Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft
File:                     oOWh7YHyM49feJpE6u2w7uP3EJ4.mft (raw, json)
Hash identifier:          CVlJuTo7qdmRvvSEDTk6spS5V+K1zPKcSuHjfxxBf6k=
Subject key identifier:   E9:C7:DB:29:C5:8B:07:AB:E3:95:0F:C1:F8:07:72:33:5F:67:43:55
Authority key identifier: A0:E5:A1:ED:81:F2:33:8F:5F:78:9A:44:EA:ED:B0:EE:E3:F7:10:9E
Certificate issuer:       /CN=a0e5a1ed81f2338f5f789a44eaedb0eee3f7109e
Certificate serial:       019A70DC2D90563101686FA5EA64D3310655
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft
Manifest number:          02
Signing time:             Tue 11 Nov 2025 03:01:09 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:09 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:09 +0000
Files and hashes:         1: oOWh7YHyM49feJpE6u2w7uP3EJ4.crl (hash: 7DhZsOg05mx0XVo05V4ocdnu53Op0jYtsohKFdirIes=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:2d:90:56:31:01:68:6f:a5:ea:64:d3:31:06:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0e5a1ed81f2338f5f789a44eaedb0eee3f7109e
        Validity
            Not Before: Nov 11 03:01:09 2025 GMT
            Not After : Nov 12 03:01:09 2025 GMT
        Subject: CN=e9c7db29c58b07abe3950fc1f80772335f674355
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:12:35:0c:58:41:57:44:dd:fc:46:b1:36:c4:
                    29:4e:74:02:7e:c3:85:36:28:e4:0a:1b:24:24:30:
                    8c:81:45:26:d0:53:ed:14:11:ae:5f:ff:aa:86:ce:
                    b2:f8:60:fb:7c:0c:1a:1f:29:95:0d:ce:9c:5e:4e:
                    8f:aa:0e:5f:35:7e:d3:b4:05:a1:f7:68:60:03:5a:
                    e9:17:c4:d0:97:35:ff:bd:9a:cb:ba:f7:06:6f:09:
                    ae:0b:c6:b1:48:5c:65:82:bb:1a:43:a5:a2:79:28:
                    b3:22:52:06:e1:86:86:7d:c0:fb:45:bc:60:f0:d4:
                    e9:9f:51:1b:44:c7:73:9e:08:f7:6e:e0:22:ec:b6:
                    80:4e:4f:b2:6c:96:0a:3d:dc:ba:c5:3f:de:14:47:
                    6b:a6:9e:22:a1:71:47:97:8e:25:94:d9:4e:48:aa:
                    f0:b6:57:23:72:7c:51:ff:9a:ab:05:e1:7f:73:76:
                    0e:f3:c2:bf:de:47:49:56:4a:c3:b4:17:7c:35:e1:
                    25:83:0b:31:ea:a0:8f:44:32:70:53:dc:47:2c:a1:
                    2d:80:02:54:04:74:9d:8c:19:a4:3d:b1:ae:39:8c:
                    34:a3:e3:19:d8:32:9d:41:db:b8:60:15:3e:6f:45:
                    90:c3:4a:6e:7f:9f:78:fc:b5:74:be:83:d2:20:3d:
                    f9:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:C7:DB:29:C5:8B:07:AB:E3:95:0F:C1:F8:07:72:33:5F:67:43:55
