Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
File:                     owVfB71HqGR4w79HOSVzrNU9Y24.mft (raw, json)
Hash identifier:          m8ZVlb3jA+nBi4MtTiqb9iaqxQOJxgXNY1oqdzurFwg=
Subject key identifier:   30:E5:4B:83:D9:0D:AD:B9:CB:3D:31:6F:4A:06:E2:1D:26:23:B5:76
Authority key identifier: A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E
Certificate issuer:       /CN=a3055f07bd47a86478c3bf47392573acd53d636e
Certificate serial:       019A4F62BE82519BF5AC91DDE1D3D57BAE89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 15:01:02 +0000
Manifest this update:     Tue 04 Nov 2025 15:01:02 +0000
Manifest next update:     Wed 05 Nov 2025 15:01:02 +0000
Files and hashes:         1: owVfB71HqGR4w79HOSVzrNU9Y24.crl (hash: Xe9BscbPJ3eaEOmHogOfn94htFFmshu4oqYQhR761Rg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:be:82:51:9b:f5:ac:91:dd:e1:d3:d5:7b:ae:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3055f07bd47a86478c3bf47392573acd53d636e
        Validity
            Not Before: Nov  4 15:01:02 2025 GMT
            Not After : Nov  5 15:01:02 2025 GMT
        Subject: CN=30e54b83d90dadb9cb3d316f4a06e21d2623b576
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:96:d8:b8:a1:63:14:c2:f1:8d:d1:a2:ce:7c:
                    77:43:08:73:8e:b0:e2:ed:64:1d:8b:0b:e2:f0:03:
                    63:3e:2d:cd:35:ac:6a:dd:af:20:b6:30:c5:05:14:
                    5c:97:09:87:e9:40:22:f8:21:44:3d:86:ba:57:9c:
                    56:81:a1:db:c0:bb:d9:c8:45:b3:37:dd:e3:05:a2:
                    81:ae:3c:bd:43:63:8f:0d:50:70:cc:15:8b:ba:a6:
                    73:24:65:f2:18:5d:66:a6:70:12:7f:36:7b:ff:16:
                    83:3f:df:04:cb:d6:ca:03:53:9f:28:3b:d1:d7:b8:
                    18:81:92:6e:f4:07:82:2e:84:1f:aa:2b:32:0e:73:
                    a4:c6:9c:6a:49:d6:8a:c1:e8:7e:eb:34:59:0c:fa:
                    07:ae:02:40:ce:49:ac:a3:7c:9b:c4:1d:1c:f9:a2:
                    86:2f:8b:6f:95:40:32:f1:ee:ac:b0:84:a3:b6:b2:
                    eb:32:79:9e:af:3d:62:75:6f:bc:07:ef:c9:b3:75:
                    32:71:3d:6c:49:ae:1b:8b:40:94:db:35:64:99:b5:
                    fc:7e:c7:01:44:b8:d6:e0:5b:7e:ba:82:90:d7:16:
                    57:2d:74:53:ca:27:c3:1c:3a:5b:56:cb:7d:49:6d:
                    d7:93:1c:2a:cb:c4:a8:9f:0f:82:c2:19:46:03:79:
                    4f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:E5:4B:83:D9:0D:AD:B9:CB:3D:31:6F:4A:06:E2:1D:26:23:B5:76
            X509v3 Authority Key Identifier:
                keyid:A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:65:51:74:a4:3a:62:5b:b1:43:9c:16:b3:32:db:e5:38:05:
         81:f3:2e:9c:a9:5c:b3:83:82:77:96:c1:ad:0d:bf:bb:c8:61:
         e2:f5:df:42:58:b6:f5:62:4e:e7:f4:7a:48:2e:6e:28:34:53:
         dd:47:a4:1d:f7:8e:ca:56:0f:35:8e:7e:54:03:d6:8c:cd:f9:
         da:d5:35:29:1b:66:98:9d:06:44:0b:3f:8a:65:55:ef:7a:4f:
         48:4c:d4:de:44:84:6e:87:ee:89:16:02:67:79:86:cd:96:a7:
         53:e7:0e:7a:21:e1:6c:61:bc:93:57:4f:ee:2a:83:c6:41:ad:
         90:77:a2:c9:b8:6a:1f:4d:fe:0a:c7:11:d6:6e:fe:61:08:1a:
         d7:1d:26:5c:6f:13:22:d7:13:a1:c5:e9:ac:c0:2f:88:24:4b:
         4a:25:11:d3:da:7f:5b:fb:f8:e6:48:28:aa:7c:aa:6f:2e:53:
         27:b1:3f:71:01:f2:9a:44:d0:3a:fa:c7:4c:11:1d:52:f0:b3:
         c8:ab:9a:e0:49:d6:ab:29:79:21:b1:4f:a6:ef:14:b6:72:dc:
         66:60:be:ef:6b:64:91:2d:9c:4e:b3:92:19:d2:d1:97:ee:07:
         26:05:5c:bd:3a:0b:3b:de:4f:b0:03:a9:41:b8:c7:f0:b7:eb:
         80:5b:58:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYr6CUZv1rJHd4dPVe66JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDU1ZjA3YmQ0N2E4NjQ3OGMzYmY0NzM5MjU3M2FjZDUz
ZDYzNmUwHhcNMjUxMTA0MTUwMTAyWhcNMjUxMTA1MTUwMTAyWjAzMTEwLwYDVQQD
EygzMGU1NGI4M2Q5MGRhZGI5Y2IzZDMxNmY0YTA2ZTIxZDI2MjNiNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJbYuKFjFMLxjdGiznx3QwhzjrDi
7WQdiwvi8ANjPi3NNaxq3a8gtjDFBRRclwmH6UAi+CFEPYa6V5xWgaHbwLvZyEWz
N93jBaKBrjy9Q2OPDVBwzBWLuqZzJGXyGF1mpnASfzZ7/xaDP98Ey9bKA1OfKDvR
17gYgZJu9AeCLoQfqisyDnOkxpxqSdaKweh+6zRZDPoHrgJAzkmso3ybxB0c+aKG
L4tvlUAy8e6ssISjtrLrMnmerz1idW+8B+/Js3UycT1sSa4bi0CU2zVkmbX8fscB
RLjW4Ft+uoKQ1xZXLXRTyifDHDpbVst9SW3Xkxwqy8Sonw+CwhlGA3lPtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDDlS4PZDa25yz0xb0oG4h0mI7V2MB8GA1UdIwQY
MBaAFKMFXwe9R6hkeMO/Rzklc6zVPWNuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUt
YTNhYWQxMTc4Y2Q0LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUtYTNhYWQxMTc4Y2Q0
LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWWVRdKQ6
YluxQ5wWszLb5TgFgfMunKlcs4OCd5bBrQ2/u8hh4vXfQli29WJO5/R6SC5uKDRT
3UekHfeOylYPNY5+VAPWjM352tU1KRtmmJ0GRAs/imVV73pPSEzU3kSEbofuiRYC
Z3mGzZanU+cOeiHhbGG8k1dP7iqDxkGtkHeiybhqH03+CscR1m7+YQga1x0mXG8T
ItcTocXprMAviCRLSiUR09p/W/v45kgoqnyqby5TJ7E/cQHymkTQOvrHTBEdUvCz
yKua4EnWqyl5IbFPpu8UtnLcZmC+72tkkS2cTrOSGdLRl+4HJgVcvToLO95PsAOp
QbjH8LfrgFtYlQ==
-----END CERTIFICATE-----