Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
File:                     oLNzv45HcndefI_F-9Mpze5Eoyw.mft (raw, json)
Hash identifier:          fNims/KJjZ7CouqbEDQgF0rajgZ6t1AbgxHy8Iig5Ok=
Subject key identifier:   2D:85:6F:B7:15:39:F3:33:2E:D1:28:36:9B:4D:BF:0A:11:3F:5A:97
Authority key identifier: A0:B3:73:BF:8E:47:72:77:5E:7C:8F:C5:FB:D3:29:CD:EE:44:A3:2C
Certificate issuer:       /CN=a0b373bf8e4772775e7c8fc5fbd329cdee44a32c
Certificate serial:       019A4DAAE60FBF829AC78B1F9C32E9AD3655
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 07:00:36 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:36 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:36 +0000
Files and hashes:         1: oLNzv45HcndefI_F-9Mpze5Eoyw.crl (hash: Xuwd3NCcHfgvTmlmyysJKAG08QD5fdCwNNWcuIaTjnY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:e6:0f:bf:82:9a:c7:8b:1f:9c:32:e9:ad:36:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0b373bf8e4772775e7c8fc5fbd329cdee44a32c
        Validity
            Not Before: Nov  4 07:00:36 2025 GMT
            Not After : Nov  5 07:00:36 2025 GMT
        Subject: CN=2d856fb71539f3332ed128369b4dbf0a113f5a97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:63:2d:58:b4:36:b6:a5:62:9f:8a:c4:ad:75:
                    1b:48:e8:5a:11:22:a0:3d:e0:0b:b2:34:87:7e:4f:
                    65:62:98:c1:0a:c7:86:eb:0c:8b:a9:03:04:6c:e1:
                    f0:42:ee:8e:9d:c4:9c:a1:71:84:3f:02:08:70:ee:
                    f6:ec:ed:2e:32:9f:f3:ef:c5:8a:bf:e7:de:83:c7:
                    54:f1:e7:04:0b:1e:1a:fb:5d:bc:d2:81:82:20:84:
                    fb:c0:da:83:44:d8:d8:1a:13:81:95:53:42:1c:ef:
                    f9:d7:f6:2a:e5:fd:e6:ca:14:90:73:58:5c:44:23:
                    9c:fb:fd:58:de:4b:69:b2:7f:c8:cf:1b:14:91:4a:
                    74:ae:ca:9e:5a:12:5e:fa:51:35:17:14:05:7e:1b:
                    51:af:57:23:87:37:79:fe:e4:5f:0a:0c:ab:18:f2:
                    7d:9e:1e:4d:30:c9:b9:35:94:6c:60:f7:1f:e1:5f:
                    0d:ce:ea:05:1b:5e:e9:61:61:11:cc:e5:af:c8:68:
                    72:e1:19:34:8d:75:12:66:d5:d5:0a:2c:6c:5a:fa:
                    78:2d:3b:eb:3e:b8:c9:32:18:81:12:6a:e5:de:98:
                    a1:74:81:8a:29:7a:cf:25:c2:e8:06:84:2a:43:22:
                    61:55:95:65:1f:9a:fa:f0:41:11:e0:19:a9:e4:d1:
                    40:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:85:6F:B7:15:39:F3:33:2E:D1:28:36:9B:4D:BF:0A:11:3F:5A:97
            X509v3 Authority Key Identifier:
                keyid:A0:B3:73:BF:8E:47:72:77:5E:7C:8F:C5:FB:D3:29:CD:EE:44:A3:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:c9:23:43:fb:3f:98:c9:45:44:a3:76:f8:6c:8e:13:aa:3b:
         db:7d:06:4e:7e:f5:e2:53:3b:21:4f:35:93:be:78:68:e4:be:
         20:bf:a1:c9:39:57:ca:b6:92:fd:c7:c8:77:26:3d:17:e9:e2:
         e6:f4:31:1a:b5:67:be:d4:49:1e:4c:32:87:a0:49:63:38:6a:
         6a:e8:6a:bf:e4:63:69:df:c6:0e:23:ad:4f:9a:cf:21:b6:8b:
         78:fe:b6:a9:60:cd:53:fd:e0:0f:d5:b9:d7:fb:fb:61:0f:54:
         63:48:ad:0d:45:fa:16:c8:71:76:ed:a8:aa:44:72:e8:aa:93:
         33:0b:ca:41:28:57:4e:35:f2:ab:72:1b:88:a4:43:7d:10:3c:
         2b:72:ed:64:0c:10:0c:09:0d:43:58:37:29:62:da:fa:fc:8e:
         d3:84:f1:56:74:cc:cf:17:35:e0:d5:6b:ce:53:f2:5b:f8:f2:
         2b:ff:be:49:e3:5e:c7:d8:98:77:db:91:24:e7:20:a5:92:aa:
         55:e1:34:93:c0:ce:45:cb:31:f3:f4:d1:bc:d6:90:ea:ef:f2:
         0d:43:6e:64:bd:8b:9b:ef:f9:04:63:9f:87:49:95:00:d1:90:
         6d:d1:f8:b3:d4:a3:87:d2:42:4c:09:9a:05:e0:62:28:43:0d:
         a5:4e:4f:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNquYPv4Kax4sfnDLprTZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYjM3M2JmOGU0NzcyNzc1ZTdjOGZjNWZiZDMyOWNkZWU0
NGEzMmMwHhcNMjUxMTA0MDcwMDM2WhcNMjUxMTA1MDcwMDM2WjAzMTEwLwYDVQQD
EygyZDg1NmZiNzE1MzlmMzMzMmVkMTI4MzY5YjRkYmYwYTExM2Y1YTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWMtWLQ2tqVin4rErXUbSOhaESKg
PeALsjSHfk9lYpjBCseG6wyLqQMEbOHwQu6OncScoXGEPwIIcO727O0uMp/z78WK
v+feg8dU8ecECx4a+1280oGCIIT7wNqDRNjYGhOBlVNCHO/51/Yq5f3myhSQc1hc
RCOc+/1Y3ktpsn/IzxsUkUp0rsqeWhJe+lE1FxQFfhtRr1cjhzd5/uRfCgyrGPJ9
nh5NMMm5NZRsYPcf4V8NzuoFG17pYWERzOWvyGhy4Rk0jXUSZtXVCixsWvp4LTvr
PrjJMhiBEmrl3pihdIGKKXrPJcLoBoQqQyJhVZVlH5r68EER4Bmp5NFA2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2Fb7cVOfMzLtEoNptNvwoRP1qXMB8GA1UdIwQY
MBaAFKCzc7+OR3J3XnyPxfvTKc3uRKMsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi80MDcyMTMtYjI2NC00ODUzLTkzNDMt
ZWU1NTg1YWUxM2I3LzEvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi80MDcyMTMtYjI2NC00ODUzLTkzNDMtZWU1NTg1YWUxM2I3
LzEvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUskjQ/s/
mMlFRKN2+GyOE6o7230GTn714lM7IU81k754aOS+IL+hyTlXyraS/cfIdyY9F+ni
5vQxGrVnvtRJHkwyh6BJYzhqauhqv+Rjad/GDiOtT5rPIbaLeP62qWDNU/3gD9W5
1/v7YQ9UY0itDUX6Fshxdu2oqkRy6KqTMwvKQShXTjXyq3IbiKRDfRA8K3LtZAwQ
DAkNQ1g3KWLa+vyO04TxVnTMzxc14NVrzlPyW/jyK/++SeNex9iYd9uRJOcgpZKq
VeE0k8DORcsx8/TRvNaQ6u/yDUNuZL2Lm+/5BGOfh0mVANGQbdH4s9Sjh9JCTAma
BeBiKEMNpU5Pxw==
-----END CERTIFICATE-----