Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft
File:                     OEzdzXTQQilYPSwr7tBz4AlrozU.mft (raw, json)
Hash identifier:          r2EMGTmSluvr6WBfaJ4ALi2SCEAp6/yIPe17urGqdKQ=
Subject key identifier:   B0:9D:28:E6:87:F0:0D:E2:BB:90:AF:D1:2A:BD:DD:AC:64:51:39:E7
Authority key identifier: 38:4C:DD:CD:74:D0:42:29:58:3D:2C:2B:EE:D0:73:E0:09:6B:A3:35
Certificate issuer:       /CN=384cddcd74d04229583d2c2beed073e0096ba335
Certificate serial:       019A71B8C2BAFB48C1372253A853E3B2284C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft
Manifest number:          0771
Signing time:             Tue 11 Nov 2025 07:02:04 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:04 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:04 +0000
Files and hashes:         1: OEzdzXTQQilYPSwr7tBz4AlrozU.crl (hash: pJvPRKRIoEVIGJRMo9rLypJPpojnvDUk5Tf0UUd8/us=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:c2:ba:fb:48:c1:37:22:53:a8:53:e3:b2:28:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384cddcd74d04229583d2c2beed073e0096ba335
        Validity
            Not Before: Nov 11 07:02:04 2025 GMT
            Not After : Nov 12 07:02:04 2025 GMT
        Subject: CN=b09d28e687f00de2bb90afd12abdddac645139e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:27:63:fa:2e:d3:41:10:15:8f:ff:96:d8:d8:
                    d3:db:7c:c8:b6:8d:08:3d:f0:08:7b:4f:7e:e3:25:
                    28:33:88:6f:44:23:b0:a8:b1:80:61:ce:b4:4b:b9:
                    eb:c1:88:cd:3c:01:b1:01:15:10:c1:c7:cb:6a:88:
                    21:a4:96:70:41:d4:ff:01:e0:cb:90:80:2c:a7:2d:
                    29:b1:77:63:29:a7:42:db:dc:37:30:8e:9d:8f:85:
                    6a:bb:9c:4e:bc:9d:fd:ed:e5:d6:8f:21:30:58:14:
                    a2:7a:fe:f1:f0:f7:b7:87:16:9e:a1:8c:ff:7b:4c:
                    ae:de:88:72:da:7d:7f:19:31:47:9e:b4:3a:81:91:
                    d7:c2:31:60:7b:b9:6e:c3:01:f2:c5:57:14:5b:af:
                    80:31:35:11:f8:1d:79:60:96:d9:57:50:fc:d9:1d:
                    15:f5:75:7c:a6:88:6d:ef:24:24:52:81:bb:9d:29:
                    2b:8d:08:93:5a:16:16:cd:f2:d8:5d:5e:c1:42:55:
                    5d:45:25:2a:51:ba:3e:54:a7:3e:0b:6f:02:40:3f:
                    d0:66:04:a1:d5:f5:e9:61:7e:3b:63:49:f5:f7:2f:
                    df:8a:10:38:e8:9a:a6:43:a4:13:eb:bc:93:0e:c9:
                    11:6a:f5:25:51:16:69:41:f8:ac:73:9e:d2:51:52:
                    c0:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:9D:28:E6:87:F0:0D:E2:BB:90:AF:D1:2A:BD:DD:AC:64:51:39:E7
