Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
File:                     OneLgrqpeIoayvLsNothmB71HfI.mft (raw, json)
Hash identifier:          Cvc+sl+MDAVLl8DZwubVRPSvlQagL0xm449HYTJNpyo=
Subject key identifier:   AF:F9:41:C0:5B:A0:17:FB:26:F0:8F:4B:89:A5:02:8E:48:07:B4:8F
Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
Certificate issuer:       /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Certificate serial:       019A4F99121E442A768B850F9EF370B90847
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
Manifest number:          1713
Signing time:             Tue 04 Nov 2025 16:00:22 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:22 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:22 +0000
Files and hashes:         1: OneLgrqpeIoayvLsNothmB71HfI.crl (hash: fThNpgjQaU+tb1uQa/B/DApLIsI4TBQKJ8sp98INNGE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:99:12:1e:44:2a:76:8b:85:0f:9e:f3:70:b9:08:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
        Validity
            Not Before: Nov  4 16:00:22 2025 GMT
            Not After : Nov  5 16:00:22 2025 GMT
        Subject: CN=aff941c05ba017fb26f08f4b89a5028e4807b48f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:9d:68:00:87:79:d7:07:8d:3b:85:77:e9:22:
                    4d:14:a0:9f:8c:64:6f:69:38:65:fc:d6:c0:a2:1f:
                    37:26:eb:99:f3:06:77:37:f6:82:42:2f:e6:05:f2:
                    82:ec:cd:1f:71:87:5e:cc:aa:00:74:6a:df:f3:82:
                    83:6d:73:53:4e:b9:42:ae:4a:d4:92:81:0e:00:e1:
                    c8:eb:43:56:3d:7b:94:19:04:64:4a:a3:68:98:15:
                    4a:4f:48:8f:60:03:07:b2:04:ae:38:62:20:bb:49:
                    90:8a:70:ce:35:a0:62:55:56:f9:38:4f:a2:35:14:
                    a8:f9:8e:ce:d5:8b:5b:82:81:82:ce:84:1d:77:81:
                    a9:67:50:71:e3:75:6c:5d:79:a2:67:0b:58:21:c0:
                    3b:29:5b:b0:2a:56:cd:01:5b:20:3a:ce:c1:7f:44:
                    2a:ad:3e:0c:ee:d3:a7:39:e8:cc:e6:c5:70:fd:22:
                    40:c1:85:34:44:14:6c:cd:be:1e:b2:71:0f:61:cb:
                    c5:41:06:00:f8:b3:db:6a:75:d1:ae:6f:1a:36:a8:
                    20:9c:25:c6:e7:ab:1c:63:53:21:9d:2e:49:fd:df:
                    57:b5:fa:26:94:8d:8a:a1:e1:ae:12:26:c3:a0:e5:
                    99:4e:8a:01:c9:93:26:15:eb:37:7a:f3:57:fc:19:
                    40:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:F9:41:C0:5B:A0:17:FB:26:F0:8F:4B:89:A5:02:8E:48:07:B4:8F
            X509v3 Authority Key Identifier:
                keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:77:b5:13:b2:ca:47:10:64:b1:5d:91:de:0b:d8:60:15:eb:
         0e:db:a1:4b:05:04:a5:89:90:eb:1e:38:44:e5:b4:43:54:ec:
         3c:e2:07:6b:e4:d5:63:b3:4d:56:34:06:ca:d9:72:f2:e1:b4:
         cb:1c:56:49:bf:8a:9f:ed:0f:82:2e:58:aa:04:eb:74:1a:b3:
         7e:db:66:37:6f:49:f7:09:30:9c:67:8d:c2:01:f6:06:12:25:
         8c:ac:5d:ef:59:b5:fd:9a:65:7f:ff:bc:ff:97:c2:e5:ac:74:
         3b:ab:60:f6:e7:8f:53:33:f1:86:22:6e:2a:9b:56:1d:4b:4d:
         94:93:f1:ca:66:13:ed:6b:3b:a3:f8:b3:3a:fa:4a:da:42:ae:
         c4:d2:29:a8:c5:09:cf:85:37:71:9b:f7:9a:b2:8a:d8:a6:7c:
         1f:29:03:f8:aa:e0:fa:8a:81:14:d6:76:fd:4d:be:4c:e8:5c:
         74:17:57:a4:59:93:91:21:41:a0:ab:d4:9f:4c:3b:18:e4:02:
         45:c1:21:d5:17:85:11:7e:47:4b:6a:48:26:f3:39:71:7f:2e:
         a8:21:a0:0b:b3:7d:95:e2:5c:68:ac:60:be:de:cc:a7:82:2d:
         41:e5:da:d4:0c:bf:ae:31:a0:bc:f4:f2:eb:03:f1:06:c7:93:
         57:dd:ff:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmRIeRCp2i4UPnvNwuQhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm
NTFkZjIwHhcNMjUxMTA0MTYwMDIyWhcNMjUxMTA1MTYwMDIyWjAzMTEwLwYDVQQD
EyhhZmY5NDFjMDViYTAxN2ZiMjZmMDhmNGI4OWE1MDI4ZTQ4MDdiNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1J1oAId51weNO4V36SJNFKCfjGRv
aThl/NbAoh83JuuZ8wZ3N/aCQi/mBfKC7M0fcYdezKoAdGrf84KDbXNTTrlCrkrU
koEOAOHI60NWPXuUGQRkSqNomBVKT0iPYAMHsgSuOGIgu0mQinDONaBiVVb5OE+i
NRSo+Y7O1YtbgoGCzoQdd4GpZ1Bx43VsXXmiZwtYIcA7KVuwKlbNAVsgOs7Bf0Qq
rT4M7tOnOejM5sVw/SJAwYU0RBRszb4esnEPYcvFQQYA+LPbanXRrm8aNqggnCXG
56scY1MhnS5J/d9XtfomlI2KoeGuEibDoOWZTooByZMmFes3evNX/BlASQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/5QcBboBf7JvCPS4mlAo5IB7SPMB8GA1UdIwQY
MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct
MThkMzNiZWI3YzMxLzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx
LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAHe1E7LK
RxBksV2R3gvYYBXrDtuhSwUEpYmQ6x44ROW0Q1TsPOIHa+TVY7NNVjQGytly8uG0
yxxWSb+Kn+0Pgi5YqgTrdBqzfttmN29J9wkwnGeNwgH2BhIljKxd71m1/Zplf/+8
/5fC5ax0O6tg9uePUzPxhiJuKptWHUtNlJPxymYT7Ws7o/izOvpK2kKuxNIpqMUJ
z4U3cZv3mrKK2KZ8HykD+Krg+oqBFNZ2/U2+TOhcdBdXpFmTkSFBoKvUn0w7GOQC
RcEh1ReFEX5HS2pIJvM5cX8uqCGgC7N9leJcaKxgvt7Mp4ItQeXa1Ay/rjGgvPTy
6wPxBseTV93/dw==
-----END CERTIFICATE-----