Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
File:                     _OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft (raw, json)
Hash identifier:          GUy9FbNqbGradaSspQ+BEovAzUJvQkwyTTnWjy9wUDQ=
Subject key identifier:   0F:0B:A4:3E:EF:9F:A1:2D:85:5A:B6:20:6B:58:7C:5D:FD:D6:B7:E7
Authority key identifier: FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1
Certificate issuer:       /CN=fce27d64a4ce95e08311afaff43e66d073fb21d1
Certificate serial:       019A4EF51442495CFD0FA0F8E57BBEC2691E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
Manifest number:          1087
Signing time:             Tue 04 Nov 2025 13:01:15 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:15 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:15 +0000
Files and hashes:         1: _OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl (hash: 5J8mFuCKbB48/27n0lABVk0SneBWHoBMkAGjpURMelY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:14:42:49:5c:fd:0f:a0:f8:e5:7b:be:c2:69:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fce27d64a4ce95e08311afaff43e66d073fb21d1
        Validity
            Not Before: Nov  4 13:01:15 2025 GMT
            Not After : Nov  5 13:01:15 2025 GMT
        Subject: CN=0f0ba43eef9fa12d855ab6206b587c5dfdd6b7e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:98:47:04:27:f5:d4:ee:de:74:ca:52:2c:ba:
                    26:40:ac:b8:4b:21:22:e4:10:49:21:5d:91:ed:3a:
                    65:a3:49:2b:de:e1:b5:92:f4:a7:e3:23:d0:78:c6:
                    7a:a9:c7:38:70:42:18:5a:fc:89:7a:d6:69:86:86:
                    12:a8:61:6f:36:2e:1e:a0:40:d3:fc:1a:ed:b6:db:
                    e1:c4:e6:cd:ee:73:46:45:5d:00:7f:a1:69:f8:88:
                    89:71:7a:42:0d:3a:72:c1:61:90:fd:b3:41:c2:0d:
                    bb:18:b6:80:53:d9:24:f1:43:ed:70:e6:56:f7:33:
                    37:64:c2:25:3b:a5:7b:35:82:9c:3f:3f:6f:fd:e6:
                    ba:b2:e2:b2:7b:d4:ea:35:8a:ba:65:8c:50:86:ee:
                    fc:c3:c9:15:40:45:af:9c:04:65:2f:73:4a:24:f6:
                    f4:42:5b:b9:6b:6e:11:4e:d8:32:ed:1c:d4:47:19:
                    20:78:e6:a1:42:9b:d1:67:0a:4c:85:f0:bd:3f:02:
                    93:39:a8:64:3a:c9:06:6d:d4:d8:bd:36:a9:6b:fb:
                    f8:36:af:21:4f:85:30:89:2f:6d:77:1d:4a:c4:e1:
                    97:ca:60:8b:ee:fe:a6:61:ce:a1:53:24:26:5d:81:
                    3d:f1:f2:54:68:37:81:b5:f7:c8:86:ba:52:60:e7:
                    78:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:0B:A4:3E:EF:9F:A1:2D:85:5A:B6:20:6B:58:7C:5D:FD:D6:B7:E7
            X509v3 Authority Key Identifier:
                keyid:FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:7a:bc:94:60:80:99:e1:11:f0:7d:69:d4:f2:50:5c:0a:6a:
         cd:dc:f1:b4:07:8e:bd:6a:24:a4:1c:ad:18:5a:75:dd:4e:98:
         a5:ab:61:e6:bf:1a:a9:7d:da:79:c8:5b:90:61:f9:02:e7:aa:
         89:84:d0:dc:87:2d:eb:d0:4f:df:d3:f6:6a:6f:61:19:83:e0:
         96:81:1a:a1:ea:c2:b6:88:67:43:c9:c8:28:ba:e3:b5:4a:6f:
         fd:9e:de:5f:b2:2a:73:f0:64:4a:1c:0f:2c:f5:3f:ee:c0:1b:
         28:39:8a:1f:b4:b6:3b:d2:bf:24:c3:c8:ff:0a:8e:e5:9c:33:
         fa:0e:c7:24:1a:0a:d8:b1:5b:3d:fb:66:70:e8:19:58:75:7f:
         b0:1b:32:35:28:fd:c9:df:11:bc:34:03:b3:60:2b:06:b1:89:
         68:d3:cc:e7:b8:7f:99:32:4c:77:79:cc:05:a8:6f:6a:4c:8f:
         ad:e8:82:51:55:5b:c1:bd:c6:d1:7b:df:f7:27:bc:17:c5:fc:
         37:4d:28:3c:bb:54:0c:7c:26:fb:f9:e4:98:80:da:ea:1c:b3:
         e5:8a:dc:09:0f:45:30:40:e3:47:47:a2:47:62:81:07:66:53:
         d1:77:9e:0e:56:79:5e:c7:5a:45:86:c3:e8:da:b1:af:b2:fb:
         6a:3c:8f:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9RRCSVz9D6D45Xu+wmkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTI3ZDY0YTRjZTk1ZTA4MzExYWZhZmY0M2U2NmQwNzNm
YjIxZDEwHhcNMjUxMTA0MTMwMTE1WhcNMjUxMTA1MTMwMTE1WjAzMTEwLwYDVQQD
EygwZjBiYTQzZWVmOWZhMTJkODU1YWI2MjA2YjU4N2M1ZGZkZDZiN2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZhHBCf11O7edMpSLLomQKy4SyEi
5BBJIV2R7Tplo0kr3uG1kvSn4yPQeMZ6qcc4cEIYWvyJetZphoYSqGFvNi4eoEDT
/BrtttvhxObN7nNGRV0Af6Fp+IiJcXpCDTpywWGQ/bNBwg27GLaAU9kk8UPtcOZW
9zM3ZMIlO6V7NYKcPz9v/ea6suKye9TqNYq6ZYxQhu78w8kVQEWvnARlL3NKJPb0
Qlu5a24RTtgy7RzURxkgeOahQpvRZwpMhfC9PwKTOahkOskGbdTYvTapa/v4Nq8h
T4UwiS9tdx1KxOGXymCL7v6mYc6hUyQmXYE98fJUaDeBtffIhrpSYOd4mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8LpD7vn6EthVq2IGtYfF391rfnMB8GA1UdIwQY
MBaAFPzifWSkzpXggxGvr/Q+ZtBz+yHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEt
MDAxNGJjODU1YmY0LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEtMDAxNGJjODU1YmY0
LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXXq8lGCA
meER8H1p1PJQXApqzdzxtAeOvWokpBytGFp13U6Ypath5r8aqX3aechbkGH5Aueq
iYTQ3Ict69BP39P2am9hGYPgloEaoerCtohnQ8nIKLrjtUpv/Z7eX7Iqc/BkShwP
LPU/7sAbKDmKH7S2O9K/JMPI/wqO5Zwz+g7HJBoK2LFbPftmcOgZWHV/sBsyNSj9
yd8RvDQDs2ArBrGJaNPM57h/mTJMd3nMBahvakyPreiCUVVbwb3G0Xvf9ye8F8X8
N00oPLtUDHwm+/nkmIDa6hyz5YrcCQ9FMEDjR0eiR2KBB2ZT0XeeDlZ5XsdaRYbD
6Nqxr7L7ajyPmQ==
-----END CERTIFICATE-----