Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.mft
File:                     uOssmbjKaFoqU4WIFB2xxLZB03Y.mft (raw, json)
Hash identifier:          0ze7rIyLfyoR8N6e2YsyjU1SqH2qsXfukYqgcXZndu8=
Subject key identifier:   5C:6D:D1:F6:78:FB:7A:3C:9E:55:7B:B5:B5:E9:FC:F1:93:73:58:F6
Authority key identifier: B8:EB:2C:99:B8:CA:68:5A:2A:53:85:88:14:1D:B1:C4:B6:41:D3:76
Certificate issuer:       /CN=b8eb2c99b8ca685a2a538588141db1c4b641d376
Certificate serial:       019A4EF4F5CFE2C1527343B18B5019BFE645
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uOssmbjKaFoqU4WIFB2xxLZB03Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 13:01:07 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:07 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:07 +0000
Files and hashes:         1: uOssmbjKaFoqU4WIFB2xxLZB03Y.crl (hash: G/8jvPq12PjS7smBe54vtLPRKem6HmAVbuf3Mvr1Wes=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uOssmbjKaFoqU4WIFB2xxLZB03Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:f5:cf:e2:c1:52:73:43:b1:8b:50:19:bf:e6:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8eb2c99b8ca685a2a538588141db1c4b641d376
        Validity
            Not Before: Nov  4 13:01:07 2025 GMT
            Not After : Nov  5 13:01:07 2025 GMT
        Subject: CN=5c6dd1f678fb7a3c9e557bb5b5e9fcf1937358f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:0f:16:a3:27:a8:79:d0:ee:f3:3c:52:ca:61:
                    69:59:76:2a:95:21:eb:14:a5:dd:39:a4:27:c7:50:
                    96:c0:20:d8:25:d9:2e:39:60:2e:66:c9:47:c0:27:
                    88:e2:2a:81:b5:d6:7d:11:01:51:b1:48:07:46:3e:
                    aa:49:3f:ef:9f:15:1c:56:c9:c3:7c:3e:fa:7a:ee:
                    c9:73:d4:4d:4a:2d:78:f5:be:79:d8:6d:b3:46:ea:
                    c4:5b:37:f5:1a:01:e5:8c:46:87:3c:47:4e:e6:8d:
                    55:07:e5:b7:f6:f5:35:88:83:45:54:b3:d8:81:fd:
                    7a:04:68:ea:dd:f8:34:ad:cd:8e:fc:09:53:6f:18:
                    8b:24:05:14:94:0a:da:fe:d2:9d:a0:f0:35:d0:3f:
                    96:f9:4b:7f:57:89:e6:94:6f:0a:06:cf:28:ff:37:
                    c2:7f:f2:96:7a:fe:15:45:de:77:01:76:00:f5:3a:
                    57:1b:54:02:1a:6a:77:24:d4:a0:33:8f:43:f4:a0:
                    d5:75:b9:55:b4:73:b5:85:75:f7:7e:9b:eb:76:42:
                    28:04:b8:c0:a4:ed:9c:1e:06:ba:3e:4a:96:3e:2e:
                    7e:00:92:19:ba:a9:9e:a8:d3:8a:d1:2b:88:2b:ae:
                    e0:4f:a9:69:2b:51:96:4f:7b:4f:31:dc:7d:c0:49:
                    8e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:6D:D1:F6:78:FB:7A:3C:9E:55:7B:B5:B5:E9:FC:F1:93:73:58:F6
            X509v3 Authority Key Identifier:
