Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          olyM/Ia93RZ49fUGfW6CJC920uczvf5BTo3GnyicgX0=
Subject key identifier:   74:2D:DA:CD:D2:99:1F:04:55:E3:9F:69:86:54:25:67:03:C4:99:90
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       019A503E3964479DE40E6EC1912AE653D22F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0B1D
Signing time:             Tue 04 Nov 2025 19:00:46 +0000
Manifest this update:     Tue 04 Nov 2025 19:00:46 +0000
Manifest next update:     Wed 05 Nov 2025 19:00:46 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: DSM6xErMKgm+arDECdDUo/X9IgdIaXAfwKEHdqQRgbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:3e:39:64:47:9d:e4:0e:6e:c1:91:2a:e6:53:d2:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Nov  4 19:00:46 2025 GMT
            Not After : Nov  5 19:00:46 2025 GMT
        Subject: CN=742ddacdd2991f0455e39f698654256703c49990
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:7f:08:ea:9d:eb:1a:db:4f:86:05:64:33:90:
                    08:a0:95:55:ea:cc:d8:60:80:05:b6:c0:49:92:f6:
                    55:99:65:ff:0d:a2:9b:bf:7a:65:f6:f9:65:09:21:
                    e6:f6:fb:85:01:27:bd:15:17:48:e6:df:4d:1f:0c:
                    5b:34:da:5f:3a:63:ef:4e:5f:f5:f6:88:32:7a:c1:
                    d1:70:6f:ef:73:fe:77:0f:4e:91:c9:df:23:f9:75:
                    63:3e:e7:56:0e:e4:23:ac:0f:3c:cb:ee:85:73:45:
                    88:0e:ea:21:47:b3:8e:87:d7:75:aa:5e:ed:d1:1b:
                    b3:fb:18:34:da:ce:96:ba:04:b6:56:94:b5:7a:e5:
                    2e:d9:0e:af:54:94:d3:e4:a3:55:76:df:69:b9:4b:
                    f1:01:a7:e1:a9:98:fe:a1:91:2e:cd:d2:b5:f6:b2:
                    65:08:ae:89:41:56:ef:c1:00:61:46:a1:21:04:ab:
                    9c:31:89:6f:88:dc:ab:ea:f5:e6:a3:e3:2c:ec:0a:
                    23:e0:6b:93:19:cb:5f:c9:c5:0c:70:39:8e:70:5d:
                    55:f3:cc:17:e7:6f:42:2b:12:c8:f2:15:a9:61:69:
                    7b:f2:78:d7:51:9b:6f:b9:c8:61:77:f2:53:35:4c:
                    e3:10:11:aa:c9:ff:9e:75:48:23:91:b7:65:23:74:
                    e9:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:2D:DA:CD:D2:99:1F:04:55:E3:9F:69:86:54:25:67:03:C4:99:90
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:33:11:3e:70:9b:f3:2d:0c:4c:da:dd:de:73:92:d3:1f:c9:
         ea:04:9f:14:c4:9a:cb:69:84:1d:14:02:80:62:d1:01:65:8c:
         6a:04:88:a2:c7:26:ed:95:c8:79:f0:9d:74:42:86:91:1b:89:
         42:f3:e4:20:8d:f5:5c:e8:b2:55:f7:11:fc:aa:27:0b:ca:84:
         b3:8b:1e:2c:61:eb:4a:75:4e:46:6e:c7:c9:b4:9d:64:11:29:
         33:44:03:ce:be:09:ff:f3:89:b3:dc:5f:e8:71:16:bd:01:e2:
         14:4e:fd:a3:90:b1:06:4d:c0:42:06:e4:cd:ea:8d:fd:24:86:
         2f:58:67:b0:36:a8:25:56:41:f8:ef:c1:e5:c6:80:c4:da:da:
         d4:75:87:20:89:33:77:f2:ae:a9:97:89:c6:e7:33:64:46:8a:
         4f:6a:65:c3:6c:54:89:d4:fd:64:43:bd:47:8a:b2:7f:e9:7a:
         ef:4d:00:b4:87:fa:22:48:b2:49:4c:e4:2a:92:b2:1a:d2:2b:
         80:e6:96:ec:b0:9b:b4:c7:20:fc:38:61:7c:8b:33:f4:0c:54:
         8f:b8:2e:ee:d8:31:98:e5:e7:e4:cf:18:a9:81:28:b7:a5:c2:
         b5:6b:b0:08:ee:a4:23:5f:d4:3e:06:43:4a:f1:11:f8:d3:52:
         3b:d9:37:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPjlkR53kDm7BkSrmU9IvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjUxMTA0MTkwMDQ2WhcNMjUxMTA1MTkwMDQ2WjAzMTEwLwYDVQQD
Eyg3NDJkZGFjZGQyOTkxZjA0NTVlMzlmNjk4NjU0MjU2NzAzYzQ5OTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H8I6p3rGttPhgVkM5AIoJVV6szY
YIAFtsBJkvZVmWX/DaKbv3pl9vllCSHm9vuFASe9FRdI5t9NHwxbNNpfOmPvTl/1
9ogyesHRcG/vc/53D06Ryd8j+XVjPudWDuQjrA88y+6Fc0WIDuohR7OOh9d1ql7t
0Ruz+xg02s6WugS2VpS1euUu2Q6vVJTT5KNVdt9puUvxAafhqZj+oZEuzdK19rJl
CK6JQVbvwQBhRqEhBKucMYlviNyr6vXmo+Ms7Aoj4GuTGctfycUMcDmOcF1V88wX
529CKxLI8hWpYWl78njXUZtvuchhd/JTNUzjEBGqyf+edUgjkbdlI3TpYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQt2s3SmR8EVeOfaYZUJWcDxJmQMB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcDMRPnCb
8y0MTNrd3nOS0x/J6gSfFMSay2mEHRQCgGLRAWWMagSIoscm7ZXIefCddEKGkRuJ
QvPkII31XOiyVfcR/KonC8qEs4seLGHrSnVORm7HybSdZBEpM0QDzr4J//OJs9xf
6HEWvQHiFE79o5CxBk3AQgbkzeqN/SSGL1hnsDaoJVZB+O/B5caAxNra1HWHIIkz
d/KuqZeJxuczZEaKT2plw2xUidT9ZEO9R4qyf+l6700AtIf6IkiySUzkKpKyGtIr
gOaW7LCbtMcg/DhhfIsz9AxUj7gu7tgxmOXn5M8YqYEot6XCtWuwCO6kI1/UPgZD
SvER+NNSO9k3Ew==
-----END CERTIFICATE-----