Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft
File:                     oy2niZiHqsRJlYu5DrU1lRqXOgA.mft (raw, json)
Hash identifier:          VhCXpk9CLWnmx5v5lTHbpXjFAf7dVn6PV8bc2YlMR30=
Subject key identifier:   B4:EA:A8:96:A7:32:4C:08:AC:C2:47:EC:1F:AE:D4:BA:09:37:E8:7F
Authority key identifier: A3:2D:A7:89:98:87:AA:C4:49:95:8B:B9:0E:B5:35:95:1A:97:3A:00
Certificate issuer:       /CN=a32da7899887aac449958bb90eb535951a973a00
Certificate serial:       019A71B77BEF8BA97B8A7F6327C9B1458AC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft
Manifest number:          101E
Signing time:             Tue 11 Nov 2025 07:00:41 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:41 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:41 +0000
Files and hashes:         1: oy2niZiHqsRJlYu5DrU1lRqXOgA.crl (hash: bFEI8D5T/mBG5RxnuL0EGX8DY6Wyiq43uwwC27kj77M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:7b:ef:8b:a9:7b:8a:7f:63:27:c9:b1:45:8a:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a32da7899887aac449958bb90eb535951a973a00
        Validity
            Not Before: Nov 11 07:00:41 2025 GMT
            Not After : Nov 12 07:00:41 2025 GMT
        Subject: CN=b4eaa896a7324c08acc247ec1faed4ba0937e87f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:83:c9:5d:b0:fe:d4:26:91:7b:7f:4b:1b:94:
                    b2:32:34:eb:93:76:a0:3e:ea:50:9a:c9:b0:fb:48:
                    3f:f9:3c:b3:60:3e:3e:c3:41:5d:ae:e9:c1:12:98:
                    e2:4f:ee:cd:31:f1:65:f1:ee:10:6d:a6:4a:8a:3b:
                    a3:f6:df:5a:6a:00:a2:5f:fc:17:67:1a:b1:a3:dc:
                    07:25:23:92:7b:dd:31:68:79:5a:6d:c9:85:87:51:
                    95:df:59:b7:4b:03:3c:01:b0:47:ae:d0:fb:1f:d2:
                    29:55:bb:b2:41:44:01:63:c4:0e:8a:8a:88:0e:7b:
                    55:78:fc:fe:10:74:c8:77:40:30:b8:00:96:5b:fb:
                    40:ce:ce:97:22:17:3c:d2:46:6d:9d:a1:e4:f8:c1:
                    bf:61:dc:f9:1e:7d:b8:28:fb:00:90:7f:f3:84:0d:
                    a5:e4:f9:e3:69:87:b7:ea:d6:d4:3f:20:89:bf:18:
                    ad:80:de:09:3f:56:cd:fe:b8:70:2c:1f:62:02:55:
                    32:53:28:34:a7:20:07:6c:eb:6d:ae:2f:ac:4c:16:
                    6f:5b:5c:77:04:46:45:2f:aa:81:02:6b:5c:1a:71:
                    43:42:79:19:23:69:3c:a2:f1:13:74:95:72:d3:91:
                    2e:46:63:0a:59:36:36:8e:b8:79:7f:82:ad:0f:e1:
                    8c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:EA:A8:96:A7:32:4C:08:AC:C2:47:EC:1F:AE:D4:BA:09:37:E8:7F
