Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
File:                     oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json)
Hash identifier:          jzTdjdiQpH27CnZcXxevcCsVK4VLMGKiA6s7yc+4T3A=
Subject key identifier:   A2:D3:F0:4D:DC:FA:CD:50:59:80:41:F1:D6:59:F5:1C:E2:5F:8D:4F
Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB
Certificate issuer:       /CN=a0252fe9b42a643f477e5846619aae886917effb
Certificate serial:       019A70A561A4B8C4C9C42A6DA770D86D70F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
Manifest number:          1507
Signing time:             Tue 11 Nov 2025 02:01:17 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:17 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:17 +0000
Files and hashes:         1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: vajWfrkwSsdl9F50R8v9LbVbikfZbd2B+mEZ7mOSkYU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:61:a4:b8:c4:c9:c4:2a:6d:a7:70:d8:6d:70:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb
        Validity
            Not Before: Nov 11 02:01:17 2025 GMT
            Not After : Nov 12 02:01:17 2025 GMT
        Subject: CN=a2d3f04ddcfacd50598041f1d659f51ce25f8d4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:74:00:aa:5f:de:5c:dd:f1:68:a8:3d:ea:7c:
                    4e:4b:35:32:fa:37:6c:fb:c8:22:9a:d0:1c:78:83:
                    56:c6:c8:e4:5a:a8:3f:5a:92:af:1c:bf:05:ea:51:
                    60:b1:f0:77:d6:6c:2c:3f:cb:43:76:f3:b2:23:09:
                    58:38:c3:aa:13:03:0f:47:63:55:5e:e4:1d:06:b0:
                    ca:12:91:5a:bd:17:35:93:9c:05:a8:bd:fd:0c:f3:
                    ad:ae:21:cb:51:01:ad:99:2a:3d:38:f5:e7:bb:c3:
                    53:f6:9c:8c:bb:29:88:c3:e1:f1:10:9f:f5:86:cf:
                    94:83:1e:c8:c8:ff:f6:31:02:0c:05:f4:4a:1a:f0:
                    03:d2:37:29:2f:ef:9d:30:f6:99:0d:ed:ca:84:50:
                    b6:8a:65:53:8a:7e:bb:8e:4e:19:6d:8f:86:42:f2:
                    5a:7e:47:47:a9:6e:db:43:68:dc:c3:65:87:5e:d1:
                    fe:6f:5e:f9:b5:42:f9:30:e1:a2:e0:0d:8c:a4:aa:
                    26:a6:54:d4:1c:da:ce:1f:c1:ad:ea:b8:5d:a5:9f:
                    db:94:b8:49:40:8c:6f:f0:7a:1a:2f:f5:fb:b3:e6:
                    81:eb:e4:17:d6:e0:ae:78:d2:f9:b3:41:1b:14:27:
                    cb:9a:ac:c2:91:41:c4:94:61:ce:4a:b7:37:1a:97:
                    dd:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:D3:F0:4D:DC:FA:CD:50:59:80:41:F1:D6:59:F5:1C:E2:5F:8D:4F
            X509v3 Authority Key Identifier:
                keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:3a:da:0b:1a:56:b7:52:b6:dc:6e:50:d2:29:21:93:03:85:
         25:80:6e:50:63:c0:f9:a5:4e:f5:b8:e3:88:f4:f8:18:0a:14:
         72:00:cb:f5:3d:e4:cb:f0:40:65:84:9b:09:fa:73:5f:4a:99:
         95:6b:bf:a9:47:7e:ea:f6:26:29:b0:cd:f8:ec:bc:e1:62:b8:
         c2:35:9b:e9:fe:88:b2:28:c4:ac:d2:55:04:df:d3:1c:f1:4e:
         b3:2f:03:d5:d3:fb:a1:9d:63:c7:38:07:5a:9d:c5:03:85:7c:
         77:65:87:cb:52:28:f7:9b:5b:75:50:87:83:e5:d5:46:e3:1f:
         96:0e:54:39:e5:f6:b6:45:5b:fc:e6:fc:ad:76:79:b1:54:c8:
         29:4c:22:25:cf:ab:cb:10:3e:03:ea:50:98:75:d9:48:89:4f:
         3e:72:34:28:d8:29:17:95:df:ba:7b:e0:f4:05:6b:a0:d5:dc:
         f7:2f:51:3d:c4:91:30:73:c4:6b:a6:58:0b:c7:49:39:41:72:
         85:a6:93:52:99:c4:d0:35:a2:51:46:35:ba:08:20:c0:29:cd:
         35:0f:d4:5b:29:c2:89:4a:bc:ba:3a:74:16:65:4f:6b:37:f5:
         c5:73:c9:55:80:39:1d:53:19:07:8c:58:8b:4b:61:02:2d:b2:
         ab:80:69:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpWGkuMTJxCptp3DYbXDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx
N2VmZmIwHhcNMjUxMTExMDIwMTE3WhcNMjUxMTEyMDIwMTE3WjAzMTEwLwYDVQQD
EyhhMmQzZjA0ZGRjZmFjZDUwNTk4MDQxZjFkNjU5ZjUxY2UyNWY4ZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHQAql/eXN3xaKg96nxOSzUy+jds
+8gimtAceINWxsjkWqg/WpKvHL8F6lFgsfB31mwsP8tDdvOyIwlYOMOqEwMPR2NV
XuQdBrDKEpFavRc1k5wFqL39DPOtriHLUQGtmSo9OPXnu8NT9pyMuymIw+HxEJ/1
hs+Ugx7IyP/2MQIMBfRKGvAD0jcpL++dMPaZDe3KhFC2imVTin67jk4ZbY+GQvJa
fkdHqW7bQ2jcw2WHXtH+b175tUL5MOGi4A2MpKomplTUHNrOH8Gt6rhdpZ/blLhJ
QIxv8HoaL/X7s+aB6+QX1uCueNL5s0EbFCfLmqzCkUHElGHOSrc3GpfdNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLT8E3c+s1QWYBB8dZZ9RziX41PMB8GA1UdIwQY
MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt
MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3
LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmjraCxpW
t1K23G5Q0ikhkwOFJYBuUGPA+aVO9bjjiPT4GAoUcgDL9T3ky/BAZYSbCfpzX0qZ
lWu/qUd+6vYmKbDN+Oy84WK4wjWb6f6IsijErNJVBN/THPFOsy8D1dP7oZ1jxzgH
Wp3FA4V8d2WHy1Io95tbdVCHg+XVRuMflg5UOeX2tkVb/Ob8rXZ5sVTIKUwiJc+r
yxA+A+pQmHXZSIlPPnI0KNgpF5Xfunvg9AVroNXc9y9RPcSRMHPEa6ZYC8dJOUFy
haaTUpnE0DWiUUY1ugggwCnNNQ/UWynCiUq8ujp0FmVPazf1xXPJVYA5HVMZB4xY
i0thAi2yq4Bp3w==
-----END CERTIFICATE-----