Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft
File:                     wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft (raw, json)
Hash identifier:          hAhBPDfK9sX8wH5aSvXmHn3a9D3iGoI723YQtAhcwtQ=
Subject key identifier:   DB:3E:3C:E2:FA:AB:09:1F:8B:28:F0:44:C8:8E:09:61:83:44:BB:60
Authority key identifier: C2:8D:33:84:B4:12:C7:CC:DB:FF:A6:41:D4:14:C1:17:DD:0E:D0:55
Certificate issuer:       /CN=c28d3384b412c7ccdbffa641d414c117dd0ed055
Certificate serial:       019A4E18A5A554F0F5820F8355CAC1A480C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wo0zhLQSx8zb_6ZB1BTBF90O0FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft
Manifest number:          0444
Signing time:             Tue 04 Nov 2025 09:00:29 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:29 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:29 +0000
Files and hashes:         1: wo0zhLQSx8zb_6ZB1BTBF90O0FU.crl (hash: oCYIxZhfRxBy11irqT0E5BuYR/ibEkf8sJPqUUijOkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wo0zhLQSx8zb_6ZB1BTBF90O0FU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:18:a5:a5:54:f0:f5:82:0f:83:55:ca:c1:a4:80:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c28d3384b412c7ccdbffa641d414c117dd0ed055
        Validity
            Not Before: Nov  4 09:00:29 2025 GMT
            Not After : Nov  5 09:00:29 2025 GMT
        Subject: CN=db3e3ce2faab091f8b28f044c88e09618344bb60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7b:66:a7:67:1f:2a:a1:9c:f6:fd:6c:a7:f3:
                    e9:ff:3c:2c:5c:97:b9:b7:3c:74:25:04:72:21:b7:
                    1a:46:41:f9:4b:af:86:b6:8f:74:ab:b1:f1:42:ce:
                    cd:76:0b:ba:d9:0f:cf:ae:49:75:79:b5:26:9e:b1:
                    ca:0a:7d:00:29:90:c1:ca:3c:52:65:f8:89:6b:34:
                    b0:58:1f:15:89:59:3f:bb:8f:fc:8c:7f:b9:a5:63:
                    f7:64:c0:7c:0c:5c:f3:6c:a5:2c:c4:89:2f:5d:a4:
                    4d:d5:06:b8:50:57:2f:e9:87:b5:81:c2:23:07:b1:
                    a3:49:73:8b:da:b1:bd:6e:78:41:68:aa:c9:ea:18:
                    f8:7c:a5:aa:8e:3a:28:8b:d3:8f:83:97:d6:fd:03:
                    c4:e0:60:f8:f1:7e:e7:b0:eb:cf:49:8b:bb:66:97:
                    31:f9:19:05:95:b4:5b:5a:5b:0b:61:85:44:11:74:
                    5c:02:c3:76:a1:c3:dc:f0:65:bc:6e:a5:43:80:2b:
                    b3:0d:01:3e:de:23:ec:74:55:74:48:c0:5f:d0:f4:
                    8e:0a:dd:65:c9:83:70:c7:12:a7:f2:82:5b:68:56:
                    5c:90:a6:04:10:ab:0b:fe:c6:33:cf:74:e5:ec:ec:
                    45:e5:3a:94:33:d0:33:ce:02:75:69:84:de:19:98:
                    8d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:3E:3C:E2:FA:AB:09:1F:8B:28:F0:44:C8:8E:09:61:83:44:BB:60
            X509v3 Authority Key Identifier:
