Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
File:                     O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json)
Hash identifier:          oxa3W9eAnSAqJDTW1cK5G9XPZcO2ZzTct4dUwYaFwDA=
Subject key identifier:   56:82:87:17:DF:C0:6A:C3:66:90:ED:99:7D:DC:E7:EE:5E:42:DB:E6
Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Certificate issuer:       /CN=3b55e7feb907137299f5792c36395efba9b34b62
Certificate serial:       019A4F993AF900F94B34E430B023BDE8B539
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
Manifest number:          0FB4
Signing time:             Tue 04 Nov 2025 16:00:33 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:33 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:33 +0000
Files and hashes:         1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: S+qkQHopHLtjCh6NKxfxeMWgRiQrbVLdjvwFbqp3mus=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:3a:f9:00:f9:4b:34:e4:30:b0:23:bd:e8:b5:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62
        Validity
            Not Before: Nov  4 16:00:33 2025 GMT
            Not After : Nov  5 16:00:33 2025 GMT
        Subject: CN=56828717dfc06ac36690ed997ddce7ee5e42dbe6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c6:b6:07:32:48:6a:f6:3f:94:75:37:c9:a5:
                    24:b2:0b:8f:94:ba:94:ab:67:79:8f:ce:46:46:f1:
                    51:61:e1:c2:69:cc:cc:93:e4:a2:10:47:0b:3b:c6:
                    7c:2e:df:b2:e3:b3:49:db:fd:db:14:5a:64:09:7e:
                    74:49:eb:dc:4a:e4:ac:5f:16:d7:30:92:46:22:92:
                    74:3c:68:4f:75:7e:87:3d:3f:12:e3:de:56:e6:c2:
                    80:18:5b:e9:e1:06:3b:4f:64:f9:02:ac:44:85:0c:
                    ef:c6:a0:bb:93:12:00:f9:55:b0:c0:d4:3d:61:8f:
                    b8:ae:0a:ac:be:ba:41:ef:78:43:1e:92:06:5f:83:
                    ec:36:f5:dd:c4:1b:6e:9a:27:c3:d5:40:e6:1c:90:
                    ec:7f:df:ba:e9:09:92:a0:f9:d8:a8:ba:58:1d:96:
                    80:9c:7a:91:ab:48:fd:75:cf:5f:a8:39:68:60:1f:
                    f3:82:eb:12:71:19:68:d0:04:59:17:ff:f6:cb:27:
                    e1:88:27:8f:9f:91:75:19:64:23:8a:a3:c5:d3:fa:
                    9c:52:8e:0a:8a:15:e7:3a:12:f7:20:86:28:41:dc:
                    34:c2:cd:a1:f4:ae:6e:ca:eb:53:ee:b2:f5:2f:1f:
                    53:66:cd:17:bc:af:6f:82:bd:55:b4:9e:9d:02:bc:
                    21:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:82:87:17:DF:C0:6A:C3:66:90:ED:99:7D:DC:E7:EE:5E:42:DB:E6
            X509v3 Authority Key Identifier:
                keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:04:22:65:e8:d4:47:81:f0:ec:3d:e1:cd:74:61:2c:9f:7a:
         6d:27:8e:69:77:29:94:94:47:16:85:cc:7e:ad:e7:73:cc:00:
         d9:b6:e1:b1:b5:93:a3:23:e3:88:40:6e:79:69:e6:95:67:41:
         aa:bf:f8:0b:f9:8b:d5:25:e9:ab:fa:b1:cf:61:7b:31:f3:73:
         53:91:f8:f7:53:50:4c:34:0c:92:69:df:9b:60:d6:6e:85:e0:
         59:78:66:10:88:0b:fb:46:62:c6:17:bd:b3:d5:b2:ec:76:f6:
         c7:04:6c:5f:9c:13:39:e1:e9:9f:0e:d2:a1:7f:db:bf:7b:02:
         b6:f9:e5:fb:1b:16:b9:1f:c0:5b:41:3e:21:a9:4d:16:da:05:
         81:64:19:e9:5d:80:54:c1:00:3c:ae:20:5c:1b:7f:6d:f8:bd:
         01:f3:11:18:23:3c:94:3d:1d:9f:1b:b2:fd:1c:a3:6e:3c:7b:
         a1:9b:02:80:ab:1c:46:93:fd:39:b8:8f:18:b3:cb:e2:30:b5:
         a8:cd:88:ac:6f:c4:97:20:38:22:d3:eb:65:d3:c4:91:10:59:
         f0:e3:3c:fc:5f:17:17:1a:0a:8e:4f:39:fc:cd:c4:b0:04:68:
         bf:d6:b7:af:05:a8:59:77:73:e2:e6:f4:23:de:c7:af:78:0b:
         8d:8f:d6:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmTr5APlLNOQwsCO96LU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli
MzRiNjIwHhcNMjUxMTA0MTYwMDMzWhcNMjUxMTA1MTYwMDMzWjAzMTEwLwYDVQQD
Eyg1NjgyODcxN2RmYzA2YWMzNjY5MGVkOTk3ZGRjZTdlZTVlNDJkYmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusa2BzJIavY/lHU3yaUksguPlLqU
q2d5j85GRvFRYeHCaczMk+SiEEcLO8Z8Lt+y47NJ2/3bFFpkCX50SevcSuSsXxbX
MJJGIpJ0PGhPdX6HPT8S495W5sKAGFvp4QY7T2T5AqxEhQzvxqC7kxIA+VWwwNQ9
YY+4rgqsvrpB73hDHpIGX4PsNvXdxBtumifD1UDmHJDsf9+66QmSoPnYqLpYHZaA
nHqRq0j9dc9fqDloYB/zgusScRlo0ARZF//2yyfhiCePn5F1GWQjiqPF0/qcUo4K
ihXnOhL3IIYoQdw0ws2h9K5uyutT7rL1Lx9TZs0XvK9vgr1VtJ6dArwhYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFaChxffwGrDZpDtmX3c5+5eQtvmMB8GA1UdIwQY
MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt
YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2
LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAegQiZejU
R4Hw7D3hzXRhLJ96bSeOaXcplJRHFoXMfq3nc8wA2bbhsbWToyPjiEBueWnmlWdB
qr/4C/mL1SXpq/qxz2F7MfNzU5H491NQTDQMkmnfm2DWboXgWXhmEIgL+0Zixhe9
s9Wy7Hb2xwRsX5wTOeHpnw7SoX/bv3sCtvnl+xsWuR/AW0E+IalNFtoFgWQZ6V2A
VMEAPK4gXBt/bfi9AfMRGCM8lD0dnxuy/Ryjbjx7oZsCgKscRpP9ObiPGLPL4jC1
qM2IrG/ElyA4ItPrZdPEkRBZ8OM8/F8XFxoKjk85/M3EsARov9a3rwWoWXdz4ub0
I97Hr3gLjY/WHg==
-----END CERTIFICATE-----