Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft
File:                     o8B3uDdyoALVxPi5IY7A3H8EDL8.mft (raw, json)
Hash identifier:          EV23kO2KQPCPRghrSBBBeuCQu09RiFsmqKY32azh+ig=
Subject key identifier:   C8:D0:F2:0D:F6:F0:80:A2:B5:14:0D:16:8E:3A:0E:12:FC:5B:85:8C
Authority key identifier: A3:C0:77:B8:37:72:A0:02:D5:C4:F8:B9:21:8E:C0:DC:7F:04:0C:BF
Certificate issuer:       /CN=a3c077b83772a002d5c4f8b9218ec0dc7f040cbf
Certificate serial:       019A7293BF780FE2391AC2369E938B9CEAD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft
Manifest number:          171E
Signing time:             Tue 11 Nov 2025 11:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:16 +0000
Files and hashes:         1: o8B3uDdyoALVxPi5IY7A3H8EDL8.crl (hash: c9/+zsxXBUkkhcMoHTTNTtqYETlQ8N+BYtU8zDjTGJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:bf:78:0f:e2:39:1a:c2:36:9e:93:8b:9c:ea:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3c077b83772a002d5c4f8b9218ec0dc7f040cbf
        Validity
            Not Before: Nov 11 11:01:16 2025 GMT
            Not After : Nov 12 11:01:16 2025 GMT
        Subject: CN=c8d0f20df6f080a2b5140d168e3a0e12fc5b858c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:21:d9:9b:8c:c5:56:0a:9c:b5:1d:f4:7d:c1:
                    a9:66:d8:aa:41:7f:70:5b:ac:55:61:f9:8e:20:4e:
                    99:7d:90:45:b1:8b:ff:10:b0:62:e2:18:f2:0b:00:
                    95:14:1e:06:e0:b6:d9:ad:29:14:86:3c:78:f8:49:
                    30:32:0c:6c:f7:c5:22:3e:af:35:29:5a:8d:02:b7:
                    27:22:92:2a:a3:bd:53:5e:42:0c:70:5f:68:32:e2:
                    82:1f:ef:ed:58:7c:50:f2:3e:7c:91:91:bf:af:d9:
                    12:45:36:08:c1:b5:8d:d4:78:f7:68:cf:99:8b:33:
                    c3:c5:b1:ca:2d:03:67:c4:b1:1f:38:dd:75:d8:cf:
                    8a:83:71:e0:64:5f:d6:d6:ca:c6:7c:93:b1:03:79:
                    80:00:b2:e6:98:63:72:e8:ce:29:cb:02:4d:39:f6:
                    06:1a:01:f2:a5:e5:38:bc:8c:a0:49:1c:11:1c:31:
                    81:66:f2:6f:46:ae:d9:e9:e3:31:04:68:b8:0c:0c:
                    ff:56:5a:2f:fc:4f:d7:a9:66:8a:35:b9:be:4c:25:
                    df:38:8b:9d:a3:5d:85:cb:e4:8e:85:97:98:a2:0b:
                    f8:e1:a5:2e:87:83:98:36:bf:40:cc:4b:f8:16:42:
                    2e:f9:57:34:1e:07:97:4f:4b:02:a5:7e:18:19:4c:
                    c9:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:D0:F2:0D:F6:F0:80:A2:B5:14:0D:16:8E:3A:0E:12:FC:5B:85:8C
            X509v3 Authority Key Identifier:
