Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          Nj3QeeZ4yZIiLyuwGJfDeckhVEjr/VND+uVJQps7t5E=
Subject key identifier:   B2:00:61:5D:52:78:CA:91:D4:22:51:0E:4B:70:BB:7A:58:EA:0B:9C
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       019A4E4F751B475600F978F9C3FDC4505090
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          0B1D
Signing time:             Tue 04 Nov 2025 10:00:21 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:21 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:21 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: d11LcSGnNEcA5GPZrCbC84X0DemUpjWkuRUGFX3Eubw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:75:1b:47:56:00:f9:78:f9:c3:fd:c4:50:50:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: Nov  4 10:00:21 2025 GMT
            Not After : Nov  5 10:00:21 2025 GMT
        Subject: CN=b200615d5278ca91d422510e4b70bb7a58ea0b9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7e:40:d1:fa:4a:42:44:e2:fc:3b:f8:13:04:
                    cb:84:08:a7:da:9a:29:98:22:5c:2d:8b:3c:71:93:
                    f7:f3:c6:93:ef:c3:43:78:88:50:f0:52:90:c3:3d:
                    0b:b4:a9:d5:47:02:a0:8f:dd:29:9c:6e:e9:ba:15:
                    c4:44:63:4b:fe:ff:eb:b7:23:02:bc:76:cc:bc:f0:
                    0f:bf:c1:44:02:b9:83:fe:3f:1b:61:5d:bc:46:bb:
                    a0:cf:ff:14:36:b8:ff:9a:ca:81:ca:5d:fb:7e:04:
                    bd:f2:f9:c1:d5:e6:4e:0b:dd:f9:30:b4:35:e7:3c:
                    e2:85:fa:7f:61:86:39:66:18:f6:da:66:a8:72:ab:
                    72:bf:eb:5c:2e:59:09:f7:a4:f8:5e:02:41:cf:e7:
                    34:c1:f0:e4:91:8d:8e:31:b1:db:e9:1c:4a:90:88:
                    71:a6:db:f9:40:e2:52:1a:8e:eb:31:47:33:5e:55:
                    81:f6:ce:f1:76:37:ee:e2:86:36:75:86:49:16:e0:
                    e9:84:a4:93:56:03:34:f4:3b:6e:90:e3:e8:fd:86:
                    dd:fb:cf:80:56:e3:8c:77:54:4c:f0:dd:85:69:bc:
                    d5:83:1d:5c:85:85:70:13:06:af:c1:2b:78:59:cb:
                    9c:1e:02:c0:41:f2:24:97:a8:dd:2c:ec:64:eb:13:
                    11:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:00:61:5D:52:78:CA:91:D4:22:51:0E:4B:70:BB:7A:58:EA:0B:9C
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:de:8d:20:e4:7d:83:7b:8c:16:bd:b3:76:70:65:3b:4c:ab:
         ae:83:80:3e:47:35:0d:3f:ca:a4:33:a5:47:34:be:9f:3d:8b:
         c9:5f:a5:c5:bf:19:c8:ce:e4:e2:61:69:ff:95:4a:d8:a8:0c:
         ef:02:f2:00:94:97:9a:96:b1:64:6a:01:96:78:dc:2a:bd:4a:
         41:3d:73:d6:98:23:a4:84:af:51:7f:2a:bb:eb:46:33:22:70:
         c7:f2:d3:c0:c6:33:8e:fb:99:0b:dd:52:e2:fe:91:6c:59:a5:
         8c:98:de:ab:f3:94:8e:b4:f5:55:3b:01:83:d7:31:47:b5:be:
         24:9f:9e:ba:48:4f:76:a3:d1:42:86:77:43:51:d9:9d:b3:b7:
         2f:8f:b1:1c:bd:3f:98:46:40:a1:e7:43:62:34:f4:84:ba:ae:
         42:6e:3d:57:ce:4e:56:7c:e8:9a:81:0d:6a:a1:5b:bc:fe:6d:
         5a:21:ff:54:c8:99:58:77:5c:99:1e:58:ca:e5:25:2d:6f:3b:
         23:49:ce:0a:cc:3b:07:91:c5:20:6f:e6:ea:4f:10:8c:06:c5:
         5e:d3:47:29:82:de:cb:56:d5:24:d6:9b:d1:a1:35:d3:55:09:
         53:60:9b:b5:01:d3:e8:07:cd:12:99:f0:21:d5:d7:b8:d8:f2:
         4e:d6:27:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT3UbR1YA+Xj5w/3EUFCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjUxMTA0MTAwMDIxWhcNMjUxMTA1MTAwMDIxWjAzMTEwLwYDVQQD
EyhiMjAwNjE1ZDUyNzhjYTkxZDQyMjUxMGU0YjcwYmI3YTU4ZWEwYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv35A0fpKQkTi/Dv4EwTLhAin2pop
mCJcLYs8cZP388aT78NDeIhQ8FKQwz0LtKnVRwKgj90pnG7puhXERGNL/v/rtyMC
vHbMvPAPv8FEArmD/j8bYV28Rrugz/8UNrj/msqByl37fgS98vnB1eZOC935MLQ1
5zzihfp/YYY5Zhj22maocqtyv+tcLlkJ96T4XgJBz+c0wfDkkY2OMbHb6RxKkIhx
ptv5QOJSGo7rMUczXlWB9s7xdjfu4oY2dYZJFuDphKSTVgM09DtukOPo/Ybd+8+A
VuOMd1RM8N2FabzVgx1chYVwEwavwSt4WcucHgLAQfIkl6jdLOxk6xMR7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIAYV1SeMqR1CJRDktwu3pY6gucMB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxN6NIOR9
g3uMFr2zdnBlO0yrroOAPkc1DT/KpDOlRzS+nz2LyV+lxb8ZyM7k4mFp/5VK2KgM
7wLyAJSXmpaxZGoBlnjcKr1KQT1z1pgjpISvUX8qu+tGMyJwx/LTwMYzjvuZC91S
4v6RbFmljJjeq/OUjrT1VTsBg9cxR7W+JJ+eukhPdqPRQoZ3Q1HZnbO3L4+xHL0/
mEZAoedDYjT0hLquQm49V85OVnzomoENaqFbvP5tWiH/VMiZWHdcmR5YyuUlLW87
I0nOCsw7B5HFIG/m6k8QjAbFXtNHKYLey1bVJNab0aE101UJU2CbtQHT6AfNEpnw
IdXXuNjyTtYnYw==
-----END CERTIFICATE-----