Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          aq56scp37HzpwHAM7v0QmAVlwTikI9brT4MNVwpSUuM=
Subject key identifier:   8B:DE:24:46:E2:54:2A:10:C9:A9:14:B0:00:46:60:B3:24:83:3C:76
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       019A4EF5365E9632DD74A76A25C150F27464
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          1406
Signing time:             Tue 04 Nov 2025 13:01:24 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:24 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:24 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: q92hDClp2Cqd7R7fxKWCBxtps1yyTVQivawyCn2DNPE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:36:5e:96:32:dd:74:a7:6a:25:c1:50:f2:74:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Nov  4 13:01:24 2025 GMT
            Not After : Nov  5 13:01:24 2025 GMT
        Subject: CN=8bde2446e2542a10c9a914b0004660b324833c76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:72:fe:16:e4:d5:6e:96:32:8e:0c:b9:65:40:
                    87:72:34:d2:9a:e6:c3:af:51:cb:14:bd:7e:9a:6f:
                    c8:a3:19:ee:b2:38:71:d2:ad:30:b8:18:b7:d3:c4:
                    ec:16:09:ba:69:aa:ef:ee:f1:a6:6f:09:ae:3d:45:
                    e3:36:79:ef:a0:ec:aa:e7:0d:33:25:fb:56:84:4e:
                    9a:b6:60:d9:df:16:ef:f4:d6:cb:42:89:94:d8:1b:
                    cd:53:c1:aa:12:07:09:51:6d:c9:09:8d:a7:2c:20:
                    18:29:f7:54:78:05:0e:7d:76:3b:7c:db:8d:0c:63:
                    ef:00:0e:0b:a6:20:00:79:c3:fa:d6:08:a8:14:a0:
                    63:aa:2d:23:a4:34:c3:66:98:a3:57:95:74:9c:61:
                    78:26:6e:dc:28:9a:1b:27:4c:08:6b:63:03:3d:5f:
                    50:c3:ae:25:a8:a0:17:0e:a5:26:20:a9:69:ce:92:
                    f3:22:6a:a3:fc:09:59:0c:33:b8:bb:7c:20:f1:0b:
                    c6:8d:c6:53:d1:b4:62:49:14:14:3e:eb:66:92:29:
                    d3:23:69:a8:c6:11:67:43:f2:80:56:7b:88:9b:79:
                    bd:d8:6a:e8:38:07:c3:17:2e:ed:e8:a4:c9:07:b3:
                    ea:b8:46:bd:43:c0:f2:d0:f3:1f:0b:c6:28:bf:d8:
                    ea:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:DE:24:46:E2:54:2A:10:C9:A9:14:B0:00:46:60:B3:24:83:3C:76
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:f6:f7:74:84:6b:7f:b8:7e:10:1a:0d:ca:25:55:b1:e8:fb:
         3f:9f:61:30:b1:93:17:59:fe:e2:1d:65:88:c0:20:a1:3e:82:
         67:e6:9a:a8:25:d4:5a:67:e2:bb:b8:fd:bb:73:dc:4c:ba:5f:
         e2:90:7c:f3:ed:48:6d:60:9d:9e:46:29:e6:84:48:3d:3e:7c:
         4c:91:05:d3:3a:85:80:34:cd:41:aa:f1:da:86:94:4b:7b:9b:
         dc:24:6f:f4:c5:2b:4a:b7:68:d7:dc:10:2f:3d:e0:c3:00:c3:
         06:13:85:ca:6f:4f:47:f3:ab:ff:d3:3a:71:0a:1e:13:eb:94:
         f7:ec:03:35:b2:5f:02:52:a0:da:51:2c:8f:59:e8:2a:1d:b7:
         31:b2:5d:c7:4c:55:84:28:6e:19:5a:78:a1:cd:26:5d:ca:bc:
         df:c6:16:f1:48:14:45:e3:14:bf:97:e0:91:21:c3:36:7b:91:
         d5:5e:aa:5e:3c:d2:29:71:fd:d3:8e:06:30:97:15:95:1b:6f:
         04:cd:6a:4f:c8:df:f2:45:be:66:ea:f3:30:e5:54:53:8d:be:
         87:da:21:01:71:b6:19:a9:9a:31:62:83:55:e9:85:25:0d:01:
         4d:26:a6:5e:dd:9f:7f:32:d2:11:eb:f8:93:e8:75:54:5a:95:
         aa:a9:17:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9TZeljLddKdqJcFQ8nRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjUxMTA0MTMwMTI0WhcNMjUxMTA1MTMwMTI0WjAzMTEwLwYDVQQD
Eyg4YmRlMjQ0NmUyNTQyYTEwYzlhOTE0YjAwMDQ2NjBiMzI0ODMzYzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnL+FuTVbpYyjgy5ZUCHcjTSmubD
r1HLFL1+mm/Ioxnusjhx0q0wuBi308TsFgm6aarv7vGmbwmuPUXjNnnvoOyq5w0z
JftWhE6atmDZ3xbv9NbLQomU2BvNU8GqEgcJUW3JCY2nLCAYKfdUeAUOfXY7fNuN
DGPvAA4LpiAAecP61gioFKBjqi0jpDTDZpijV5V0nGF4Jm7cKJobJ0wIa2MDPV9Q
w64lqKAXDqUmIKlpzpLzImqj/AlZDDO4u3wg8QvGjcZT0bRiSRQUPutmkinTI2mo
xhFnQ/KAVnuIm3m92GroOAfDFy7t6KTJB7PquEa9Q8Dy0PMfC8Yov9jqAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIveJEbiVCoQyakUsABGYLMkgzx2MB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKvb3dIRr
f7h+EBoNyiVVsej7P59hMLGTF1n+4h1liMAgoT6CZ+aaqCXUWmfiu7j9u3PcTLpf
4pB88+1IbWCdnkYp5oRIPT58TJEF0zqFgDTNQarx2oaUS3ub3CRv9MUrSrdo19wQ
Lz3gwwDDBhOFym9PR/Or/9M6cQoeE+uU9+wDNbJfAlKg2lEsj1noKh23MbJdx0xV
hChuGVp4oc0mXcq838YW8UgUReMUv5fgkSHDNnuR1V6qXjzSKXH9044GMJcVlRtv
BM1qT8jf8kW+ZurzMOVUU42+h9ohAXG2GamaMWKDVemFJQ0BTSamXt2ffzLSEev4
k+h1VFqVqqkXGA==
-----END CERTIFICATE-----