Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
File:                     O1HtwFDk-YX73VeMzgKtyIDGyKc.mft (raw, json)
Hash identifier:          vUdVz7+4H205fRZAdfkljsbHIBXfDdkRodM1MlvYdrM=
Subject key identifier:   FE:7A:7B:33:AD:73:1E:BC:28:DA:7A:B2:D7:29:A6:E3:0C:B8:75:22
Authority key identifier: 3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7
Certificate issuer:       /CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
Certificate serial:       019A52D249C98658F8C7A71F060800D6A1B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
Manifest number:          0E69
Signing time:             Wed 05 Nov 2025 07:01:44 +0000
Manifest this update:     Wed 05 Nov 2025 07:01:44 +0000
Manifest next update:     Thu 06 Nov 2025 07:01:44 +0000
Files and hashes:         1: O1HtwFDk-YX73VeMzgKtyIDGyKc.crl (hash: 9qxIq0ojYdd0lJnaGCXqRgxuWVH0G09qEtFwOihxxp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d2:49:c9:86:58:f8:c7:a7:1f:06:08:00:d6:a1:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
        Validity
            Not Before: Nov  5 07:01:44 2025 GMT
            Not After : Nov  6 07:01:44 2025 GMT
        Subject: CN=fe7a7b33ad731ebc28da7ab2d729a6e30cb87522
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:78:45:57:12:94:7f:54:e6:e8:e2:38:64:2d:
                    bd:22:7e:44:8b:b8:9e:5d:54:a7:5d:b4:c6:f2:86:
                    49:d1:d7:e4:71:dd:9f:9c:2c:7f:25:b0:3e:c5:61:
                    03:36:92:51:75:73:eb:27:90:15:1f:53:68:6e:81:
                    84:c9:7e:5e:95:ae:bf:e8:d3:f5:c4:23:0e:4b:e9:
                    22:c2:bb:ee:f2:17:d0:72:a5:91:41:23:d1:e2:bc:
                    e0:a0:f6:11:7a:04:6e:66:b4:f3:0b:dc:63:5e:84:
                    f9:84:8b:c8:62:82:8f:5e:aa:10:7b:fb:0b:61:a2:
                    ea:e0:e2:72:ad:d8:83:c8:f8:0b:d2:8b:26:23:3f:
                    46:a7:f0:5f:5e:05:2e:ae:02:6d:01:98:91:c4:10:
                    3b:22:dc:95:06:53:90:22:94:08:0c:13:13:cf:9c:
                    d7:7d:1b:3f:79:16:53:86:e8:c3:01:66:9a:2e:30:
                    ed:e7:5a:59:3b:72:ae:60:21:b7:c5:fe:c7:60:2c:
                    92:0c:a4:d1:2e:19:f6:ea:bc:da:69:e6:f2:98:e8:
                    ae:aa:37:33:64:5f:3a:3e:f2:a6:43:4e:c2:a1:cc:
                    61:d3:b5:c7:56:b4:61:95:ed:98:94:60:95:ab:0d:
                    27:ba:60:02:d0:ff:8c:50:1c:0e:e1:d1:fb:84:c7:
                    f2:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:7A:7B:33:AD:73:1E:BC:28:DA:7A:B2:D7:29:A6:E3:0C:B8:75:22
            X509v3 Authority Key Identifier:
                keyid:3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:7f:e0:f1:74:79:4e:a7:94:11:27:f6:e5:25:ba:68:11:5a:
         48:9f:c8:bf:70:0a:50:29:e8:6c:3f:84:5d:a4:3f:6f:e5:85:
         b0:96:17:5a:47:2d:b6:90:93:da:fc:e1:53:66:56:c4:11:c3:
         37:25:ed:92:41:4d:5a:8f:fe:93:b9:00:a6:b0:b1:1a:f3:f6:
         15:06:07:0c:cc:c1:f5:28:a8:9e:65:80:be:61:a3:66:e2:9a:
         e7:0a:8e:d9:e3:57:b5:aa:f8:2b:2b:bc:c8:7a:f5:ec:a7:59:
         03:5e:ae:cf:e0:7f:8e:2a:4d:4b:77:76:61:34:9a:6e:df:ef:
         9c:ef:e4:fb:4e:eb:ec:50:97:d0:8c:23:13:ef:37:80:12:a5:
         ca:80:8c:19:51:a2:58:fa:0b:a6:b6:c1:e0:17:34:fa:01:44:
         29:17:82:c3:56:39:42:e2:a8:5f:ba:d5:58:57:d3:b1:02:c8:
         35:ff:97:48:f3:78:83:66:54:47:3c:d8:fb:21:63:7e:d3:d9:
         af:88:d2:03:37:b9:b6:7a:59:d0:17:ff:a2:96:7a:ae:d6:ff:
         5e:6b:ed:2c:0b:24:82:1d:27:bf:16:8f:79:4d:85:10:a3:88:
         94:46:45:c8:7d:5f:7b:77:64:15:d8:4f:dc:c2:f4:55:6f:00:
         90:24:05:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0knJhlj4x6cfBggA1qG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTFlZGMwNTBlNGY5ODVmYmRkNTc4Y2NlMDJhZGM4ODBj
NmM4YTcwHhcNMjUxMTA1MDcwMTQ0WhcNMjUxMTA2MDcwMTQ0WjAzMTEwLwYDVQQD
EyhmZTdhN2IzM2FkNzMxZWJjMjhkYTdhYjJkNzI5YTZlMzBjYjg3NTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnhFVxKUf1Tm6OI4ZC29In5Ei7ie
XVSnXbTG8oZJ0dfkcd2fnCx/JbA+xWEDNpJRdXPrJ5AVH1NoboGEyX5ela6/6NP1
xCMOS+kiwrvu8hfQcqWRQSPR4rzgoPYRegRuZrTzC9xjXoT5hIvIYoKPXqoQe/sL
YaLq4OJyrdiDyPgL0osmIz9Gp/BfXgUurgJtAZiRxBA7ItyVBlOQIpQIDBMTz5zX
fRs/eRZThujDAWaaLjDt51pZO3KuYCG3xf7HYCySDKTRLhn26rzaaebymOiuqjcz
ZF86PvKmQ07Cocxh07XHVrRhle2YlGCVqw0numAC0P+MUBwO4dH7hMfyGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP56ezOtcx68KNp6stcppuMMuHUiMB8GA1UdIwQY
MBaAFDtR7cBQ5PmF+91XjM4CrciAxsinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgt
YmNjYTYxZTM5Y2MzLzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgtYmNjYTYxZTM5Y2Mz
LzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnX/g8XR5
TqeUESf25SW6aBFaSJ/Iv3AKUCnobD+EXaQ/b+WFsJYXWkcttpCT2vzhU2ZWxBHD
NyXtkkFNWo/+k7kAprCxGvP2FQYHDMzB9SionmWAvmGjZuKa5wqO2eNXtar4Kyu8
yHr17KdZA16uz+B/jipNS3d2YTSabt/vnO/k+07r7FCX0IwjE+83gBKlyoCMGVGi
WPoLprbB4Bc0+gFEKReCw1Y5QuKoX7rVWFfTsQLINf+XSPN4g2ZURzzY+yFjftPZ
r4jSAze5tnpZ0Bf/opZ6rtb/XmvtLAskgh0nvxaPeU2FEKOIlEZFyH1fe3dkFdhP
3ML0VW8AkCQFqQ==
-----END CERTIFICATE-----