            X509v3 Authority Key Identifier:
                keyid:A3:2D:A7:89:98:87:AA:C4:49:95:8B:B9:0E:B5:35:95:1A:97:3A:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:6b:e4:51:94:0b:4e:f0:11:d9:87:a4:3d:6a:fc:5d:df:de:
         14:28:87:0e:72:6c:50:96:66:8a:f5:9d:56:1d:23:9c:8f:12:
         3e:8e:09:10:ae:b5:6e:26:25:74:0a:1d:57:ba:78:e2:5f:0f:
         b8:2c:56:34:72:52:f2:a2:8d:cf:7d:db:ec:27:23:90:88:99:
         8a:84:d0:3e:88:c9:92:7c:c4:5d:0a:e0:ca:50:06:e9:de:1d:
         88:35:01:52:a9:d4:2d:e4:a8:d0:0f:da:a9:21:54:1a:4a:c0:
         23:7a:d6:30:45:27:f6:4e:7e:64:ae:0d:2a:22:e0:ab:c1:ab:
         b1:c9:b4:84:02:87:ed:92:f3:9b:28:b3:cf:e9:95:b8:23:c5:
         f2:91:f7:eb:aa:4a:97:7d:99:a7:1f:5d:8b:02:c2:1f:a3:e3:
         28:37:4d:91:a7:07:2f:d1:ad:8a:8f:e6:6d:d4:05:78:37:65:
         ab:1a:f9:5e:f9:b4:17:30:de:ea:2a:0e:fe:17:42:05:30:80:
         25:dc:12:08:4c:7f:7a:1a:b1:32:e2:c1:16:08:dd:3d:ab:f6:
         e4:b5:6d:40:dd:88:9b:be:52:c1:87:82:6b:30:0a:b9:90:c2:
         0b:36:5b:cd:82:80:a0:68:3f:40:08:71:ce:47:f5:d4:5f:ca:
         d0:63:b1:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3vvi6l7in9jJ8mxRYrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMmRhNzg5OTg4N2FhYzQ0OTk1OGJiOTBlYjUzNTk1MWE5
NzNhMDAwHhcNMjUxMTExMDcwMDQxWhcNMjUxMTEyMDcwMDQxWjAzMTEwLwYDVQQD
EyhiNGVhYTg5NmE3MzI0YzA4YWNjMjQ3ZWMxZmFlZDRiYTA5MzdlODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoPJXbD+1CaRe39LG5SyMjTrk3ag
PupQmsmw+0g/+TyzYD4+w0FdrunBEpjiT+7NMfFl8e4QbaZKijuj9t9aagCiX/wX
Zxqxo9wHJSOSe90xaHlabcmFh1GV31m3SwM8AbBHrtD7H9IpVbuyQUQBY8QOioqI
DntVePz+EHTId0AwuACWW/tAzs6XIhc80kZtnaHk+MG/Ydz5Hn24KPsAkH/zhA2l
5PnjaYe36tbUPyCJvxitgN4JP1bN/rhwLB9iAlUyUyg0pyAHbOttri+sTBZvW1x3
BEZFL6qBAmtcGnFDQnkZI2k8ovETdJVy05EuRmMKWTY2jrh5f4KtD+GM1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTqqJanMkwIrMJH7B+u1LoJN+h/MB8GA1UdIwQY
MBaAFKMtp4mYh6rESZWLuQ61NZUalzoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hMzg4YjYtNDNjNi00NDU4LWFiZjUt
ZDMzMzJmOTA0NGVjLzEvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hMzg4YjYtNDNjNi00NDU4LWFiZjUtZDMzMzJmOTA0NGVj
LzEvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWWvkUZQL
TvAR2YekPWr8Xd/eFCiHDnJsUJZmivWdVh0jnI8SPo4JEK61biYldAodV7p44l8P
uCxWNHJS8qKNz33b7CcjkIiZioTQPojJknzEXQrgylAG6d4diDUBUqnULeSo0A/a
qSFUGkrAI3rWMEUn9k5+ZK4NKiLgq8Grscm0hAKH7ZLzmyizz+mVuCPF8pH366pK
l32Zpx9diwLCH6PjKDdNkacHL9Gtio/mbdQFeDdlqxr5Xvm0FzDe6ioO/hdCBTCA
JdwSCEx/ehqxMuLBFgjdPav25LVtQN2Im75SwYeCazAKuZDCCzZbzYKAoGg/QAhx
zkf11F/K0GOxWg==
-----END CERTIFICATE-----