            X509v3 Authority Key Identifier:
                keyid:A0:E5:A1:ED:81:F2:33:8F:5F:78:9A:44:EA:ED:B0:EE:E3:F7:10:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:9d:a2:a2:42:75:f9:67:d3:88:86:35:70:b4:8f:06:8f:80:
         98:f5:6c:27:de:fa:eb:ad:1d:fa:16:32:b8:66:f4:7d:97:67:
         da:cc:af:33:6b:92:cf:98:3d:61:e3:ea:1a:36:2d:c4:2e:bd:
         03:66:b7:7e:e7:d9:19:cf:a8:6a:7f:7e:93:0d:22:e4:29:5f:
         f6:73:89:30:74:ec:04:84:c7:54:fb:b0:92:73:57:3b:fd:19:
         bf:b6:3c:40:23:f1:c1:fc:c1:29:58:77:2e:63:95:86:3c:47:
         e9:ba:37:52:35:3f:eb:2f:ec:c4:41:15:68:02:21:d0:be:ad:
         19:53:a7:cb:17:9a:66:ae:b1:02:68:a2:3c:c2:70:e0:82:fc:
         13:38:b2:02:f1:a2:51:13:eb:90:93:52:a0:63:2c:ba:91:2c:
         72:1f:05:47:a5:db:67:90:b6:21:ec:98:d9:8d:67:be:e0:a4:
         05:6a:43:a3:28:25:aa:9b:c6:db:4c:41:2e:de:d9:a7:65:14:
         4f:71:f9:bb:bc:6d:e3:e2:00:c4:91:66:74:f5:bf:c0:22:c3:
         00:e2:ea:c5:43:c5:19:cc:1a:95:31:50:ae:80:b9:90:50:a4:
         72:48:de:44:46:47:8d:00:0f:43:26:f1:c7:49:08:16:35:e3:
         97:85:da:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3C2QVjEBaG+l6mTTMQZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTVhMWVkODFmMjMzOGY1Zjc4OWE0NGVhZWRiMGVlZTNm
NzEwOWUwHhcNMjUxMTExMDMwMTA5WhcNMjUxMTEyMDMwMTA5WjAzMTEwLwYDVQQD
EyhlOWM3ZGIyOWM1OGIwN2FiZTM5NTBmYzFmODA3NzIzMzVmNjc0MzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hI1DFhBV0Td/EaxNsQpTnQCfsOF
NijkChskJDCMgUUm0FPtFBGuX/+qhs6y+GD7fAwaHymVDc6cXk6Pqg5fNX7TtAWh
92hgA1rpF8TQlzX/vZrLuvcGbwmuC8axSFxlgrsaQ6WieSizIlIG4YaGfcD7Rbxg
8NTpn1EbRMdzngj3buAi7LaATk+ybJYKPdy6xT/eFEdrpp4ioXFHl44llNlOSKrw
tlcjcnxR/5qrBeF/c3YO88K/3kdJVkrDtBd8NeElgwsx6qCPRDJwU9xHLKEtgAJU
BHSdjBmkPbGuOYw0o+MZ2DKdQdu4YBU+b0WQw0puf594/LV0voPSID35tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnH2ynFiwer45UPwfgHcjNfZ0NVMB8GA1UdIwQY
MBaAFKDloe2B8jOPX3iaROrtsO7j9xCeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWRmMjAtZjYzMy00NGRmLWJjM2Et
MGQ1M2ZjMTBhOGU5LzEvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOWRmMjAtZjYzMy00NGRmLWJjM2EtMGQ1M2ZjMTBhOGU5
LzEvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE52iokJ1
+WfTiIY1cLSPBo+AmPVsJ976660d+hYyuGb0fZdn2syvM2uSz5g9YePqGjYtxC69
A2a3fufZGc+oan9+kw0i5Clf9nOJMHTsBITHVPuwknNXO/0Zv7Y8QCPxwfzBKVh3
LmOVhjxH6bo3UjU/6y/sxEEVaAIh0L6tGVOnyxeaZq6xAmiiPMJw4IL8EziyAvGi
URPrkJNSoGMsupEsch8FR6XbZ5C2IeyY2Y1nvuCkBWpDoyglqpvG20xBLt7Zp2UU
T3H5u7xt4+IAxJFmdPW/wCLDAOLqxUPFGcwalTFQroC5kFCkckjeREZHjQAPQybx
x0kIFjXjl4XaGw==
-----END CERTIFICATE-----