Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft
File:                     oGqOPGol1GOfOUWtFszF6Yo6kqY.mft (raw, json)
Hash identifier:          AhGiNTwJYrJXU0IBDzByN6aXwrIr3DmQQhEtvl0LsMM=
Subject key identifier:   59:EF:A0:64:5D:84:C9:67:5F:13:A2:5A:16:8C:E9:65:3D:84:4A:B6
Authority key identifier: A0:6A:8E:3C:6A:25:D4:63:9F:39:45:AD:16:CC:C5:E9:8A:3A:92:A6
Certificate issuer:       /CN=a06a8e3c6a25d4639f3945ad16ccc5e98a3a92a6
Certificate serial:       019A4EF54373C97CCB3939BB777333FDD956
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oGqOPGol1GOfOUWtFszF6Yo6kqY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 13:01:27 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:27 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:27 +0000
Files and hashes:         1: oGqOPGol1GOfOUWtFszF6Yo6kqY.crl (hash: fbu9KoMkdigWFMrn8hy07GPWrK5SjU0lT/XXBE+xXXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oGqOPGol1GOfOUWtFszF6Yo6kqY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:43:73:c9:7c:cb:39:39:bb:77:73:33:fd:d9:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a06a8e3c6a25d4639f3945ad16ccc5e98a3a92a6
        Validity
            Not Before: Nov  4 13:01:27 2025 GMT
            Not After : Nov  5 13:01:27 2025 GMT
        Subject: CN=59efa0645d84c9675f13a25a168ce9653d844ab6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:1a:49:bd:37:dd:51:c3:0b:4c:a1:8e:c5:83:
                    0e:f6:fc:fa:12:75:4a:db:85:cb:8a:ce:e4:9f:e6:
                    22:d1:80:08:e7:e2:a4:84:7c:e7:8a:d1:df:25:ca:
                    32:61:d1:90:88:b7:eb:04:48:00:0b:5b:a6:4f:ea:
                    e5:5e:80:43:2f:02:dc:2d:f6:e2:f1:b7:81:67:d6:
                    10:cd:ed:af:64:c1:b3:52:e6:26:e3:87:80:1b:c0:
                    dc:03:2f:58:ae:90:df:da:9b:99:7c:ae:32:fd:48:
                    01:4b:c1:23:8c:e9:9d:54:8d:06:ac:59:f4:6b:40:
                    44:97:0f:9b:71:37:c3:f1:12:95:00:d7:56:9b:69:
                    e3:3a:38:10:07:59:01:e6:12:a3:cc:9c:4d:87:53:
                    da:a7:d5:eb:34:1f:08:2f:b6:9c:e5:ad:84:4c:a4:
                    3f:17:ca:1e:ff:4f:fe:a0:26:58:bb:94:34:00:a4:
                    ce:f1:99:d7:28:53:81:7b:40:7f:af:7a:d0:c6:d7:
                    db:1d:eb:29:65:14:36:57:6f:20:91:8f:a5:2d:92:
                    3c:83:d6:72:a7:b7:09:d5:7e:68:76:10:64:6c:31:
                    0f:b4:b8:d0:bc:2a:87:1d:b0:41:f4:fb:aa:4d:39:
                    70:8b:22:4b:02:58:ff:09:d2:d4:34:6e:70:2c:ed:
                    8b:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:EF:A0:64:5D:84:C9:67:5F:13:A2:5A:16:8C:E9:65:3D:84:4A:B6
            X509v3 Authority Key Identifier:
