Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
File:                     OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json)
Hash identifier:          WLNXZREtD+BPYfyhToywf9nIcq1Va/KGSHCQg3VahXU=
Subject key identifier:   55:B7:DF:2D:58:39:5D:00:F7:A5:9E:70:9A:83:08:8B:93:3F:C5:93
Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
Certificate issuer:       /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Certificate serial:       019A4F992B41E74AC94A6EB5535757810F7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 16:00:29 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:29 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:29 +0000
Files and hashes:         1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: 82YKe9QkUwY8+D+rSg2bd6IGjnsenIDbDEjlQd0gj3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:2b:41:e7:4a:c9:4a:6e:b5:53:57:57:81:0f:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
        Validity
            Not Before: Nov  4 16:00:29 2025 GMT
            Not After : Nov  5 16:00:29 2025 GMT
        Subject: CN=55b7df2d58395d00f7a59e709a83088b933fc593
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:93:a3:21:ea:29:c0:21:8e:8e:0b:e5:06:9b:
                    e6:0f:d2:71:a5:6a:fe:d2:e0:33:4d:01:93:98:3d:
                    7f:6f:2d:ff:10:d3:93:98:5f:37:3a:39:cb:7e:a9:
                    54:84:5d:14:6d:09:6c:ac:92:9a:ce:4b:0e:8e:19:
                    50:e4:b9:48:d1:f8:d9:dc:32:2e:c4:a3:39:61:64:
                    b4:e2:7e:68:34:79:96:e9:fe:a1:0b:0b:1e:fd:05:
                    ce:c1:fe:ea:83:09:83:80:08:63:74:73:39:87:0b:
                    32:66:9d:84:17:90:89:93:b4:42:9f:ac:7f:80:d1:
                    e6:59:a3:96:50:de:c9:24:c9:33:ff:93:c6:6e:8f:
                    0e:bd:3c:02:56:c9:24:83:00:30:9f:97:b9:c7:aa:
                    f4:31:83:87:93:bc:fb:f0:1a:34:10:60:03:b8:32:
                    e9:ef:08:26:76:db:33:4b:01:6c:f8:d0:33:25:03:
                    55:fe:25:e0:a4:7a:3c:d5:0c:a4:1e:90:9f:bd:3c:
                    04:be:fd:4d:80:24:83:98:4c:fb:85:d2:ff:bd:a6:
                    1c:31:b8:38:49:fc:55:63:72:e2:30:a2:23:05:be:
                    25:dd:fa:3e:75:ab:cf:d2:92:7d:08:db:9b:ae:57:
                    47:9b:ba:e7:d5:b6:65:48:8a:dc:fa:d8:a3:7c:aa:
                    d7:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:B7:DF:2D:58:39:5D:00:F7:A5:9E:70:9A:83:08:8B:93:3F:C5:93
            X509v3 Authority Key Identifier:
                keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:fd:59:cf:f7:66:f5:28:31:e4:2d:80:2e:13:86:14:46:39:
         ab:89:2e:1d:54:78:96:f1:56:a7:1c:c9:01:49:21:73:b7:aa:
         18:84:96:4b:3f:6a:85:b9:00:a9:de:ea:f2:95:0d:68:24:ec:
         75:26:ac:d1:9f:be:f5:cc:85:74:a0:fe:33:21:08:49:fa:b9:
         0f:6f:40:79:da:89:34:42:8c:96:2d:e3:2f:90:51:bd:9e:74:
         90:9a:fb:98:9e:29:0e:e5:26:90:d7:6b:b1:9e:93:35:cc:9b:
         72:b9:f4:fe:0c:25:6b:07:00:ba:d0:13:0c:e8:96:85:14:37:
         43:34:c9:db:3b:79:97:c6:e0:c7:41:68:25:37:75:ee:d4:78:
         32:77:7a:5e:5f:93:9a:f5:14:11:de:f4:9b:37:56:56:a7:7e:
         ca:2b:dc:73:be:21:7f:f6:56:fd:8d:76:ce:53:22:55:4d:6c:
         1a:2d:73:d1:2d:b8:3e:db:38:94:a9:5b:8c:07:81:1a:2c:d6:
         f4:7f:63:34:35:1d:17:b8:33:59:93:43:84:be:9b:aa:47:34:
         48:80:52:02:de:a8:03:fe:d8:80:ab:44:8d:2c:7f:47:07:7b:
         fa:2a:51:b8:37:e6:86:85:6d:1f:52:0d:1c:44:0f:4d:d9:2b:
         13:2b:3a:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmStB50rJSm61U1dXgQ9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3
NGMzMWQwHhcNMjUxMTA0MTYwMDI5WhcNMjUxMTA1MTYwMDI5WjAzMTEwLwYDVQQD
Eyg1NWI3ZGYyZDU4Mzk1ZDAwZjdhNTllNzA5YTgzMDg4YjkzM2ZjNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpOjIeopwCGOjgvlBpvmD9JxpWr+
0uAzTQGTmD1/by3/ENOTmF83OjnLfqlUhF0UbQlsrJKazksOjhlQ5LlI0fjZ3DIu
xKM5YWS04n5oNHmW6f6hCwse/QXOwf7qgwmDgAhjdHM5hwsyZp2EF5CJk7RCn6x/
gNHmWaOWUN7JJMkz/5PGbo8OvTwCVskkgwAwn5e5x6r0MYOHk7z78Bo0EGADuDLp
7wgmdtszSwFs+NAzJQNV/iXgpHo81QykHpCfvTwEvv1NgCSDmEz7hdL/vaYcMbg4
SfxVY3LiMKIjBb4l3fo+davP0pJ9CNubrldHm7rn1bZlSIrc+tijfKrXMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFW33y1YOV0A96WecJqDCIuTP8WTMB8GA1UdIwQY
MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt
MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2
LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmv1Zz/dm
9Sgx5C2ALhOGFEY5q4kuHVR4lvFWpxzJAUkhc7eqGISWSz9qhbkAqd7q8pUNaCTs
dSas0Z++9cyFdKD+MyEISfq5D29AedqJNEKMli3jL5BRvZ50kJr7mJ4pDuUmkNdr
sZ6TNcybcrn0/gwlawcAutATDOiWhRQ3QzTJ2zt5l8bgx0FoJTd17tR4Mnd6Xl+T
mvUUEd70mzdWVqd+yivcc74hf/ZW/Y12zlMiVU1sGi1z0S24Pts4lKlbjAeBGizW
9H9jNDUdF7gzWZNDhL6bqkc0SIBSAt6oA/7YgKtEjSx/Rwd7+ipRuDfmhoVtH1IN
HEQPTdkrEys6NA==
-----END CERTIFICATE-----