Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.mft
File:                     oE_JgO38R54EauArEOVyRbuSyLc.mft (raw, json)
Hash identifier:          ATzAFPt+8itzIM7tOXbtPKA3/7laZNLu546NPk3AYUI=
Subject key identifier:   72:92:53:BF:B7:4A:B3:81:8D:AD:C4:D4:1C:88:D4:43:07:B5:CE:97
Authority key identifier: A0:4F:C9:80:ED:FC:47:9E:04:6A:E0:2B:10:E5:72:45:BB:92:C8:B7
Certificate issuer:       /CN=a04fc980edfc479e046ae02b10e57245bb92c8b7
Certificate serial:       019A5375D6147E903F25FABE956325E10140
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oE_JgO38R54EauArEOVyRbuSyLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.mft
Manifest number:          0710
Signing time:             Wed 05 Nov 2025 10:00:22 +0000
Manifest this update:     Wed 05 Nov 2025 10:00:22 +0000
Manifest next update:     Thu 06 Nov 2025 10:00:22 +0000
Files and hashes:         1: oE_JgO38R54EauArEOVyRbuSyLc.crl (hash: FnpgpUHTR0uQVtuwYfreiotnqELXPtHnWd5r4lMzql4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oE_JgO38R54EauArEOVyRbuSyLc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 10:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:53:75:d6:14:7e:90:3f:25:fa:be:95:63:25:e1:01:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a04fc980edfc479e046ae02b10e57245bb92c8b7
        Validity
            Not Before: Nov  5 10:00:22 2025 GMT
            Not After : Nov  6 10:00:22 2025 GMT
        Subject: CN=729253bfb74ab3818dadc4d41c88d44307b5ce97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:75:87:04:5f:14:45:d3:12:d2:77:4b:7f:89:
                    92:62:6e:d9:2d:03:d9:72:4e:e8:bc:2f:69:c9:0c:
                    77:24:eb:3d:34:c5:db:08:4d:01:d1:11:11:d5:5a:
                    2c:3e:f0:ea:1b:74:72:1a:9b:d4:b5:fa:4b:19:3b:
                    3d:37:a4:5b:f5:15:13:be:c4:11:fc:91:55:1a:be:
                    cb:68:57:50:e3:66:d5:f1:06:8b:94:1d:a3:a8:f8:
                    a7:73:ea:5b:29:44:6c:1d:2c:85:de:60:9d:9b:26:
                    0f:2e:7f:cf:db:75:ff:78:ff:1d:6a:f7:d6:77:91:
                    34:05:1f:be:8e:10:92:da:2a:1b:ee:f5:87:66:d2:
                    c2:c1:69:5d:19:7b:d8:76:d7:aa:d0:7a:14:78:39:
                    0c:de:43:81:0d:31:d8:cf:21:8d:97:6c:05:a0:f6:
                    4c:1a:02:d7:25:83:28:e5:15:f8:ef:f7:b2:2f:73:
                    69:70:6c:23:bd:48:a1:71:47:54:6c:c3:f5:ac:5a:
                    61:ca:85:23:7c:79:20:9f:da:7e:9c:a2:6a:94:02:
                    3b:43:f1:0b:aa:72:bb:36:c1:0e:47:99:7f:bb:85:
                    cc:80:88:1d:94:ea:d5:0d:48:b8:78:43:10:90:a6:
                    47:68:84:92:46:b1:22:a7:8f:6d:62:f4:bd:41:2b:
                    a3:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:92:53:BF:B7:4A:B3:81:8D:AD:C4:D4:1C:88:D4:43:07:B5:CE:97
            X509v3 Authority Key Identifier:
                keyid:A0:4F:C9:80:ED:FC:47:9E:04:6A:E0:2B:10:E5:72:45:BB:92:C8:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oE_JgO38R54EauArEOVyRbuSyLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f55df1-0ba6-430f-809d-6b035cee1981/1/oE_JgO38R54EauArEOVyRbuSyLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:8b:2e:7f:aa:c8:2a:50:18:82:fd:ce:32:b7:5a:57:7f:8d:
         1c:e5:c3:16:b3:b5:d7:71:50:75:f5:b8:47:14:90:c5:da:4c:
         47:36:0d:99:64:a2:71:1b:4e:14:d6:9d:20:6d:47:68:99:c0:
         b6:81:8e:a6:d5:22:d4:96:a2:9c:08:64:67:29:13:b3:ef:98:
         1a:81:f0:25:4f:e2:0d:64:5b:45:2a:55:cc:2b:e0:ba:19:24:
         54:9a:b7:14:7d:bc:8e:58:04:62:69:cc:9f:30:be:7a:23:e3:
         05:cf:c3:b9:6a:af:57:72:92:af:00:01:0c:79:49:a7:40:ef:
         66:a2:26:70:69:d0:10:4a:e1:a6:6f:3f:e3:bc:0c:e6:2e:53:
         b6:48:94:00:60:97:91:d1:5b:d3:9f:4f:51:97:c2:15:9a:06:
         a0:42:20:c3:86:48:08:88:1f:5b:b8:0a:18:66:e8:c2:eb:6e:
         df:86:3f:23:ea:b0:38:e9:fc:df:a8:5e:1b:37:ed:4e:43:c3:
         e4:10:4c:13:21:bd:5f:4a:5f:c6:58:65:71:28:4f:34:17:a5:
         e6:48:8c:86:bf:19:68:b1:50:d0:9d:c8:ec:1e:0a:4d:45:c8:
         75:e2:b7:aa:b7:39:0c:2e:73:b5:59:07:1e:3e:04:a3:e9:16:
         1f:df:54:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTddYUfpA/Jfq+lWMl4QFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNGZjOTgwZWRmYzQ3OWUwNDZhZTAyYjEwZTU3MjQ1YmI5
MmM4YjcwHhcNMjUxMTA1MTAwMDIyWhcNMjUxMTA2MTAwMDIyWjAzMTEwLwYDVQQD
Eyg3MjkyNTNiZmI3NGFiMzgxOGRhZGM0ZDQxYzg4ZDQ0MzA3YjVjZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHWHBF8URdMS0ndLf4mSYm7ZLQPZ
ck7ovC9pyQx3JOs9NMXbCE0B0RER1VosPvDqG3RyGpvUtfpLGTs9N6Rb9RUTvsQR
/JFVGr7LaFdQ42bV8QaLlB2jqPinc+pbKURsHSyF3mCdmyYPLn/P23X/eP8davfW
d5E0BR++jhCS2iob7vWHZtLCwWldGXvYdteq0HoUeDkM3kOBDTHYzyGNl2wFoPZM
GgLXJYMo5RX47/eyL3NpcGwjvUihcUdUbMP1rFphyoUjfHkgn9p+nKJqlAI7Q/EL
qnK7NsEOR5l/u4XMgIgdlOrVDUi4eEMQkKZHaISSRrEip49tYvS9QSuj1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKSU7+3SrOBja3E1ByI1EMHtc6XMB8GA1UdIwQY
MBaAFKBPyYDt/EeeBGrgKxDlckW7ksi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VfSmdPMzhSNTRFYXVBckVPVnlSYnVTeUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNTVkZjEtMGJhNi00MzBmLTgwOWQt
NmIwMzVjZWUxOTgxLzEvb0VfSmdPMzhSNTRFYXVBckVPVnlSYnVTeUxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNTVkZjEtMGJhNi00MzBmLTgwOWQtNmIwMzVjZWUxOTgx
LzEvb0VfSmdPMzhSNTRFYXVBckVPVnlSYnVTeUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZosuf6rI
KlAYgv3OMrdaV3+NHOXDFrO113FQdfW4RxSQxdpMRzYNmWSicRtOFNadIG1HaJnA
toGOptUi1JainAhkZykTs++YGoHwJU/iDWRbRSpVzCvguhkkVJq3FH28jlgEYmnM
nzC+eiPjBc/DuWqvV3KSrwABDHlJp0DvZqImcGnQEErhpm8/47wM5i5TtkiUAGCX
kdFb059PUZfCFZoGoEIgw4ZICIgfW7gKGGbowutu34Y/I+qwOOn836heGzftTkPD
5BBMEyG9X0pfxlhlcShPNBel5kiMhr8ZaLFQ0J3I7B4KTUXIdeK3qrc5DC5ztVkH
Hj4Eo+kWH99UXQ==
-----END CERTIFICATE-----