                keyid:A0:6A:8E:3C:6A:25:D4:63:9F:39:45:AD:16:CC:C5:E9:8A:3A:92:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGqOPGol1GOfOUWtFszF6Yo6kqY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:9a:5c:04:f6:fe:9e:32:b1:f9:0d:25:88:89:1e:65:48:55:
         46:8e:b1:5b:e7:15:c4:f3:c4:44:33:83:16:80:cb:82:42:c3:
         f3:c9:ed:b6:00:e9:22:20:f0:96:19:96:1c:90:c1:04:4d:88:
         44:78:02:76:14:58:58:d9:10:26:fe:62:1b:ac:8a:69:2a:54:
         3a:06:28:a7:70:40:42:28:fc:40:5c:54:7a:11:ee:22:dd:81:
         d2:17:78:69:59:27:87:4e:7a:7f:f5:87:0d:77:98:5c:fa:cc:
         49:e3:1c:7f:20:a3:95:b5:5f:22:a1:ff:7a:6e:3d:8e:07:90:
         c5:26:28:b7:74:e1:b1:1a:11:66:19:3a:4a:5f:49:86:fb:38:
         0c:54:57:f7:09:70:ca:36:38:db:ba:a1:a0:42:e7:6d:48:42:
         ab:52:d4:59:6e:22:07:3e:4f:0e:a0:af:02:d5:89:1b:5e:92:
         fa:81:73:a3:6e:ee:05:b6:22:9b:7c:60:cf:64:2f:b0:b1:ef:
         50:65:15:a2:be:49:30:fc:ad:b3:0d:13:e3:5a:18:c5:50:5e:
         dd:1d:1f:c2:b9:61:66:85:b8:ec:a1:2f:43:05:bc:03:54:23:
         19:ed:be:79:25:11:2f:00:9a:c8:2d:c2:85:07:82:c4:7d:ee:
         dd:59:7a:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9UNzyXzLOTm7d3Mz/dlWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNmE4ZTNjNmEyNWQ0NjM5ZjM5NDVhZDE2Y2NjNWU5OGEz
YTkyYTYwHhcNMjUxMTA0MTMwMTI3WhcNMjUxMTA1MTMwMTI3WjAzMTEwLwYDVQQD
Eyg1OWVmYTA2NDVkODRjOTY3NWYxM2EyNWExNjhjZTk2NTNkODQ0YWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBpJvTfdUcMLTKGOxYMO9vz6EnVK
24XLis7kn+Yi0YAI5+KkhHznitHfJcoyYdGQiLfrBEgAC1umT+rlXoBDLwLcLfbi
8beBZ9YQze2vZMGzUuYm44eAG8DcAy9YrpDf2puZfK4y/UgBS8EjjOmdVI0GrFn0
a0BElw+bcTfD8RKVANdWm2njOjgQB1kB5hKjzJxNh1Pap9XrNB8IL7ac5a2ETKQ/
F8oe/0/+oCZYu5Q0AKTO8ZnXKFOBe0B/r3rQxtfbHespZRQ2V28gkY+lLZI8g9Zy
p7cJ1X5odhBkbDEPtLjQvCqHHbBB9PuqTTlwiyJLAlj/CdLUNG5wLO2LeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnvoGRdhMlnXxOiWhaM6WU9hEq2MB8GA1UdIwQY
MBaAFKBqjjxqJdRjnzlFrRbMxemKOpKmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0dxT1BHb2wxR09mT1VXdEZzekY2WW82a3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9kMjQzMDUtYzU1MS00NTBkLWI2OTct
OWFjMmQ1MzZmMTJkLzEvb0dxT1BHb2wxR09mT1VXdEZzekY2WW82a3FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9kMjQzMDUtYzU1MS00NTBkLWI2OTctOWFjMmQ1MzZmMTJk
LzEvb0dxT1BHb2wxR09mT1VXdEZzekY2WW82a3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg5pcBPb+
njKx+Q0liIkeZUhVRo6xW+cVxPPERDODFoDLgkLD88nttgDpIiDwlhmWHJDBBE2I
RHgCdhRYWNkQJv5iG6yKaSpUOgYop3BAQij8QFxUehHuIt2B0hd4aVknh056f/WH
DXeYXPrMSeMcfyCjlbVfIqH/em49jgeQxSYot3ThsRoRZhk6Sl9Jhvs4DFRX9wlw
yjY427qhoELnbUhCq1LUWW4iBz5PDqCvAtWJG16S+oFzo27uBbYim3xgz2QvsLHv
UGUVor5JMPytsw0T41oYxVBe3R0fwrlhZoW47KEvQwW8A1QjGe2+eSURLwCayC3C
hQeCxH3u3Vl6qw==
-----END CERTIFICATE-----