                keyid:B8:EB:2C:99:B8:CA:68:5A:2A:53:85:88:14:1D:B1:C4:B6:41:D3:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOssmbjKaFoqU4WIFB2xxLZB03Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/457533-6905-4840-883c-ab6d0c213fdc/1/uOssmbjKaFoqU4WIFB2xxLZB03Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:10:6c:3d:fc:b7:3b:e9:de:5d:36:79:fb:05:ea:0f:9e:19:
         11:7f:b3:13:86:e8:52:58:51:df:2a:c0:7e:a4:a4:46:8a:a4:
         a9:f3:7b:b7:dd:a2:02:36:97:c8:ae:9d:dd:6d:fa:50:e7:49:
         d7:89:41:ce:90:96:0b:5a:d8:36:13:2b:38:58:24:1a:02:ea:
         4c:9d:05:02:48:27:05:5f:3b:e3:28:d1:65:74:68:45:9d:5c:
         da:09:93:4c:aa:41:00:11:ba:74:ac:49:32:e1:32:86:3a:79:
         29:97:e6:b5:33:f9:8f:ee:b8:91:4d:a4:87:71:fc:0f:f4:d8:
         31:2d:2d:1b:02:cf:d3:a1:c4:02:b6:b7:51:36:02:e3:af:be:
         81:24:bf:55:26:29:c2:c6:0d:1e:83:eb:73:b8:dc:81:7d:99:
         dc:31:4d:18:45:20:43:63:d7:7f:4d:a0:4c:f5:bc:15:44:95:
         91:f9:81:66:10:4c:e2:34:b4:b1:2f:ce:61:fd:3d:3b:37:d7:
         66:15:fb:bf:65:4d:af:ee:73:e5:7a:a2:a8:fc:4c:1c:b2:0b:
         e8:35:df:80:56:be:f9:b1:a0:aa:65:f3:b5:d3:d9:99:78:af:
         fb:19:1a:a5:a8:e2:82:0a:17:f0:4c:7e:91:3e:f3:5a:57:10:
         39:ca:d1:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9PXP4sFSc0Oxi1AZv+ZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZWIyYzk5YjhjYTY4NWEyYTUzODU4ODE0MWRiMWM0YjY0
MWQzNzYwHhcNMjUxMTA0MTMwMTA3WhcNMjUxMTA1MTMwMTA3WjAzMTEwLwYDVQQD
Eyg1YzZkZDFmNjc4ZmI3YTNjOWU1NTdiYjViNWU5ZmNmMTkzNzM1OGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA8WoyeoedDu8zxSymFpWXYqlSHr
FKXdOaQnx1CWwCDYJdkuOWAuZslHwCeI4iqBtdZ9EQFRsUgHRj6qST/vnxUcVsnD
fD76eu7Jc9RNSi149b552G2zRurEWzf1GgHljEaHPEdO5o1VB+W39vU1iINFVLPY
gf16BGjq3fg0rc2O/AlTbxiLJAUUlAra/tKdoPA10D+W+Ut/V4nmlG8KBs8o/zfC
f/KWev4VRd53AXYA9TpXG1QCGmp3JNSgM49D9KDVdblVtHO1hXX3fpvrdkIoBLjA
pO2cHga6PkqWPi5+AJIZuqmeqNOK0SuIK67gT6lpK1GWT3tPMdx9wEmOTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxt0fZ4+3o8nlV7tbXp/PGTc1j2MB8GA1UdIwQY
MBaAFLjrLJm4ymhaKlOFiBQdscS2QdN2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9zc21iakthRm9xVTRXSUZCMnh4TFpCMDNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC80NTc1MzMtNjkwNS00ODQwLTg4M2Mt
YWI2ZDBjMjEzZmRjLzEvdU9zc21iakthRm9xVTRXSUZCMnh4TFpCMDNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC80NTc1MzMtNjkwNS00ODQwLTg4M2MtYWI2ZDBjMjEzZmRj
LzEvdU9zc21iakthRm9xVTRXSUZCMnh4TFpCMDNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKhBsPfy3
O+neXTZ5+wXqD54ZEX+zE4boUlhR3yrAfqSkRoqkqfN7t92iAjaXyK6d3W36UOdJ
14lBzpCWC1rYNhMrOFgkGgLqTJ0FAkgnBV874yjRZXRoRZ1c2gmTTKpBABG6dKxJ
MuEyhjp5KZfmtTP5j+64kU2kh3H8D/TYMS0tGwLP06HEAra3UTYC46++gSS/VSYp
wsYNHoPrc7jcgX2Z3DFNGEUgQ2PXf02gTPW8FUSVkfmBZhBM4jS0sS/OYf09OzfX
ZhX7v2VNr+5z5XqiqPxMHLIL6DXfgFa++bGgqmXztdPZmXiv+xkapajiggoX8Ex+
kT7zWlcQOcrRfQ==
-----END CERTIFICATE-----