                keyid:A3:C0:77:B8:37:72:A0:02:D5:C4:F8:B9:21:8E:C0:DC:7F:04:0C:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:c2:b1:1d:0a:11:04:f1:36:2f:f6:d0:36:47:1d:fa:f6:88:
         44:27:7d:d7:35:74:8d:21:df:ec:d5:b0:13:c0:8b:5f:1a:09:
         d4:97:ad:db:9c:6d:7f:24:88:a6:2a:c3:24:bb:6b:b2:70:9b:
         24:79:d5:8a:5a:a2:0e:6a:03:a5:93:1f:5e:3d:01:0f:78:c6:
         30:6d:ed:9b:48:15:1a:75:c4:79:68:4c:48:4c:c9:ba:42:d7:
         6c:23:8f:b6:f4:9c:63:0c:6e:06:5a:91:30:98:53:64:21:d6:
         11:6b:62:16:0f:6e:1c:93:58:45:84:71:73:56:09:79:f5:78:
         07:31:1b:8f:1b:e4:cd:bd:11:5c:e7:0d:f8:27:8b:32:49:c0:
         52:85:49:a7:18:57:ef:2e:65:07:25:36:c4:01:77:d4:a2:b9:
         d7:93:56:da:dc:06:82:7c:ec:a4:c0:02:f9:1a:28:a0:a6:d1:
         07:46:ab:67:3d:22:fb:d0:09:f4:64:77:18:62:e1:7a:8e:e1:
         37:2a:52:ca:05:d7:6e:8d:76:07:dd:4c:00:2e:1c:75:ac:2f:
         d9:3b:8f:4a:b6:f7:ad:5d:1c:88:68:49:40:82:29:9a:9a:7c:
         9f:88:e0:63:d8:03:be:2a:ef:9d:f0:9b:7b:68:4b:7c:bc:f5:
         8b:45:fb:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk794D+I5GsI2npOLnOrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzA3N2I4Mzc3MmEwMDJkNWM0ZjhiOTIxOGVjMGRjN2Yw
NDBjYmYwHhcNMjUxMTExMTEwMTE2WhcNMjUxMTEyMTEwMTE2WjAzMTEwLwYDVQQD
EyhjOGQwZjIwZGY2ZjA4MGEyYjUxNDBkMTY4ZTNhMGUxMmZjNWI4NThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCHZm4zFVgqctR30fcGpZtiqQX9w
W6xVYfmOIE6ZfZBFsYv/ELBi4hjyCwCVFB4G4LbZrSkUhjx4+EkwMgxs98UiPq81
KVqNArcnIpIqo71TXkIMcF9oMuKCH+/tWHxQ8j58kZG/r9kSRTYIwbWN1Hj3aM+Z
izPDxbHKLQNnxLEfON112M+Kg3HgZF/W1srGfJOxA3mAALLmmGNy6M4pywJNOfYG
GgHypeU4vIygSRwRHDGBZvJvRq7Z6eMxBGi4DAz/Vlov/E/XqWaKNbm+TCXfOIud
o12Fy+SOhZeYogv44aUuh4OYNr9AzEv4FkIu+Vc0HgeXT0sCpX4YGUzJvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjQ8g328ICitRQNFo46DhL8W4WMMB8GA1UdIwQY
MBaAFKPAd7g3cqAC1cT4uSGOwNx/BAy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9mY2ViMDItYjBmMS00OTE3LTg1YzIt
NzA2YWIzZTgzZDFkLzEvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9mY2ViMDItYjBmMS00OTE3LTg1YzItNzA2YWIzZTgzZDFk
LzEvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAksKxHQoR
BPE2L/bQNkcd+vaIRCd91zV0jSHf7NWwE8CLXxoJ1Jet25xtfySIpirDJLtrsnCb
JHnVilqiDmoDpZMfXj0BD3jGMG3tm0gVGnXEeWhMSEzJukLXbCOPtvScYwxuBlqR
MJhTZCHWEWtiFg9uHJNYRYRxc1YJefV4BzEbjxvkzb0RXOcN+CeLMknAUoVJpxhX
7y5lByU2xAF31KK515NW2twGgnzspMAC+RoooKbRB0arZz0i+9AJ9GR3GGLheo7h
NypSygXXbo12B91MAC4cdawv2TuPSrb3rV0ciGhJQIIpmpp8n4jgY9gDvirvnfCb
e2hLfLz1i0X7OA==
-----END CERTIFICATE-----