Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File:                     OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier:          DdL+sfoPdbi4BuwsUT8rExG+3Can72giVvAP11RyFQA=
Subject key identifier:   73:14:B9:EF:C3:98:47:43:70:D2:24:68:77:6A:AB:EA:B2:A6:11:C5
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer:       /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial:       019A4EF49B8952D17835CE5A275CF773478B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number:          0660
Signing time:             Tue 04 Nov 2025 13:00:44 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:44 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:44 +0000
Files and hashes:         1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: lF56jr22Cg++pcLcJA74ysRUmbcV0SYa0PvfzfrQ2hM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:9b:89:52:d1:78:35:ce:5a:27:5c:f7:73:47:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
        Validity
            Not Before: Nov  4 13:00:44 2025 GMT
            Not After : Nov  5 13:00:44 2025 GMT
        Subject: CN=7314b9efc398474370d22468776aabeab2a611c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5e:05:e1:41:05:c3:ef:9d:77:50:04:8a:2f:
                    c1:34:fb:b7:fb:65:d0:62:44:b4:db:70:5f:c4:a1:
                    a5:41:1b:42:60:48:1f:ad:8e:58:4f:9f:d5:02:c3:
                    78:e3:e6:d3:47:7c:ef:b7:22:63:98:d2:7e:d0:70:
                    fa:2a:3b:0c:37:98:4b:c8:13:c7:47:df:d1:f8:e7:
                    32:5d:b9:1a:ec:58:87:ac:1f:c8:6a:ac:fb:9f:cf:
                    10:20:fc:23:68:21:24:ac:77:9d:92:41:e1:71:98:
                    9e:be:02:e0:6d:52:62:90:38:60:4f:05:d4:63:47:
                    d7:a9:e8:cf:a8:52:7d:22:cb:49:2d:36:64:8f:40:
                    cc:ea:b1:e9:e2:d9:f9:8b:fa:70:1f:71:21:75:ec:
                    3d:2d:a3:36:48:3b:08:ba:17:e4:c2:27:a8:81:21:
                    c6:d2:12:39:66:64:d8:e1:ad:7e:51:1c:bc:b3:81:
                    1c:4a:d7:fb:f0:33:74:cb:72:d8:3f:e5:5c:d4:c5:
                    af:dc:dc:fa:5d:1f:56:b1:db:ff:ec:3d:de:de:b0:
                    cb:4e:1f:7d:ec:61:58:b5:19:bc:9f:c9:5e:3f:3d:
                    47:78:f4:6e:ab:c9:cc:c5:d9:2c:0d:53:e7:0b:d1:
                    9d:87:a6:8d:6b:e8:7a:14:57:3b:23:f0:eb:41:25:
                    5b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:14:B9:EF:C3:98:47:43:70:D2:24:68:77:6A:AB:EA:B2:A6:11:C5
            X509v3 Authority Key Identifier:
                keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:8c:0b:94:79:7f:bf:75:58:6a:3f:79:92:3f:03:4f:5c:58:
         f8:99:99:1f:ac:3f:0e:89:89:a6:64:06:e1:5a:39:23:8a:3a:
         e6:56:20:7a:82:b1:c3:32:ed:df:74:fb:de:fd:3a:be:a0:66:
         ca:74:ab:2c:2f:0e:02:aa:69:37:77:0f:72:88:77:41:8b:d3:
         9c:34:1d:d5:b6:48:04:59:62:b2:35:a3:8d:e0:33:98:0b:ed:
         ff:7c:48:7f:70:b5:b1:3a:19:6b:c7:41:c8:96:ef:5f:cf:80:
         82:be:ca:7a:6d:e7:54:18:d7:f9:4a:0f:73:a0:73:f0:62:90:
         6c:9f:04:6b:1a:11:3f:43:3f:9e:6c:f7:d7:ef:9e:b8:f8:09:
         59:d9:fe:7f:ba:bf:fd:f0:2d:8f:20:00:cc:db:38:09:14:c5:
         9b:89:bf:bc:c2:11:b6:db:7d:4c:f5:98:a9:55:fd:75:33:a1:
         ff:c9:f6:97:40:f7:34:11:e2:c7:fe:c9:28:4c:05:97:d8:7c:
         e8:31:b8:dc:2d:34:72:7a:34:d3:2c:ef:3b:29:03:7d:c0:46:
         11:e5:0e:57:73:33:9b:31:a8:47:0a:36:e9:16:2a:84:31:61:
         84:59:ac:ae:b6:7c:42:b2:b9:2f:fe:28:85:59:82:20:f5:c8:
         ea:f0:8f:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9JuJUtF4Nc5aJ1z3c0eLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjUxMTA0MTMwMDQ0WhcNMjUxMTA1MTMwMDQ0WjAzMTEwLwYDVQQD
Eyg3MzE0YjllZmMzOTg0NzQzNzBkMjI0Njg3NzZhYWJlYWIyYTYxMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1l4F4UEFw++dd1AEii/BNPu3+2XQ
YkS023BfxKGlQRtCYEgfrY5YT5/VAsN44+bTR3zvtyJjmNJ+0HD6KjsMN5hLyBPH
R9/R+OcyXbka7FiHrB/Iaqz7n88QIPwjaCEkrHedkkHhcZievgLgbVJikDhgTwXU
Y0fXqejPqFJ9IstJLTZkj0DM6rHp4tn5i/pwH3Ehdew9LaM2SDsIuhfkwieogSHG
0hI5ZmTY4a1+URy8s4EcStf78DN0y3LYP+Vc1MWv3Nz6XR9Wsdv/7D3e3rDLTh99
7GFYtRm8n8lePz1HePRuq8nMxdksDVPnC9Gdh6aNa+h6FFc7I/DrQSVbCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMUue/DmEdDcNIkaHdqq+qyphHFMB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnowLlHl/
v3VYaj95kj8DT1xY+JmZH6w/DomJpmQG4Vo5I4o65lYgeoKxwzLt33T73v06vqBm
ynSrLC8OAqppN3cPcoh3QYvTnDQd1bZIBFlisjWjjeAzmAvt/3xIf3C1sToZa8dB
yJbvX8+Agr7Kem3nVBjX+UoPc6Bz8GKQbJ8EaxoRP0M/nmz31++euPgJWdn+f7q/
/fAtjyAAzNs4CRTFm4m/vMIRttt9TPWYqVX9dTOh/8n2l0D3NBHix/7JKEwFl9h8
6DG43C00cno00yzvOykDfcBGEeUOV3MzmzGoRwo26RYqhDFhhFmsrrZ8QrK5L/4o
hVmCIPXI6vCPmw==
-----END CERTIFICATE-----