Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
File:                     Ou5vE-TaDy5DIqGnWqfn189xekI.mft (raw, json)
Hash identifier:          iAMR3QrbTosUJQuKZAh1eeAB43mkPbQGOO5RjAOhTRU=
Subject key identifier:   CF:5B:7C:CC:86:EA:18:76:97:D8:B5:25:34:6D:EC:A6:34:2A:3E:ED
Authority key identifier: 3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42
Certificate issuer:       /CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
Certificate serial:       019A71B7F78217D62A1282E4B2B5C1FDC3AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:13 +0000
Files and hashes:         1: Ou5vE-TaDy5DIqGnWqfn189xekI.crl (hash: 1e04sndubS6dQJtUFwngtZpGUz53R2p6fDjqD6ppeT4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:f7:82:17:d6:2a:12:82:e4:b2:b5:c1:fd:c3:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
        Validity
            Not Before: Nov 11 07:01:13 2025 GMT
            Not After : Nov 12 07:01:13 2025 GMT
        Subject: CN=cf5b7ccc86ea187697d8b525346deca6342a3eed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:46:f2:c5:48:47:64:21:9e:56:41:18:0d:ea:
                    49:fb:6d:b7:5e:47:cc:fa:92:53:2b:a1:60:44:b7:
                    d0:39:48:02:64:16:e1:48:a7:89:5d:52:41:be:60:
                    5c:bd:ef:8f:f7:20:f3:dc:a6:f8:0f:de:a6:e0:63:
                    7d:6f:d7:02:04:37:93:0f:19:ec:0f:de:9b:66:84:
                    01:5c:83:0b:71:8f:81:96:45:87:6e:29:fd:43:cb:
                    f2:86:52:cf:29:23:b8:8e:14:31:ef:3f:35:85:0d:
                    a9:e9:7a:af:aa:97:ae:8c:cd:db:11:6b:a2:00:56:
                    51:78:5a:8e:dc:64:fa:b2:a5:7c:da:37:5e:95:9f:
                    ac:ab:8f:ed:90:7d:08:c6:87:5e:46:4a:bd:48:da:
                    a4:1a:cc:fe:16:91:af:8b:49:e2:6d:68:25:5d:32:
                    7b:41:3e:66:5e:f8:ce:5c:ad:da:e8:a7:11:0e:ba:
                    22:f9:30:a9:80:72:66:aa:f3:64:55:7f:b6:91:eb:
                    4d:c9:d8:91:7e:07:87:af:7f:dc:3d:4f:24:e5:20:
                    99:18:4d:48:23:63:d2:80:e3:83:67:86:95:d2:2b:
                    d1:33:67:57:8b:b9:5e:75:1d:bf:9e:03:e3:9a:ad:
                    17:8d:ec:44:aa:b6:e0:21:95:c6:1a:4e:e6:01:db:
                    0a:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:5B:7C:CC:86:EA:18:76:97:D8:B5:25:34:6D:EC:A6:34:2A:3E:ED
            X509v3 Authority Key Identifier:
                keyid:3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d5:57:57:ee:e0:16:d9:19:96:f3:2c:66:2a:44:f7:87:e0:07:
         79:63:1f:ef:fe:b1:cc:ac:2a:d6:15:93:b0:f4:d3:c7:bf:8b:
         24:59:d4:b5:9a:7f:f0:36:98:10:fc:ee:c5:a8:f0:a7:ad:f4:
         23:a3:f5:b0:d7:44:73:e0:6e:e8:5b:4b:4a:ad:76:c1:41:44:
         1e:95:a7:7a:ee:1f:73:3e:51:2d:4b:09:05:d5:b4:7b:f1:3d:
         77:1a:df:af:27:75:61:81:75:a9:79:ec:af:d8:71:a0:87:96:
         b2:e8:c9:89:96:43:49:20:bf:ed:b2:84:53:42:50:f9:7d:46:
         cd:55:92:9c:39:e2:2b:b5:be:2a:66:50:cf:d7:55:2e:9c:c1:
         0c:b0:27:0b:2e:ef:ad:95:d7:d0:16:4e:9e:0d:e8:4d:a9:76:
         ee:93:60:fc:31:b7:42:0b:59:fb:c3:08:4c:f7:b1:07:98:76:
         55:28:b3:02:a8:af:a7:39:38:8f:5b:f6:6e:59:66:f2:ab:b8:
         6f:0c:41:25:23:ab:da:99:70:19:48:3c:5f:15:b0:c0:f1:16:
         89:0a:87:e1:fc:64:fc:bd:a2:be:40:92:26:99:ab:ab:2a:47:
         7f:54:05:9a:93:39:86:24:a1:bd:28:07:dc:75:09:0d:5b:18:
         63:28:bd:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/eCF9YqEoLksrXB/cOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWU2ZjEzZTRkYTBmMmU0MzIyYTFhNzVhYTdlN2Q3Y2Y3
MTdhNDIwHhcNMjUxMTExMDcwMTEzWhcNMjUxMTEyMDcwMTEzWjAzMTEwLwYDVQQD
EyhjZjViN2NjYzg2ZWExODc2OTdkOGI1MjUzNDZkZWNhNjM0MmEzZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UbyxUhHZCGeVkEYDepJ+223XkfM
+pJTK6FgRLfQOUgCZBbhSKeJXVJBvmBcve+P9yDz3Kb4D96m4GN9b9cCBDeTDxns
D96bZoQBXIMLcY+BlkWHbin9Q8vyhlLPKSO4jhQx7z81hQ2p6XqvqpeujM3bEWui
AFZReFqO3GT6sqV82jdelZ+sq4/tkH0IxodeRkq9SNqkGsz+FpGvi0nibWglXTJ7
QT5mXvjOXK3a6KcRDroi+TCpgHJmqvNkVX+2ketNydiRfgeHr3/cPU8k5SCZGE1I
I2PSgOODZ4aV0ivRM2dXi7ledR2/ngPjmq0XjexEqrbgIZXGGk7mAdsKNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM9bfMyG6hh2l9i1JTRt7KY0Kj7tMB8GA1UdIwQY
MBaAFDrubxPk2g8uQyKhp1qn59fPcXpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQt
MGMwMjkyMTY3Zjk1LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQtMGMwMjkyMTY3Zjk1
LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1VdX7uAW
2RmW8yxmKkT3h+AHeWMf7/6xzKwq1hWTsPTTx7+LJFnUtZp/8DaYEPzuxajwp630
I6P1sNdEc+Bu6FtLSq12wUFEHpWneu4fcz5RLUsJBdW0e/E9dxrfryd1YYF1qXns
r9hxoIeWsujJiZZDSSC/7bKEU0JQ+X1GzVWSnDniK7W+KmZQz9dVLpzBDLAnCy7v
rZXX0BZOng3oTal27pNg/DG3QgtZ+8MITPexB5h2VSizAqivpzk4j1v2bllm8qu4
bwxBJSOr2plwGUg8XxWwwPEWiQqH4fxk/L2ivkCSJpmrqypHf1QFmpM5hiShvSgH
3HUJDVsYYyi9MQ==
-----END CERTIFICATE-----