                keyid:C2:8D:33:84:B4:12:C7:CC:DB:FF:A6:41:D4:14:C1:17:DD:0E:D0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wo0zhLQSx8zb_6ZB1BTBF90O0FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4a61fc-d077-4f4d-b2ea-d90368270e14/1/wo0zhLQSx8zb_6ZB1BTBF90O0FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:88:b4:6b:db:a5:fb:a0:3c:98:1b:8d:f3:1f:22:4f:51:3f:
         af:09:b8:20:1b:50:97:f1:f6:2a:9a:96:19:2d:5a:17:ae:88:
         92:cc:57:c2:0d:57:6f:c4:2a:d8:a0:5a:65:91:93:5d:f5:ae:
         0b:bb:8c:36:09:f9:fe:40:47:ac:4a:ce:28:0f:6a:df:fa:c0:
         56:20:0c:17:8a:bb:10:28:86:75:21:5f:88:60:0d:a9:66:c2:
         34:75:4f:45:ed:c2:5a:38:cc:15:a4:24:46:bc:52:72:a7:59:
         f4:32:b1:6e:66:78:67:70:cf:63:bb:e7:71:33:64:ac:f7:8e:
         a4:61:d6:52:14:b4:cc:8c:06:66:6f:5e:f5:90:61:7b:36:ec:
         ac:2b:6c:09:b4:fd:12:89:6e:5b:ed:42:e0:6d:17:ed:40:44:
         44:82:17:1b:98:f4:3a:1c:ea:9b:ea:c5:c9:20:9f:bd:60:1e:
         8c:31:30:29:e5:32:df:74:2e:c1:d4:68:e0:bb:19:c7:fb:92:
         24:68:a4:e9:f0:4c:a7:22:05:ab:cd:54:aa:63:2f:0c:f9:e2:
         31:c5:74:31:4a:36:85:73:60:67:8d:48:a7:44:ac:3b:b3:eb:
         42:28:e6:74:4e:aa:80:63:45:ad:b0:11:75:3f:4f:6e:38:29:
         5d:b0:3c:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGKWlVPD1gg+DVcrBpIDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyOGQzMzg0YjQxMmM3Y2NkYmZmYTY0MWQ0MTRjMTE3ZGQw
ZWQwNTUwHhcNMjUxMTA0MDkwMDI5WhcNMjUxMTA1MDkwMDI5WjAzMTEwLwYDVQQD
EyhkYjNlM2NlMmZhYWIwOTFmOGIyOGYwNDRjODhlMDk2MTgzNDRiYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtntmp2cfKqGc9v1sp/Pp/zwsXJe5
tzx0JQRyIbcaRkH5S6+Gto90q7HxQs7Ndgu62Q/Prkl1ebUmnrHKCn0AKZDByjxS
ZfiJazSwWB8ViVk/u4/8jH+5pWP3ZMB8DFzzbKUsxIkvXaRN1Qa4UFcv6Ye1gcIj
B7GjSXOL2rG9bnhBaKrJ6hj4fKWqjjooi9OPg5fW/QPE4GD48X7nsOvPSYu7Zpcx
+RkFlbRbWlsLYYVEEXRcAsN2ocPc8GW8bqVDgCuzDQE+3iPsdFV0SMBf0PSOCt1l
yYNwxxKn8oJbaFZckKYEEKsL/sYzz3Tl7OxF5TqUM9AzzgJ1aYTeGZiNZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNs+POL6qwkfiyjwRMiOCWGDRLtgMB8GA1UdIwQY
MBaAFMKNM4S0EsfM2/+mQdQUwRfdDtBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd28wemhMUVN4OHpiXzZaQjFCVEJGOTBPMEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80YTYxZmMtZDA3Ny00ZjRkLWIyZWEt
ZDkwMzY4MjcwZTE0LzEvd28wemhMUVN4OHpiXzZaQjFCVEJGOTBPMEZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80YTYxZmMtZDA3Ny00ZjRkLWIyZWEtZDkwMzY4MjcwZTE0
LzEvd28wemhMUVN4OHpiXzZaQjFCVEJGOTBPMEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk4i0a9ul
+6A8mBuN8x8iT1E/rwm4IBtQl/H2KpqWGS1aF66IksxXwg1Xb8Qq2KBaZZGTXfWu
C7uMNgn5/kBHrErOKA9q3/rAViAMF4q7ECiGdSFfiGANqWbCNHVPRe3CWjjMFaQk
RrxScqdZ9DKxbmZ4Z3DPY7vncTNkrPeOpGHWUhS0zIwGZm9e9ZBhezbsrCtsCbT9
EoluW+1C4G0X7UBERIIXG5j0Ohzqm+rFySCfvWAejDEwKeUy33QuwdRo4LsZx/uS
JGik6fBMpyIFq81UqmMvDPniMcV0MUo2hXNgZ41Ip0SsO7PrQijmdE6qgGNFrbAR
dT9PbjgpXbA8Zw==
-----END CERTIFICATE-----