Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          n8YB6g7mwGajg+KAbn4d2MtF176zNIfbvJUJjNh6U6U=
Subject key identifier:   B6:00:5D:FD:7B:AC:CA:DD:6F:30:51:85:35:B3:87:52:BF:AA:8F:EF
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       019A722636868748E0F4EF0A214B525EF516
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 09:01:38 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:38 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:38 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: ZE/WjdvQnBQNFqxlczLnd52lBsLAuXXESQu1rt+auvw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:36:86:87:48:e0:f4:ef:0a:21:4b:52:5e:f5:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Nov 11 09:01:38 2025 GMT
            Not After : Nov 12 09:01:38 2025 GMT
        Subject: CN=b6005dfd7baccadd6f30518535b38752bfaa8fef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:bc:de:88:ab:fa:72:3f:8c:f5:4f:d6:24:6e:
                    d2:01:a0:c4:53:07:52:17:d3:df:fe:ce:02:87:ee:
                    09:35:29:1d:2c:f2:56:64:74:34:47:8c:63:8e:89:
                    95:e8:1e:4e:78:a1:22:00:58:53:9d:b8:c9:70:b3:
                    d4:d2:5d:63:0c:b2:ff:71:b0:4b:a5:6e:c9:15:d4:
                    71:0f:98:2e:89:b6:3d:26:d7:3f:cd:69:4a:19:88:
                    f9:fa:4c:f0:39:79:db:91:1f:2b:29:77:5f:2e:1f:
                    78:4e:48:cb:bc:e3:1f:44:8d:db:f4:68:1d:94:3f:
                    5c:c0:b1:f6:1c:5f:e3:36:7e:13:c9:bb:c2:5a:26:
                    63:9a:5b:f9:95:7c:cd:e4:42:52:7a:ca:2e:56:68:
                    19:b0:35:7e:08:d5:71:24:4c:ae:1f:89:30:0e:ee:
                    c8:1a:01:16:c3:2f:42:73:fa:b2:1c:1c:e3:23:79:
                    1c:02:d9:02:88:b9:c7:44:0a:f1:cb:72:2a:13:b8:
                    41:55:79:39:75:19:50:15:f8:d2:fc:a8:fd:fa:89:
                    91:11:c9:95:98:2b:4c:18:e0:09:71:e9:85:82:5f:
                    7f:32:c6:3b:7f:bc:6b:83:da:70:3d:45:e9:d2:74:
                    b6:f6:96:9a:b7:74:46:86:5a:35:c6:c8:80:74:11:
                    db:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:00:5D:FD:7B:AC:CA:DD:6F:30:51:85:35:B3:87:52:BF:AA:8F:EF
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:c7:23:72:01:3a:0b:ac:f0:f8:1c:00:43:33:b3:b3:0c:20:
         7b:00:d9:50:db:c7:30:16:65:4b:52:42:c1:32:8d:5a:b5:2c:
         9e:ae:78:62:7d:c0:af:6a:e0:04:4a:5b:f6:14:80:4c:23:6a:
         7f:4b:be:3e:f7:91:df:34:fb:03:b2:de:06:0d:83:0a:69:cf:
         88:8c:37:9d:52:ff:e4:ce:96:93:2f:b5:b5:c0:83:6d:fc:9a:
         4e:73:53:c0:11:e7:b1:d4:ed:02:a4:82:22:10:4e:f2:d9:da:
         c2:4a:fb:33:b1:19:88:60:3b:3c:df:02:35:b1:d4:c8:2e:31:
         37:24:19:94:f9:8f:d7:c3:1f:c5:e7:0c:f0:2b:17:46:83:83:
         30:34:d6:d1:ad:6c:83:f9:40:d4:98:38:44:89:c5:f0:65:bc:
         e0:5d:98:eb:ec:d9:76:c6:3c:03:b6:42:72:5e:45:78:ba:21:
         62:bb:f6:0e:6c:6f:c1:ac:d0:cf:48:28:03:c8:58:59:cf:2d:
         6a:6a:ff:2d:69:02:12:ef:ba:e4:4c:a8:fb:a3:31:4e:6a:6e:
         56:38:7b:f2:e1:3f:f9:ba:2b:38:ab:cd:58:59:5b:80:ae:f4:
         79:8c:2c:f5:3f:40:2d:a2:92:47:d5:00:11:54:29:b6:f9:04:
         84:5a:72:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJjaGh0jg9O8KIUtSXvUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjUxMTExMDkwMTM4WhcNMjUxMTEyMDkwMTM4WjAzMTEwLwYDVQQD
EyhiNjAwNWRmZDdiYWNjYWRkNmYzMDUxODUzNWIzODc1MmJmYWE4ZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bzeiKv6cj+M9U/WJG7SAaDEUwdS
F9Pf/s4Ch+4JNSkdLPJWZHQ0R4xjjomV6B5OeKEiAFhTnbjJcLPU0l1jDLL/cbBL
pW7JFdRxD5guibY9Jtc/zWlKGYj5+kzwOXnbkR8rKXdfLh94TkjLvOMfRI3b9Ggd
lD9cwLH2HF/jNn4TybvCWiZjmlv5lXzN5EJSesouVmgZsDV+CNVxJEyuH4kwDu7I
GgEWwy9Cc/qyHBzjI3kcAtkCiLnHRArxy3IqE7hBVXk5dRlQFfjS/Kj9+omREcmV
mCtMGOAJcemFgl9/MsY7f7xrg9pwPUXp0nS29paat3RGhlo1xsiAdBHbhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYAXf17rMrdbzBRhTWzh1K/qo/vMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQccjcgE6
C6zw+BwAQzOzswwgewDZUNvHMBZlS1JCwTKNWrUsnq54Yn3Ar2rgBEpb9hSATCNq
f0u+PveR3zT7A7LeBg2DCmnPiIw3nVL/5M6Wky+1tcCDbfyaTnNTwBHnsdTtAqSC
IhBO8tnawkr7M7EZiGA7PN8CNbHUyC4xNyQZlPmP18MfxecM8CsXRoODMDTW0a1s
g/lA1Jg4RInF8GW84F2Y6+zZdsY8A7ZCcl5FeLohYrv2DmxvwazQz0goA8hYWc8t
amr/LWkCEu+65Eyo+6MxTmpuVjh78uE/+borOKvNWFlbgK70eYws9T9ALaKSR9UA
EVQptvkEhFpy1Q==
-----END CERTIFICATE-----