Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          uaWYcmuT/C1568G4BNRl+TY+bevfGlfB46u7+3qDDi0=
Subject key identifier:   30:74:3F:3D:EA:3F:52:25:D2:F1:DC:32:F2:01:30:9E:E8:BA:71:72
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       019A50073207074621D199E0DA3A628327DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          03DF
Signing time:             Tue 04 Nov 2025 18:00:39 +0000
Manifest this update:     Tue 04 Nov 2025 18:00:39 +0000
Manifest next update:     Wed 05 Nov 2025 18:00:39 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: Inj/4SCf1lf0lT+sDE1+6oEVfQ8zhBLIxvqQjgeY6Y4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:07:32:07:07:46:21:d1:99:e0:da:3a:62:83:27:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Nov  4 18:00:39 2025 GMT
            Not After : Nov  5 18:00:39 2025 GMT
        Subject: CN=30743f3dea3f5225d2f1dc32f201309ee8ba7172
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:0e:9e:d8:d9:18:47:45:b0:be:02:f4:52:f8:
                    95:30:ce:c2:d4:c2:d5:b8:be:58:b7:ff:02:1c:d1:
                    8e:f2:60:0c:dc:39:3a:e2:c6:90:c8:a2:28:17:71:
                    26:50:15:f8:10:e6:3e:7f:1f:9e:da:01:d2:14:2a:
                    01:cd:d1:d0:cc:93:66:f9:93:85:8b:1d:b1:ca:4f:
                    41:f7:47:82:90:81:48:f8:ce:73:4c:5d:03:1d:15:
                    1c:b1:ba:95:9b:2b:e4:0a:71:c4:d9:43:6d:5c:1e:
                    2d:80:6c:31:91:32:58:0d:a1:b0:76:c1:54:2a:64:
                    ba:98:31:34:cc:08:60:80:80:52:ac:a1:8d:e3:a4:
                    79:6b:b1:8e:93:88:96:03:dc:6d:fc:b7:f5:b2:8f:
                    ae:d7:9a:86:6c:15:a8:1c:9c:84:94:11:ea:6d:fe:
                    f8:ac:5e:93:9a:15:48:38:81:ec:f3:0e:2b:5b:38:
                    43:7b:46:ae:5b:0c:b3:6e:f7:c0:33:b7:c4:0e:d8:
                    a0:7b:5b:b1:e7:d6:e3:8e:52:f2:c7:54:62:c9:19:
                    55:13:50:5d:00:5b:85:3d:c7:24:7b:fe:db:3c:af:
                    da:eb:94:37:60:4b:ac:ea:72:54:fb:e8:23:f6:1e:
                    be:b8:00:1c:b8:cd:58:36:c2:9f:8e:08:e5:c2:c7:
                    f3:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:74:3F:3D:EA:3F:52:25:D2:F1:DC:32:F2:01:30:9E:E8:BA:71:72
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:49:54:1e:ba:c0:e8:c7:4f:07:ed:73:fc:6a:a1:83:6f:6f:
         b9:5b:f2:92:f4:54:51:75:81:5b:67:bb:8d:07:9c:72:d8:90:
         e1:b3:b2:9a:ce:32:92:57:d5:0e:86:48:08:4b:94:3e:c6:bf:
         4d:76:fe:bf:cf:cc:8d:1c:97:e3:60:72:21:16:da:96:ad:d7:
         0e:36:ec:cc:96:43:74:1a:db:55:3f:8e:1f:4a:35:4a:97:86:
         44:16:de:48:ca:07:95:57:12:71:e7:21:c9:ef:05:90:68:94:
         39:b2:b7:5f:f0:cb:6e:c1:28:5a:d2:56:95:c0:ec:03:b7:71:
         75:55:3c:24:e9:48:5c:2b:3c:1b:5f:91:4c:c5:f8:f7:f9:d1:
         1f:35:b9:29:bc:c1:b8:6f:50:07:8a:a6:d9:43:01:d8:c1:b1:
         7e:f0:43:29:99:bc:d9:15:33:e0:4e:23:0e:5b:65:c3:d8:0a:
         28:6d:d9:91:8d:11:92:79:b5:91:83:25:02:b4:80:87:d4:c9:
         ea:c1:e7:9e:4e:41:d2:10:56:47:31:f3:02:0f:81:3b:f0:41:
         81:d4:01:9c:59:c6:c3:50:c4:f4:5b:05:1a:cb:53:ff:46:bb:
         5e:f1:66:0e:c2:f0:dd:2a:43:5e:62:b3:f8:87:1c:7e:f8:26:
         f1:ea:d9:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQBzIHB0Yh0Zng2jpigyfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjUxMTA0MTgwMDM5WhcNMjUxMTA1MTgwMDM5WjAzMTEwLwYDVQQD
EygzMDc0M2YzZGVhM2Y1MjI1ZDJmMWRjMzJmMjAxMzA5ZWU4YmE3MTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g6e2NkYR0WwvgL0UviVMM7C1MLV
uL5Yt/8CHNGO8mAM3Dk64saQyKIoF3EmUBX4EOY+fx+e2gHSFCoBzdHQzJNm+ZOF
ix2xyk9B90eCkIFI+M5zTF0DHRUcsbqVmyvkCnHE2UNtXB4tgGwxkTJYDaGwdsFU
KmS6mDE0zAhggIBSrKGN46R5a7GOk4iWA9xt/Lf1so+u15qGbBWoHJyElBHqbf74
rF6TmhVIOIHs8w4rWzhDe0auWwyzbvfAM7fEDtige1ux59bjjlLyx1RiyRlVE1Bd
AFuFPccke/7bPK/a65Q3YEus6nJU++gj9h6+uAAcuM1YNsKfjgjlwsfz7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDB0Pz3qP1Il0vHcMvIBMJ7ounFyMB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACklUHrrA
6MdPB+1z/Gqhg29vuVvykvRUUXWBW2e7jQecctiQ4bOyms4yklfVDoZICEuUPsa/
TXb+v8/MjRyX42ByIRbalq3XDjbszJZDdBrbVT+OH0o1SpeGRBbeSMoHlVcScech
ye8FkGiUObK3X/DLbsEoWtJWlcDsA7dxdVU8JOlIXCs8G1+RTMX49/nRHzW5KbzB
uG9QB4qm2UMB2MGxfvBDKZm82RUz4E4jDltlw9gKKG3ZkY0Rknm1kYMlArSAh9TJ
6sHnnk5B0hBWRzHzAg+BO/BBgdQBnFnGw1DE9FsFGstT/0a7XvFmDsLw3SpDXmKz
+Iccfvgm8erZzQ==
-----END CERTIFICATE-----