Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
File:                     O4RSPDky4tGYBGI0uWLg3FGr9YY.mft (raw, json)
Hash identifier:          oOEfK9EqbrKW4HxPx4Ya+6HglBJR/1b16S1pGDlP4fo=
Subject key identifier:   84:28:CF:7B:3C:FF:90:62:A3:B4:FB:AE:41:72:D5:4A:C4:21:FB:46
Authority key identifier: 3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86
Certificate issuer:       /CN=3b84523c3932e2d198046234b962e0dc51abf586
Certificate serial:       019A4EF4840C54A4D3401F41592B05863531
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
Manifest number:          170C
Signing time:             Tue 04 Nov 2025 13:00:38 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:38 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:38 +0000
Files and hashes:         1: O4RSPDky4tGYBGI0uWLg3FGr9YY.crl (hash: ifqrxvXeOYdQ/ovRxiEuO/aQCpErE4kkwGyINnL95bo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:84:0c:54:a4:d3:40:1f:41:59:2b:05:86:35:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b84523c3932e2d198046234b962e0dc51abf586
        Validity
            Not Before: Nov  4 13:00:38 2025 GMT
            Not After : Nov  5 13:00:38 2025 GMT
        Subject: CN=8428cf7b3cff9062a3b4fbae4172d54ac421fb46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fe:d6:50:9a:64:b1:96:a9:21:de:b3:fa:57:
                    c9:ef:0e:c6:c4:7f:2a:7f:a1:cd:87:27:f8:2c:be:
                    86:5c:fd:b4:70:48:8b:3f:e9:cb:c9:3b:84:95:71:
                    32:8a:75:fe:2b:8e:a3:08:0e:06:c4:c0:c4:ed:83:
                    b5:38:b4:7b:cb:64:56:04:19:10:67:9d:74:7c:86:
                    c4:d0:15:5e:68:72:57:9a:d0:fc:c3:d1:99:6a:03:
                    80:d0:48:1b:4a:c3:34:78:8c:6d:77:7d:6f:30:71:
                    d4:4f:b3:9f:22:dc:ff:8e:b5:34:d4:99:cc:32:fd:
                    3c:40:d5:ce:7b:eb:47:87:1e:13:47:63:02:7d:3b:
                    d8:7b:7d:ed:6f:d2:54:7d:0a:5b:24:95:2b:7f:ab:
                    4c:88:56:2e:dd:c0:f1:ae:90:45:d8:6d:b0:ba:2b:
                    65:8a:96:ed:5a:ef:ce:42:bd:ff:17:00:6e:a0:36:
                    74:43:55:4f:1b:4e:4e:cf:74:d7:53:2e:d4:0c:0d:
                    d7:1c:03:c1:d9:76:8f:8b:eb:2c:4e:9e:0d:e6:dd:
                    05:d3:e3:42:fd:76:bb:a7:54:78:44:07:45:bc:53:
                    98:de:68:09:2b:7f:fa:d0:e2:7d:ba:6f:b9:a6:82:
                    a2:fd:17:16:a0:86:49:c7:a7:1d:46:a7:2c:05:93:
                    7c:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:28:CF:7B:3C:FF:90:62:A3:B4:FB:AE:41:72:D5:4A:C4:21:FB:46
            X509v3 Authority Key Identifier:
                keyid:3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:d7:45:80:9f:6c:d8:d0:8d:6a:c8:6d:0e:b3:ac:d9:da:93:
         51:48:cb:ee:69:d7:09:e5:34:34:d3:58:03:ee:29:ee:35:39:
         50:4d:f4:07:73:24:5b:f6:0e:10:2a:84:32:cc:7f:38:d3:33:
         39:a0:6f:66:5f:06:2a:3f:d2:aa:46:da:a6:ae:36:4f:83:a3:
         3f:90:36:79:a9:57:e5:6e:c8:a4:15:81:33:6e:1a:87:72:df:
         72:7c:bc:e0:fe:59:97:d3:28:53:29:40:5b:0e:9f:3d:14:85:
         42:88:89:5e:1a:dc:72:ac:78:62:66:cb:30:cd:f2:cd:54:bf:
         42:3d:8e:25:ff:f4:79:67:e5:f1:84:9e:9a:21:09:1c:92:10:
         36:91:f1:cb:1a:60:be:0f:a0:46:c3:99:75:ee:99:03:bd:de:
         05:6d:f5:af:8f:77:30:7f:d8:22:a7:a8:4b:1a:f7:f1:22:87:
         44:c2:cf:6a:cb:76:75:0a:40:92:6c:74:3b:3f:8d:f6:89:3c:
         8e:a9:6b:3a:11:6d:f3:c5:2a:90:57:da:4b:be:02:75:96:88:
         4f:51:3b:ca:11:58:36:01:ca:ea:11:f8:da:de:b9:a7:62:f6:
         e8:e4:74:b2:8f:7e:1e:46:5e:10:91:ca:89:c6:57:81:13:58:
         a3:a2:e9:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9IQMVKTTQB9BWSsFhjUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODQ1MjNjMzkzMmUyZDE5ODA0NjIzNGI5NjJlMGRjNTFh
YmY1ODYwHhcNMjUxMTA0MTMwMDM4WhcNMjUxMTA1MTMwMDM4WjAzMTEwLwYDVQQD
Eyg4NDI4Y2Y3YjNjZmY5MDYyYTNiNGZiYWU0MTcyZDU0YWM0MjFmYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv7WUJpksZapId6z+lfJ7w7GxH8q
f6HNhyf4LL6GXP20cEiLP+nLyTuElXEyinX+K46jCA4GxMDE7YO1OLR7y2RWBBkQ
Z510fIbE0BVeaHJXmtD8w9GZagOA0EgbSsM0eIxtd31vMHHUT7OfItz/jrU01JnM
Mv08QNXOe+tHhx4TR2MCfTvYe33tb9JUfQpbJJUrf6tMiFYu3cDxrpBF2G2wuitl
ipbtWu/OQr3/FwBuoDZ0Q1VPG05Oz3TXUy7UDA3XHAPB2XaPi+ssTp4N5t0F0+NC
/Xa7p1R4RAdFvFOY3mgJK3/60OJ9um+5poKi/RcWoIZJx6cdRqcsBZN8iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQoz3s8/5Bio7T7rkFy1UrEIftGMB8GA1UdIwQY
MBaAFDuEUjw5MuLRmARiNLli4NxRq/WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYt
YmRmNWM3ODA3NDJlLzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYtYmRmNWM3ODA3NDJl
LzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAitdFgJ9s
2NCNashtDrOs2dqTUUjL7mnXCeU0NNNYA+4p7jU5UE30B3MkW/YOECqEMsx/ONMz
OaBvZl8GKj/Sqkbapq42T4OjP5A2ealX5W7IpBWBM24ah3Lfcny84P5Zl9MoUylA
Ww6fPRSFQoiJXhrccqx4YmbLMM3yzVS/Qj2OJf/0eWfl8YSemiEJHJIQNpHxyxpg
vg+gRsOZde6ZA73eBW31r493MH/YIqeoSxr38SKHRMLPast2dQpAkmx0Oz+N9ok8
jqlrOhFt88UqkFfaS74CdZaIT1E7yhFYNgHK6hH42t65p2L26OR0so9+HkZeEJHK
icZXgRNYo6LpoQ==
-----END CERTIFICATE-----