Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          KmLVymZlzpolr4qjbSembz93it18IWStdUMhJnD50ok=
Subject key identifier:   22:9C:24:0E:F1:CC:4E:CF:10:31:C3:6B:FC:D9:87:96:5E:D1:41:4A
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       019A7293FB01C84EA8DA43024239AF60AF91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          061C
Signing time:             Tue 11 Nov 2025 11:01:31 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:31 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:31 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: juCNm5nskLbIT64rGnnLrM55QgEah8WqfZSWgo+Kle0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:fb:01:c8:4e:a8:da:43:02:42:39:af:60:af:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Nov 11 11:01:31 2025 GMT
            Not After : Nov 12 11:01:31 2025 GMT
        Subject: CN=229c240ef1cc4ecf1031c36bfcd987965ed1414a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:57:9e:b5:4b:de:5c:0e:0b:83:50:4e:cf:fb:
                    67:b9:67:60:9c:40:77:85:20:d2:d2:f1:c4:dd:07:
                    e5:00:e0:2f:78:4f:da:a5:3a:8e:5e:28:c6:32:eb:
                    0e:47:87:31:30:85:39:88:cd:2a:24:08:d2:da:8d:
                    68:44:28:bb:93:50:0a:dc:4c:f9:81:d3:d4:60:7f:
                    84:3c:16:88:a6:06:ea:67:41:e9:e9:12:3c:e1:a1:
                    c9:e2:d2:0f:1a:dc:e2:56:ef:dc:20:6c:a4:a1:5a:
                    c6:9b:b5:50:3f:68:60:ec:be:19:d3:eb:28:df:9a:
                    8c:60:12:7b:b3:0a:c3:d1:d6:32:2d:82:58:23:bb:
                    fa:19:3e:e5:7d:00:ee:cc:9a:a5:95:96:72:d9:d2:
                    7a:58:75:4b:33:55:de:15:80:ff:c1:29:26:55:24:
                    74:58:73:95:08:97:29:cc:57:13:7a:a1:fb:6c:2f:
                    55:2b:62:2a:9d:ad:c3:0c:8c:47:16:6e:81:87:8b:
                    ce:1d:21:54:2a:55:1d:31:5d:65:ba:2c:23:4b:9e:
                    9e:a0:03:af:88:b2:d2:67:b4:0a:b3:30:61:df:65:
                    2e:19:5d:53:d7:a0:36:9a:ad:5a:19:4a:51:54:f1:
                    35:ee:e3:4e:20:53:77:8d:40:f5:36:2f:f3:7e:04:
                    ca:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:9C:24:0E:F1:CC:4E:CF:10:31:C3:6B:FC:D9:87:96:5E:D1:41:4A
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:b7:5f:47:e4:3c:eb:01:69:19:df:30:16:b4:77:5e:39:92:
         d8:dc:68:77:f5:62:78:0f:c4:e8:57:8f:84:ee:c4:60:09:4f:
         39:a7:76:da:ee:13:02:af:a3:b7:00:be:50:63:bc:70:3d:27:
         c8:27:fc:c1:a8:75:6b:29:60:9c:46:f3:80:08:e0:ae:41:70:
         47:ec:ed:99:2b:21:45:4e:f5:87:89:64:a9:99:ad:39:1d:86:
         cd:11:aa:eb:a8:25:a8:51:da:45:ba:ff:72:49:c2:68:53:41:
         5b:db:5e:b4:13:78:fa:69:db:cd:33:57:17:48:e4:2e:d9:95:
         fd:e0:c5:17:23:87:c1:a5:88:4c:75:f8:49:3d:ba:97:00:cb:
         e7:06:bf:ea:53:f8:cf:eb:48:cd:19:77:6b:96:05:ea:a2:ef:
         84:fe:a0:ab:6b:ad:90:66:e3:62:f0:a1:58:2f:21:cd:81:2f:
         6c:7b:68:ca:8b:74:84:c1:6b:4e:a0:e1:dd:ea:d6:54:bd:aa:
         08:57:97:03:b9:d5:96:df:66:23:48:42:73:28:91:0d:c1:f6:
         85:72:8e:8d:c5:cf:8e:3c:73:0f:d4:d3:ca:1f:b8:bb:95:0e:
         0d:89:29:a0:f6:06:d0:6a:17:03:28:92:80:ea:31:3e:e9:93:
         d3:dc:4c:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk/sByE6o2kMCQjmvYK+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUxMTExMTEwMTMxWhcNMjUxMTEyMTEwMTMxWjAzMTEwLwYDVQQD
EygyMjljMjQwZWYxY2M0ZWNmMTAzMWMzNmJmY2Q5ODc5NjVlZDE0MTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFeetUveXA4Lg1BOz/tnuWdgnEB3
hSDS0vHE3QflAOAveE/apTqOXijGMusOR4cxMIU5iM0qJAjS2o1oRCi7k1AK3Ez5
gdPUYH+EPBaIpgbqZ0Hp6RI84aHJ4tIPGtziVu/cIGykoVrGm7VQP2hg7L4Z0+so
35qMYBJ7swrD0dYyLYJYI7v6GT7lfQDuzJqllZZy2dJ6WHVLM1XeFYD/wSkmVSR0
WHOVCJcpzFcTeqH7bC9VK2Iqna3DDIxHFm6Bh4vOHSFUKlUdMV1luiwjS56eoAOv
iLLSZ7QKszBh32UuGV1T16A2mq1aGUpRVPE17uNOIFN3jUD1Ni/zfgTKawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKcJA7xzE7PEDHDa/zZh5Ze0UFKMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZbdfR+Q8
6wFpGd8wFrR3XjmS2Nxod/VieA/E6FePhO7EYAlPOad22u4TAq+jtwC+UGO8cD0n
yCf8wah1aylgnEbzgAjgrkFwR+ztmSshRU71h4lkqZmtOR2GzRGq66glqFHaRbr/
cknCaFNBW9tetBN4+mnbzTNXF0jkLtmV/eDFFyOHwaWITHX4ST26lwDL5wa/6lP4
z+tIzRl3a5YF6qLvhP6gq2utkGbjYvChWC8hzYEvbHtoyot0hMFrTqDh3erWVL2q
CFeXA7nVlt9mI0hCcyiRDcH2hXKOjcXPjjxzD9TTyh+4u5UODYkpoPYG0GoXAyiS
gOoxPumT09xMJA==
-----END CERTIFICATE-----