURaGpvD5Z/uFiOpdgqJg1gp/SJfT03dJqr3OlpCNOxqafhwVIOJ7XRr
bQjmWwo97KOEw5wMenLqkf6T51UqnFJnor8RR6XXwrsdW2rtj1PSu5SEeV7Mt6iv
ygcFp5WpvX04PoNxT6PUV+ZALiOPTyg9fVEj9vQ0XhXnutXxr6LXBOzUOFrU5gJW
LUH2ocTwJMY47l/LX3h/5oF7T9bcBzDTkho4TBoxQ8QZpitceL4MyhLt2xYgnz6C
uP0unnnG/rVAllVB5nH0R8pl8KnOu5DHQdEAShuCoe8dwSQw7RHIWx2ereD0nJg7
JBlkcP6v/yTWEw==
-----END CERTIFICATE-----