Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          e1ipzJ1g1iBRWNLitCsCFGUuKo1B2hxI/sToBJjJ+Os=
Subject key identifier:   16:4C:70:0D:DC:FB:F3:D6:DF:54:49:A1:39:9F:AC:FD:BE:32:26:93
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       019A4D73B749959A85E03918E24812F3A794
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 06:00:20 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:20 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:20 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: +H6Xx3GUtYGK1RJsQ+EGH+OnLXUQwGRKGZq32rFCGsI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:b7:49:95:9a:85:e0:39:18:e2:48:12:f3:a7:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Nov  4 06:00:20 2025 GMT
            Not After : Nov  5 06:00:20 2025 GMT
        Subject: CN=164c700ddcfbf3d6df5449a1399facfdbe322693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:75:4f:8b:89:95:3d:ee:8b:54:d1:7c:1b:6c:
                    de:84:ba:e1:2a:af:e4:8e:43:94:fc:b8:e1:ed:c1:
                    83:7e:b0:fe:78:0c:22:5e:41:f3:90:3f:d5:ae:bc:
                    6f:45:4e:30:63:40:00:da:62:91:b8:e5:f3:16:dc:
                    21:51:cd:6b:38:2e:43:55:3d:8a:5f:c2:2f:95:af:
                    b4:83:fd:ba:d6:ed:28:11:12:19:f8:ed:53:74:56:
                    db:d1:4c:f5:0f:5f:17:18:62:56:6d:59:a0:3f:c7:
                    d2:8f:58:a4:c6:08:f4:b9:48:b0:eb:c6:96:d5:a4:
                    5e:e2:ab:50:7a:1b:ab:41:71:06:cd:3c:47:9d:d0:
                    ab:38:86:89:44:6f:aa:a0:cc:d0:47:9d:62:51:e7:
                    5b:b7:b8:8a:e0:f8:8b:cf:a7:d7:2f:08:6f:b9:4b:
                    a4:5b:30:17:81:57:af:67:19:c7:84:28:1f:f1:9a:
                    d3:25:af:de:c4:44:51:43:4b:5b:9d:a7:3c:29:41:
                    ee:dc:68:fe:6c:3b:fa:04:ef:99:12:7c:74:98:c6:
                    05:92:94:3d:0f:5c:17:7d:53:2d:24:f6:24:e2:1b:
                    41:35:98:cb:a8:ba:01:cc:40:dc:ce:7c:53:ba:32:
                    44:a4:ce:d8:d1:d0:93:4a:82:fa:00:f0:eb:6f:e8:
                    f6:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:4C:70:0D:DC:FB:F3:D6:DF:54:49:A1:39:9F:AC:FD:BE:32:26:93
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:0e:d8:28:bd:ce:d0:b8:ba:01:3b:e7:1a:b4:15:71:57:d5:
         bc:c7:05:a6:04:8c:24:58:da:37:69:04:27:e8:16:58:16:d3:
         21:94:ca:55:9b:89:1b:18:7c:d3:fd:14:d3:23:78:98:cd:c8:
         99:f3:40:b0:c5:6c:d5:2f:0e:7f:ba:4d:0f:b8:7c:b7:3a:3f:
         ba:64:34:53:00:ec:9e:11:e6:b7:4c:6a:3f:ba:e2:97:75:46:
         1f:60:8a:08:2a:80:59:db:5a:62:cc:16:3b:0d:e6:b3:6e:76:
         ad:8f:75:7b:2a:52:a3:4e:52:55:d4:53:ea:3a:4d:07:38:b4:
         68:12:ee:e2:1b:29:06:13:09:de:84:f1:e0:45:a5:88:67:94:
         20:e7:ed:b9:47:c0:aa:b1:11:ac:e5:79:5e:4f:f2:3c:73:9a:
         e9:70:5a:fe:3e:04:ef:68:48:09:e1:e0:54:1f:c4:ee:a6:cb:
         a6:50:b5:02:b6:4d:80:59:01:45:dc:83:d1:2f:54:46:e8:a7:
         0b:61:ef:58:b0:69:a4:d5:9c:4c:a3:21:73:64:f5:49:61:be:
         91:c9:50:d4:02:27:a9:90:53:5a:31:1a:c7:9b:a2:83:88:9b:
         17:7c:71:d2:55:1e:0b:57:31:46:a0:03:26:e2:42:f2:40:2a:
         4a:1f:92:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc7dJlZqF4DkY4kgS86eUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjUxMTA0MDYwMDIwWhcNMjUxMTA1MDYwMDIwWjAzMTEwLwYDVQQD
EygxNjRjNzAwZGRjZmJmM2Q2ZGY1NDQ5YTEzOTlmYWNmZGJlMzIyNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnVPi4mVPe6LVNF8G2zehLrhKq/k
jkOU/Ljh7cGDfrD+eAwiXkHzkD/VrrxvRU4wY0AA2mKRuOXzFtwhUc1rOC5DVT2K
X8Ivla+0g/261u0oERIZ+O1TdFbb0Uz1D18XGGJWbVmgP8fSj1ikxgj0uUiw68aW
1aRe4qtQehurQXEGzTxHndCrOIaJRG+qoMzQR51iUedbt7iK4PiLz6fXLwhvuUuk
WzAXgVevZxnHhCgf8ZrTJa/exERRQ0tbnac8KUHu3Gj+bDv6BO+ZEnx0mMYFkpQ9
D1wXfVMtJPYk4htBNZjLqLoBzEDcznxTujJEpM7Y0dCTSoL6APDrb+j2FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZMcA3c+/PW31RJoTmfrP2+MiaTMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuA7YKL3O
0Li6ATvnGrQVcVfVvMcFpgSMJFjaN2kEJ+gWWBbTIZTKVZuJGxh80/0U0yN4mM3I
mfNAsMVs1S8Of7pND7h8tzo/umQ0UwDsnhHmt0xqP7ril3VGH2CKCCqAWdtaYswW
Ow3ms252rY91eypSo05SVdRT6jpNBzi0aBLu4hspBhMJ3oTx4EWliGeUIOftuUfA
qrERrOV5Xk/yPHOa6XBa/j4E72hICeHgVB/E7qbLplC1ArZNgFkBRdyD0S9URuin
C2HvWLBppNWcTKMhc2T1SWG+kclQ1AInqZBTWjEax5uig4ibF3xx0lUeC1cxRqAD
JuJC8kAqSh+SWA==
-----END CERTIFICATE-----