Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          53o1KPgncAHlkHRFuWYzpKc1OLfo+UtfWT8rJR+GgbM=
Subject key identifier:   A4:C7:D3:07:E8:02:A7:58:B1:3C:13:06:CF:0C:74:6C:0F:75:18:1F
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       019A4EF56A80395CCE2810093CCE70F834E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 13:01:37 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:37 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:37 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: Yaf7q1zabx+WOhNyMRyGaNgwhcPrSbj6nSsLxwJrMnM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:6a:80:39:5c:ce:28:10:09:3c:ce:70:f8:34:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Nov  4 13:01:37 2025 GMT
            Not After : Nov  5 13:01:37 2025 GMT
        Subject: CN=a4c7d307e802a758b13c1306cf0c746c0f75181f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ac:b6:a3:4b:ea:ec:ae:5d:09:2c:31:cc:8a:
                    a2:01:65:49:d4:25:e8:13:27:d6:66:63:0b:5d:e2:
                    29:29:ba:b8:91:29:10:91:b5:b2:9a:89:66:6b:8d:
                    a4:b6:6d:db:d0:da:23:e9:8f:47:26:10:93:e3:65:
                    5e:97:c0:88:43:ca:29:e1:d9:e6:f5:0e:6b:d2:7d:
                    0e:b5:88:b2:fe:3b:52:3c:b3:8d:be:d0:c1:f4:0d:
                    7b:84:58:cc:49:34:6b:42:e9:13:06:3b:a7:80:60:
                    6e:69:c7:f8:74:d0:5f:fb:01:3e:f2:a2:5b:07:83:
                    6c:e0:47:f1:cb:11:7b:93:f0:58:0d:70:c0:44:09:
                    bc:ed:e9:5f:af:6b:22:8a:27:ff:5c:1e:a4:b7:bf:
                    53:b6:1d:08:6f:cf:4b:be:10:92:cc:82:40:7b:8f:
                    26:ba:31:22:9d:66:ee:0a:31:ec:92:73:85:ce:0a:
                    e2:f7:d6:54:0f:ae:b0:ec:8a:b4:19:8a:52:40:32:
                    6e:3a:76:ee:68:37:36:0f:d0:29:d0:db:80:7e:b2:
                    90:d5:4c:4b:25:be:9a:55:80:95:94:af:a2:4e:12:
                    24:14:39:44:1b:0e:19:a8:db:bc:41:9f:35:0e:16:
                    ab:15:11:c0:23:e8:e4:65:3a:f9:f7:27:95:f8:55:
                    86:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:C7:D3:07:E8:02:A7:58:B1:3C:13:06:CF:0C:74:6C:0F:75:18:1F
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:48:12:0b:4d:a1:9f:da:de:48:05:42:b6:01:04:d8:82:27:
         65:62:ef:27:bf:04:65:61:d3:9f:ee:da:e5:ea:5f:6a:25:4b:
         c7:51:45:a2:8f:04:99:c7:77:73:72:6b:46:6e:57:8b:d4:65:
         eb:31:69:18:ec:23:c3:88:2d:2b:66:95:48:2d:0e:ac:26:be:
         32:a9:28:53:53:f8:b9:9f:1c:a2:eb:d2:55:23:4c:41:14:5f:
         97:c5:6a:fa:dd:cc:0e:1b:e1:07:e8:02:16:d1:18:2b:87:b1:
         d5:03:58:ad:8d:fd:84:54:cd:08:91:48:3e:c3:bd:8c:15:09:
         4b:c5:e5:c4:a3:8f:3c:4c:13:c5:0a:e6:5f:74:dd:f9:40:4b:
         7a:ad:53:ce:d9:aa:03:ec:23:72:08:02:1e:9e:24:0b:33:93:
         2a:e3:a9:f4:9d:e5:59:14:bd:6b:7b:4c:cf:df:63:da:55:e0:
         98:df:89:f6:e6:d6:37:09:98:6e:c5:4a:94:da:0d:c8:b3:97:
         ae:93:be:b1:99:0d:80:6c:b9:41:51:e0:53:fd:d9:aa:bf:0d:
         93:85:7c:a9:93:9c:3a:26:8f:5f:42:dd:66:a2:20:a3:94:c2:
         c7:7b:c6:c6:38:e9:0c:a4:c5:d7:ec:2b:d0:fe:e4:72:82:c6:
         68:a3:e4:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9WqAOVzOKBAJPM5w+DTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjUxMTA0MTMwMTM3WhcNMjUxMTA1MTMwMTM3WjAzMTEwLwYDVQQD
EyhhNGM3ZDMwN2U4MDJhNzU4YjEzYzEzMDZjZjBjNzQ2YzBmNzUxODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqy2o0vq7K5dCSwxzIqiAWVJ1CXo
EyfWZmMLXeIpKbq4kSkQkbWymolma42ktm3b0Noj6Y9HJhCT42Vel8CIQ8op4dnm
9Q5r0n0OtYiy/jtSPLONvtDB9A17hFjMSTRrQukTBjungGBuacf4dNBf+wE+8qJb
B4Ns4EfxyxF7k/BYDXDARAm87elfr2siiif/XB6kt79Tth0Ib89LvhCSzIJAe48m
ujEinWbuCjHsknOFzgri99ZUD66w7Iq0GYpSQDJuOnbuaDc2D9Ap0NuAfrKQ1UxL
Jb6aVYCVlK+iThIkFDlEGw4ZqNu8QZ81DharFRHAI+jkZTr59yeV+FWGJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTH0wfoAqdYsTwTBs8MdGwPdRgfMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC0gSC02h
n9reSAVCtgEE2IInZWLvJ78EZWHTn+7a5epfaiVLx1FFoo8Emcd3c3JrRm5Xi9Rl
6zFpGOwjw4gtK2aVSC0OrCa+MqkoU1P4uZ8couvSVSNMQRRfl8Vq+t3MDhvhB+gC
FtEYK4ex1QNYrY39hFTNCJFIPsO9jBUJS8XlxKOPPEwTxQrmX3Td+UBLeq1Tztmq
A+wjcggCHp4kCzOTKuOp9J3lWRS9a3tMz99j2lXgmN+J9ubWNwmYbsVKlNoNyLOX
rpO+sZkNgGy5QVHgU/3Zqr8Nk4V8qZOcOiaPX0LdZqIgo5TCx3vGxjjpDKTF1+wr
0P7kcoLGaKPkXw==
-----END CERTIFICATE-----