            X509v3 Authority Key Identifier:
                keyid:38:4C:DD:CD:74:D0:42:29:58:3D:2C:2B:EE:D0:73:E0:09:6B:A3:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:ff:29:c2:55:24:17:ce:7c:cd:03:a0:66:92:a7:30:38:e7:
         e7:3f:5b:be:03:48:f0:f2:f1:48:ff:d8:e2:c9:ec:fb:7b:3d:
         25:f6:ef:a0:4d:f5:4b:9a:ae:01:3b:d8:6b:f3:4f:e8:3f:5c:
         d6:06:57:91:50:46:bd:45:ab:1d:66:d4:8d:e8:86:4a:40:46:
         16:28:84:f7:06:6e:5d:a0:34:aa:74:bb:d0:44:46:55:a4:6b:
         e5:d1:98:19:a7:38:b2:55:6a:24:bf:8f:50:27:d9:58:b0:34:
         59:b7:39:08:88:ea:8e:0b:ea:f7:ab:62:32:fd:96:dd:0e:51:
         cf:c8:ef:2c:72:56:30:35:1f:3a:0f:e5:dc:ea:d9:5c:bb:27:
         63:bd:06:1e:47:e7:da:e6:02:9a:33:6a:39:32:43:ce:28:e2:
         ee:94:c5:b9:11:3e:b7:e1:3c:12:b8:94:d3:b7:1c:37:22:f3:
         c3:60:75:18:11:6a:1c:82:ee:b6:ba:b8:95:02:e1:60:b8:54:
         9d:8f:37:94:c0:54:7e:f7:61:b8:da:44:cf:73:29:7a:f3:a9:
         3e:55:15:e6:5e:15:74:fa:f8:58:52:58:8c:08:09:8c:e4:91:
         a3:fb:c6:a2:a4:ef:f0:a6:0b:60:a9:3e:71:78:0b:a1:cf:02:
         34:cf:41:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuMK6+0jBNyJTqFPjsihMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGNkZGNkNzRkMDQyMjk1ODNkMmMyYmVlZDA3M2UwMDk2
YmEzMzUwHhcNMjUxMTExMDcwMjA0WhcNMjUxMTEyMDcwMjA0WjAzMTEwLwYDVQQD
EyhiMDlkMjhlNjg3ZjAwZGUyYmI5MGFmZDEyYWJkZGRhYzY0NTEzOWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCdj+i7TQRAVj/+W2NjT23zIto0I
PfAIe09+4yUoM4hvRCOwqLGAYc60S7nrwYjNPAGxARUQwcfLaoghpJZwQdT/AeDL
kIAspy0psXdjKadC29w3MI6dj4Vqu5xOvJ397eXWjyEwWBSiev7x8Pe3hxaeoYz/
e0yu3ohy2n1/GTFHnrQ6gZHXwjFge7luwwHyxVcUW6+AMTUR+B15YJbZV1D82R0V
9XV8poht7yQkUoG7nSkrjQiTWhYWzfLYXV7BQlVdRSUqUbo+VKc+C28CQD/QZgSh
1fXpYX47Y0n19y/fihA46JqmQ6QT67yTDskRavUlURZpQfisc57SUVLA4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCdKOaH8A3iu5Cv0Sq93axkUTnnMB8GA1UdIwQY
MBaAFDhM3c100EIpWD0sK+7Qc+AJa6M1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNTFjM2UtOTVkOC00ODNiLThkYzIt
OTk4YWQ1MGY0YTJhLzEvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNTFjM2UtOTVkOC00ODNiLThkYzItOTk4YWQ1MGY0YTJh
LzEvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUP8pwlUk
F858zQOgZpKnMDjn5z9bvgNI8PLxSP/Y4sns+3s9JfbvoE31S5quATvYa/NP6D9c
1gZXkVBGvUWrHWbUjeiGSkBGFiiE9wZuXaA0qnS70ERGVaRr5dGYGac4slVqJL+P
UCfZWLA0Wbc5CIjqjgvq96tiMv2W3Q5Rz8jvLHJWMDUfOg/l3OrZXLsnY70GHkfn
2uYCmjNqOTJDziji7pTFuRE+t+E8EriU07ccNyLzw2B1GBFqHILutrq4lQLhYLhU
nY83lMBUfvdhuNpEz3MpevOpPlUV5l4VdPr4WFJYjAgJjOSRo/vGoqTv8KYLYKk+
cXgLoc8CNM9BaQ==
-----END CERTIFICATE-----