Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          K5l4nJg3Y7ilLXtdnXaAL4KOkgmpAydbqXNpeZiWeDI=
Subject key identifier:   28:FD:8C:88:64:25:A9:2B:A9:64:AE:82:B4:8B:92:C3:04:48:19:AD
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       019A725C5711E21B564B2C01AE9259849A7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0DAF
Signing time:             Tue 11 Nov 2025 10:00:45 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:45 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:45 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: ufChMLzOvqMvN0njTPaCTeni4wr08E9sOyY6Y+BJ+qs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:57:11:e2:1b:56:4b:2c:01:ae:92:59:84:9a:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Nov 11 10:00:45 2025 GMT
            Not After : Nov 12 10:00:45 2025 GMT
        Subject: CN=28fd8c886425a92ba964ae82b48b92c3044819ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:09:82:ba:0d:50:6a:55:2b:b4:90:f1:bd:5c:
                    4b:2e:18:f4:51:2a:e5:5e:14:f8:70:92:51:b1:99:
                    51:7d:5b:7d:3c:0d:3a:7d:8a:a4:c8:9a:c2:84:a2:
                    54:8f:63:05:5c:bc:16:cf:6b:35:d3:57:a4:db:37:
                    9a:b7:c2:23:16:5d:30:1d:31:02:b2:8b:a6:2f:a9:
                    1c:11:e8:89:c2:38:2f:bd:96:2b:20:9b:c7:5f:95:
                    ac:8a:b6:ea:9c:d9:e3:08:8f:42:6d:93:ee:28:80:
                    2c:ab:f6:f2:78:29:6e:ec:9f:f8:ec:4c:9c:86:95:
                    7f:42:42:fc:07:48:a6:9a:4b:7c:54:ff:8e:01:23:
                    cf:bf:a8:ba:ef:5f:3f:e5:30:92:43:c6:1d:2c:ab:
                    56:e1:10:59:5d:81:66:d6:4b:f8:61:e4:a0:2f:c7:
                    3f:a3:c9:bf:08:87:04:26:58:de:da:7e:29:6a:7f:
                    75:ae:3b:d1:8a:c6:cb:77:04:3d:74:9c:15:57:f2:
                    68:91:f6:9c:fc:c3:83:77:23:fe:ed:09:ea:51:07:
                    4b:e7:17:82:b1:7a:e2:60:c0:91:f8:c3:ab:59:52:
                    c5:68:33:0d:3a:67:61:e1:82:3c:4c:f2:32:f2:27:
                    3c:e1:90:4e:60:05:c0:9b:13:2d:e3:c9:de:b8:39:
                    1e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:FD:8C:88:64:25:A9:2B:A9:64:AE:82:B4:8B:92:C3:04:48:19:AD
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:4b:74:15:31:bc:e7:17:53:2d:5a:a5:a8:c8:3d:be:47:d1:
         90:d3:ec:6b:7b:ed:7c:13:40:4d:fe:3c:b5:69:54:11:86:cc:
         9f:d9:e6:b4:3f:78:fa:78:af:c3:b5:a6:b1:69:ab:ba:fb:b1:
         3a:b8:ea:03:11:0d:35:7a:ac:21:cf:b9:fe:12:88:76:43:ed:
         ca:a5:09:de:1e:6d:c3:60:85:40:bc:ad:a3:af:2b:d4:96:66:
         0f:af:6d:29:a7:6a:f0:89:63:dd:27:5b:0e:59:79:bf:5a:73:
         af:9f:c2:db:14:fd:8d:77:46:bb:72:42:30:2a:74:b2:34:cd:
         db:ed:5b:67:cf:ad:b4:aa:12:68:62:03:05:73:fd:eb:aa:e4:
         5c:c6:aa:43:48:02:7c:c7:fc:50:91:93:21:28:26:19:da:12:
         66:e1:6c:f0:dd:33:35:37:1a:d7:d2:ef:56:28:db:70:90:28:
         56:e7:0e:42:9c:75:a5:73:11:9e:dc:d8:2d:18:3d:eb:c9:6f:
         51:53:b0:63:92:09:f8:1e:14:ee:b4:21:d9:c9:b9:0c:60:aa:
         2a:bf:b0:de:77:23:5f:7c:f4:1e:2a:b1:75:c3:1a:ea:f7:b4:
         af:f3:d9:63:69:86:08:00:00:f0:1b:15:99:cf:b5:61:3b:48:
         c0:ba:20:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXFcR4htWSywBrpJZhJp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUxMTExMTAwMDQ1WhcNMjUxMTEyMTAwMDQ1WjAzMTEwLwYDVQQD
EygyOGZkOGM4ODY0MjVhOTJiYTk2NGFlODJiNDhiOTJjMzA0NDgxOWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgmCug1QalUrtJDxvVxLLhj0USrl
XhT4cJJRsZlRfVt9PA06fYqkyJrChKJUj2MFXLwWz2s101ek2zeat8IjFl0wHTEC
soumL6kcEeiJwjgvvZYrIJvHX5WsirbqnNnjCI9CbZPuKIAsq/byeClu7J/47Eyc
hpV/QkL8B0immkt8VP+OASPPv6i6718/5TCSQ8YdLKtW4RBZXYFm1kv4YeSgL8c/
o8m/CIcEJlje2n4pan91rjvRisbLdwQ9dJwVV/Jokfac/MODdyP+7QnqUQdL5xeC
sXriYMCR+MOrWVLFaDMNOmdh4YI8TPIy8ic84ZBOYAXAmxMt48neuDkeNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCj9jIhkJakrqWSugrSLksMESBmtMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjUt0FTG8
5xdTLVqlqMg9vkfRkNPsa3vtfBNATf48tWlUEYbMn9nmtD94+nivw7WmsWmruvux
OrjqAxENNXqsIc+5/hKIdkPtyqUJ3h5tw2CFQLyto68r1JZmD69tKadq8Ilj3Sdb
Dll5v1pzr5/C2xT9jXdGu3JCMCp0sjTN2+1bZ8+ttKoSaGIDBXP966rkXMaqQ0gC
fMf8UJGTISgmGdoSZuFs8N0zNTca19LvVijbcJAoVucOQpx1pXMRntzYLRg968lv
UVOwY5IJ+B4U7rQh2cm5DGCqKr+w3ncjX3z0HiqxdcMa6ve0r/PZY2mGCAAA8BsV
mc+1YTtIwLogbw==
-----END CERTIFICATE-----