Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/779139-5751-47fc-96ad-f0170754854a/1/Of-PwW6S-8wHnYDWvj197fHQZo8.mft
File:                     Of-PwW6S-8wHnYDWvj197fHQZo8.mft (raw, json)
Hash identifier:          Qh/oNtyFutKMLoLUH0xEpxVMkcpDpZNn+F6svMfFZ8E=
Subject key identifier:   DF:59:6A:83:05:0A:FB:68:F6:62:A4:81:BC:E6:47:7F:E1:8E:B6:CE
Authority key identifier: 39:FF:8F:C1:6E:92:FB:CC:07:9D:80:D6:BE:3D:7D:ED:F1:D0:66:8F
Certificate issuer:       /CN=39ff8fc16e92fbcc079d80d6be3d7dedf1d0668f
Certificate serial:       019A4D05EFC71773DEE3DB8AD684B8CA55AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Of-PwW6S-8wHnYDWvj197fHQZo8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/779139-5751-47fc-96ad-f0170754854a/1/Of-PwW6S-8wHnYDWvj197fHQZo8.mft
Manifest number:          0B84
Signing time:             Tue 04 Nov 2025 04:00:25 +0000
Manifest this update:     Tue 04 Nov 2025 04:00:25 +0000
Manifest next update:     Wed 05 Nov 2025 04:00:25 +0000
Files and hashes:         1: Of-PwW6S-8wHnYDWvj197fHQZo8.crl (hash: SSk0uRRLPkfjR+nZXJlKBPd3x6aPCgMacPtho2vDg5Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/779139-5751-47fc-96ad-f0170754854a/1/Of-PwW6S-8wHnYDWvj197fHQZo8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/779139-5751-47fc-96ad-f0170754854a/1/Of-PwW6S-8wHnYDWvj197fHQZo8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Of-PwW6S-8wHnYDWvj197fHQZo8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:05:ef:c7:17:73:de:e3:db:8a:d6:84:b8:ca:55:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39ff8fc16e92fbcc079d80d6be3d7dedf1d0668f
        Validity
            Not Before: Nov  4 04:00:25 2025 GMT
            Not After : Nov  5 04:00:25 2025 GMT
        Subject: CN=df596a83050afb68f662a481bce6477fe18eb6ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d2:20:cf:b3:f4:79:c9:6c:38:d7:93:9b:a5:
                    64:fa:50:54:e3:a0:10:b2:fb:cb:e2:fe:7d:e6:eb:
                    e3:ff:e6:7a:99:ae:25:a2:e3:ac:e4:c6:d3:33:9b:
                    ab:7b:b6:7f:90:69:1e:23:a0:fe:b4:39:2e:99:a0:
                    11:76:d5:2a:c8:42:c3:a2:51:31:2c:23:4d:ad:57:
                    ed:8e:b2:67:33:98:1e:d9:25:fe:3a:b0:6a:dd:a5:
                    b3:66:5e:2e:c2:ff:87:63:46:3b:26:5b:e1:38:01:
                    7a:1b:d2:65:7e:04:ee:32:8e:a1:5c:ff:28:30:42:
                    8e:74:a4:1b:13:0c:e0:1d:72:0c:6c:f2:3c:55:12:
                    b9:b4:b6:14:dc:e3:c1:77:2f:a4:5e:11:7c:4e:07:
                    60:98:72:8e:a2:cb:29:1d:e5:86:e7:67:e1:83:61:
                    b1:71:c7:11:a9:18:4f:20:c1:9b:5e:51:4c:a1:c0:
                    cf:96:20:83:55:52:5d:eb:d2:99:fa:80:05:e3:a5:
                    23:84:f2:34:cc:02:92:7d:cd:8e:f3:13:f6:00:e7:
                    e2:74:75:2a:1d:76:08:66:70:5d:1d:c0:b7:20:2c:
                    9d:a8:32:a7:25:4d:af:a3:b7:ac:e7:fb:4a:63:8f:
                    9a:95:03:e5:4b:70:de:ca:68:14:66:fa:f4:d6:64:
                    e5:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:59:6A:83:05:0A:FB:68:F6:62:A4:81:BC:E6:47:7F:E1:8E:B6:CE
