Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
File:                     obtQVKF8yU__wrwpWhW_74qQQwo.mft (raw, json)
Hash identifier:          +o5JgYU96H9bozUuxRcdfGKYtCj8cJ2qSGf9DohlRmQ=
Subject key identifier:   3F:B6:48:D9:FF:90:EF:AA:8F:2B:23:E5:7B:75:E4:77:5F:0F:B1:F6
Authority key identifier: A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A
Certificate issuer:       /CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a
Certificate serial:       019A4DE1A69DA08CCEC62168D53D0D8B0169
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
Manifest number:          0721
Signing time:             Tue 04 Nov 2025 08:00:25 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:25 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:25 +0000
Files and hashes:         1: obtQVKF8yU__wrwpWhW_74qQQwo.crl (hash: uxt+1t3pj4Tex+i94/jP4r8FCr2yes96oS+X5GGFsMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:a6:9d:a0:8c:ce:c6:21:68:d5:3d:0d:8b:01:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a
        Validity
            Not Before: Nov  4 08:00:25 2025 GMT
            Not After : Nov  5 08:00:25 2025 GMT
        Subject: CN=3fb648d9ff90efaa8f2b23e57b75e4775f0fb1f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d2:99:39:11:59:66:83:93:77:d1:68:fa:6c:
                    fc:c0:40:a5:66:aa:56:f2:f6:6e:48:3d:27:42:02:
                    26:62:ab:5c:ce:8f:8d:90:74:1c:01:9e:99:e4:b6:
                    ec:e3:02:7d:91:4f:8a:25:bb:f4:c4:6c:44:b9:0e:
                    e2:82:6f:3e:37:45:b1:9d:dd:8f:37:96:64:eb:35:
                    19:d7:30:7a:7e:2e:7e:83:7c:38:4b:41:9e:01:7e:
                    9b:97:82:7d:54:a7:2f:a3:3b:ca:f0:f0:a6:79:db:
                    57:e3:36:36:53:4a:87:04:ea:a9:34:2e:a2:04:75:
                    a4:48:45:88:a1:a1:19:1e:4a:df:1c:35:0c:2f:a1:
                    70:32:ac:88:ab:97:1d:1b:de:1b:75:3c:0a:c3:34:
                    39:9f:0d:49:2a:59:11:1f:17:04:93:8b:ed:3b:bd:
                    6b:7e:7a:60:82:51:0a:19:33:66:2e:93:e3:7c:7f:
                    30:df:fd:04:bb:51:e2:57:70:4f:c7:9b:c9:15:b7:
                    e1:0e:97:b8:ab:73:58:4b:2a:32:d9:a7:14:03:85:
                    cd:16:fe:04:71:a7:a5:56:0b:07:93:bc:80:6e:bb:
                    91:5a:ec:9e:a1:1d:4d:f7:ca:27:67:cd:f0:25:10:
                    db:47:12:5f:6d:09:f5:54:f2:7d:3a:67:19:ef:c8:
                    0f:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:B6:48:D9:FF:90:EF:AA:8F:2B:23:E5:7B:75:E4:77:5F:0F:B1:F6
            X509v3 Authority Key Identifier:
                keyid:A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:b1:a7:50:0c:58:33:ad:6d:72:f5:f8:74:e5:76:52:28:4b:
         c2:e4:4b:6f:d3:35:3b:91:c5:1e:cd:41:df:78:1f:17:56:fa:
         3f:0b:27:f0:61:dd:e0:5d:de:8a:3e:b7:28:ac:33:5a:9e:4c:
         2d:58:36:95:59:72:7d:10:ef:9e:ce:95:13:b5:ef:e7:4e:9b:
         6c:d8:cf:ff:dc:e3:56:18:70:6b:9c:ae:e5:00:ed:33:9b:25:
         90:50:45:68:2a:a9:a1:33:64:fe:ca:a1:32:3f:e9:76:e8:df:
         12:2e:39:67:1b:0f:e3:e5:ef:b0:4a:c3:0f:dd:c0:16:f9:4e:
         98:c6:ae:7d:ff:c5:3a:40:b5:13:4a:98:64:9c:f2:3e:35:f6:
         d5:54:b8:f4:e0:55:33:e2:ec:0b:b7:5d:94:52:f5:f8:68:b4:
         05:23:80:a7:89:ac:05:c2:2d:c0:96:cb:f0:34:0a:76:0d:5e:
         63:60:76:a3:b0:e2:a8:94:34:40:c2:d7:ea:7b:b3:cb:0e:74:
         8d:22:11:6d:62:38:41:03:58:77:2a:d2:a6:e6:d5:2d:12:18:
         30:ca:a7:26:c0:1f:fb:e9:43:10:e8:da:a3:5c:59:fe:58:aa:
         75:0d:b1:52:41:93:e4:83:7c:b8:47:02:ef:29:14:a9:26:b4:
         31:2a:ef:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4aadoIzOxiFo1T0NiwFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYmI1MDU0YTE3Y2M5NGZmZmMyYmMyOTVhMTViZmVmOGE5
MDQzMGEwHhcNMjUxMTA0MDgwMDI1WhcNMjUxMTA1MDgwMDI1WjAzMTEwLwYDVQQD
EygzZmI2NDhkOWZmOTBlZmFhOGYyYjIzZTU3Yjc1ZTQ3NzVmMGZiMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9KZORFZZoOTd9Fo+mz8wEClZqpW
8vZuSD0nQgImYqtczo+NkHQcAZ6Z5Lbs4wJ9kU+KJbv0xGxEuQ7igm8+N0Wxnd2P
N5Zk6zUZ1zB6fi5+g3w4S0GeAX6bl4J9VKcvozvK8PCmedtX4zY2U0qHBOqpNC6i
BHWkSEWIoaEZHkrfHDUML6FwMqyIq5cdG94bdTwKwzQ5nw1JKlkRHxcEk4vtO71r
fnpgglEKGTNmLpPjfH8w3/0Eu1HiV3BPx5vJFbfhDpe4q3NYSyoy2acUA4XNFv4E
caelVgsHk7yAbruRWuyeoR1N98onZ83wJRDbRxJfbQn1VPJ9OmcZ78gPuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+2SNn/kO+qjysj5Xt15HdfD7H2MB8GA1UdIwQY
MBaAFKG7UFShfMlP/8K8KVoVv++KkEMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgt
NzIyNTVkMjQ5YzVkLzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgtNzIyNTVkMjQ5YzVk
LzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmbGnUAxY
M61tcvX4dOV2UihLwuRLb9M1O5HFHs1B33gfF1b6Pwsn8GHd4F3eij63KKwzWp5M
LVg2lVlyfRDvns6VE7Xv506bbNjP/9zjVhhwa5yu5QDtM5slkFBFaCqpoTNk/sqh
Mj/pdujfEi45ZxsP4+XvsErDD93AFvlOmMauff/FOkC1E0qYZJzyPjX21VS49OBV
M+LsC7ddlFL1+Gi0BSOAp4msBcItwJbL8DQKdg1eY2B2o7DiqJQ0QMLX6nuzyw50
jSIRbWI4QQNYdyrSpubVLRIYMMqnJsAf++lDEOjao1xZ/liqdQ2xUkGT5IN8uEcC
7ykUqSa0MSrvhA==
-----END CERTIFICATE-----