            X509v3 Authority Key Identifier:
                keyid:39:FF:8F:C1:6E:92:FB:CC:07:9D:80:D6:BE:3D:7D:ED:F1:D0:66:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Of-PwW6S-8wHnYDWvj197fHQZo8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/779139-5751-47fc-96ad-f0170754854a/1/Of-PwW6S-8wHnYDWvj197fHQZo8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/779139-5751-47fc-96ad-f0170754854a/1/Of-PwW6S-8wHnYDWvj197fHQZo8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:13:0f:bd:82:6e:f0:01:85:d6:0a:7d:06:5e:0e:ba:cb:7f:
         db:d1:16:23:4f:e9:19:66:4e:43:d4:ac:ac:d1:c7:e9:f2:49:
         1b:33:d7:9e:ed:48:f8:ec:c7:f5:d6:38:ac:a5:36:3f:1f:4d:
         61:b4:53:ce:6e:26:b9:0c:f4:ff:4f:eb:27:46:53:f7:4f:8e:
         10:78:3f:4a:77:b5:c0:bb:a2:6b:60:22:54:a5:16:e7:dc:4f:
         1f:d8:0a:f2:a8:c9:33:05:4e:55:dc:e7:2c:99:87:8f:32:24:
         ab:b1:1a:8b:41:ac:c2:9e:a5:e0:5f:7a:b2:17:ae:49:27:57:
         e7:8d:f9:23:d0:38:39:ee:08:87:00:53:72:6e:f2:7a:e3:fe:
         2d:4a:4f:28:fc:ea:a0:9f:fd:00:aa:9c:2c:58:aa:a7:1b:88:
         94:fc:60:d5:d6:2f:f3:44:49:2b:8f:9d:01:4e:f9:31:e3:bb:
         08:5e:de:3e:39:57:c9:f3:18:47:77:19:45:18:f0:5e:b9:8f:
         d2:e4:b1:bf:4a:c3:c8:bf:41:67:9f:56:b8:50:02:3a:42:f2:
         4a:c7:47:64:67:e4:85:d2:52:77:53:92:d1:42:b8:7e:12:17:
         a6:b5:07:17:f8:db:25:8b:6b:da:dc:56:7b:06:a6:d2:27:b3:
         16:39:78:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBe/HF3Pe49uK1oS4ylWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZmY4ZmMxNmU5MmZiY2MwNzlkODBkNmJlM2Q3ZGVkZjFk
MDY2OGYwHhcNMjUxMTA0MDQwMDI1WhcNMjUxMTA1MDQwMDI1WjAzMTEwLwYDVQQD
EyhkZjU5NmE4MzA1MGFmYjY4ZjY2MmE0ODFiY2U2NDc3ZmUxOGViNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdIgz7P0eclsONeTm6Vk+lBU46AQ
svvL4v595uvj/+Z6ma4louOs5MbTM5ure7Z/kGkeI6D+tDkumaARdtUqyELDolEx
LCNNrVftjrJnM5ge2SX+OrBq3aWzZl4uwv+HY0Y7JlvhOAF6G9JlfgTuMo6hXP8o
MEKOdKQbEwzgHXIMbPI8VRK5tLYU3OPBdy+kXhF8TgdgmHKOosspHeWG52fhg2Gx
cccRqRhPIMGbXlFMocDPliCDVVJd69KZ+oAF46UjhPI0zAKSfc2O8xP2AOfidHUq
HXYIZnBdHcC3ICydqDKnJU2vo7es5/tKY4+alQPlS3DeymgUZvr01mTl2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9ZaoMFCvto9mKkgbzmR3/hjrbOMB8GA1UdIwQY
MBaAFDn/j8FukvvMB52A1r49fe3x0GaPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2YtUHdXNlMtOHdIbllEV3ZqMTk3ZkhRWm84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC83NzkxMzktNTc1MS00N2ZjLTk2YWQt
ZjAxNzA3NTQ4NTRhLzEvT2YtUHdXNlMtOHdIbllEV3ZqMTk3ZkhRWm84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC83NzkxMzktNTc1MS00N2ZjLTk2YWQtZjAxNzA3NTQ4NTRh
LzEvT2YtUHdXNlMtOHdIbllEV3ZqMTk3ZkhRWm84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYxMPvYJu
8AGF1gp9Bl4Oust/29EWI0/pGWZOQ9SsrNHH6fJJGzPXnu1I+OzH9dY4rKU2Px9N
YbRTzm4muQz0/0/rJ0ZT90+OEHg/Sne1wLuia2AiVKUW59xPH9gK8qjJMwVOVdzn
LJmHjzIkq7Eai0Gswp6l4F96sheuSSdX5435I9A4Oe4IhwBTcm7yeuP+LUpPKPzq
oJ/9AKqcLFiqpxuIlPxg1dYv80RJK4+dAU75MeO7CF7ePjlXyfMYR3cZRRjwXrmP
0uSxv0rDyL9BZ59WuFACOkLySsdHZGfkhdJSd1OS0UK4fhIXprUHF/jbJYtr2txW
ewam0iezFjl46w==
-----END CERTIFICATE-----