Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          VJ7J/NxTeG8yXrQyNclU2rJzBioyrPGRwk2sWDA/2Gc=
Subject key identifier:   4B:75:51:BD:C8:01:D6:70:98:1C:AE:78:5F:B2:C6:FB:18:AB:49:84
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       019A22F78DBEA71369579627F97B9F5DFA3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0BFC
Signing time:             Mon 27 Oct 2025 00:00:40 +0000
Manifest this update:     Mon 27 Oct 2025 00:00:40 +0000
Manifest next update:     Tue 28 Oct 2025 00:00:40 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: p4E1S1uW511uNNuOK+IQ/vGmH4FmYpKTvPDlOZYyzLw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 23:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:22:f7:8d:be:a7:13:69:57:96:27:f9:7b:9f:5d:fa:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Oct 27 00:00:40 2025 GMT
            Not After : Oct 28 00:00:40 2025 GMT
        Subject: CN=4b7551bdc801d670981cae785fb2c6fb18ab4984
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bb:d0:72:05:5e:05:39:37:3d:fc:0e:7a:58:
                    3b:fe:14:17:ab:e9:9f:f4:6e:82:19:cf:c0:0b:ed:
                    9b:6a:71:7c:e8:b6:a9:a3:d5:17:f3:da:27:5b:83:
                    54:5a:fb:22:85:01:2e:9f:97:88:0c:73:84:a7:ab:
                    3d:5c:6a:60:49:48:3e:dd:65:a0:4e:69:cf:78:3b:
                    f0:fa:3b:1d:15:29:cd:98:7f:fb:59:63:1c:cb:11:
                    d4:70:22:34:e9:ad:30:d1:b4:55:88:e5:a8:67:7b:
                    22:58:61:ce:b8:f6:4c:76:cc:62:4e:c8:56:61:9e:
                    b2:00:21:d9:64:73:21:03:25:d3:0e:01:81:e0:02:
                    4d:a4:7e:6c:66:22:62:56:c1:f9:30:be:18:0f:2c:
                    62:05:36:6a:0b:c5:b1:64:23:85:3b:1f:9e:65:c4:
                    c8:cf:d3:15:11:ce:a8:37:b4:08:7e:33:ec:42:e7:
                    29:4f:80:da:cd:1a:2d:c8:00:44:e8:37:03:6d:5e:
                    8e:2c:06:dc:5a:1f:8d:6a:ab:12:5a:e1:f3:75:32:
                    69:c9:d6:80:f4:61:cd:82:1f:c2:4a:43:75:fc:8e:
                    70:d2:a9:9a:6d:52:1d:4e:d6:95:bd:9a:15:7f:83:
                    63:5e:7b:1b:c1:7f:45:46:ad:c3:99:3d:3b:08:86:
                    2a:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:75:51:BD:C8:01:D6:70:98:1C:AE:78:5F:B2:C6:FB:18:AB:49:84
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:76:9a:f6:db:ad:8f:78:a9:fb:ec:d7:ba:60:d4:94:14:00:
         3d:e7:7b:2f:9a:2f:79:2e:5f:31:bf:b9:17:75:90:dc:33:f6:
         32:10:62:36:85:7e:17:03:71:47:88:9a:35:ba:87:b5:58:68:
         3e:9e:10:62:9c:da:3c:ab:6e:37:c0:bb:d5:09:f4:78:8c:e6:
         f2:e5:ff:04:80:c7:bc:89:93:30:e5:f1:c1:2f:c9:a5:ac:f3:
         8a:aa:76:3f:24:95:4b:4a:5e:75:82:ac:08:7b:f6:50:8f:dd:
         5a:db:e6:73:67:38:2c:74:a6:63:4b:eb:a7:c6:e9:a7:d1:97:
         0b:4b:51:a4:1c:bc:4a:61:94:e7:99:63:5f:57:58:2d:4d:af:
         63:5a:a2:cd:ea:2f:d3:b0:db:20:32:1e:af:7c:5a:91:e1:b1:
         c7:69:11:d8:30:fc:f5:9b:95:fe:f4:f3:44:90:0d:5c:a3:88:
         7f:59:06:97:f3:13:62:76:71:e9:a7:ba:1f:4d:00:63:31:91:
         46:63:98:eb:18:08:bb:fb:68:b4:78:bb:f5:83:8a:d0:10:68:
         34:91:53:78:55:3c:62:76:63:1a:d9:c5:c5:1f:ea:4e:e1:c3:
         0b:33:d5:f7:62:cc:3b:9f:d6:12:b2:ee:ad:f4:c9:da:17:fb:
         2b:c4:54:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoi942+pxNpV5Yn+XufXfo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjUxMDI3MDAwMDQwWhcNMjUxMDI4MDAwMDQwWjAzMTEwLwYDVQQD
Eyg0Yjc1NTFiZGM4MDFkNjcwOTgxY2FlNzg1ZmIyYzZmYjE4YWI0OTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbvQcgVeBTk3PfwOelg7/hQXq+mf
9G6CGc/AC+2banF86Lapo9UX89onW4NUWvsihQEun5eIDHOEp6s9XGpgSUg+3WWg
TmnPeDvw+jsdFSnNmH/7WWMcyxHUcCI06a0w0bRViOWoZ3siWGHOuPZMdsxiTshW
YZ6yACHZZHMhAyXTDgGB4AJNpH5sZiJiVsH5ML4YDyxiBTZqC8WxZCOFOx+eZcTI
z9MVEc6oN7QIfjPsQucpT4DazRotyABE6DcDbV6OLAbcWh+NaqsSWuHzdTJpydaA
9GHNgh/CSkN1/I5w0qmabVIdTtaVvZoVf4NjXnsbwX9FRq3DmT07CIYqCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEt1Ub3IAdZwmByueF+yxvsYq0mEMB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbXaa9tut
j3ip++zXumDUlBQAPed7L5oveS5fMb+5F3WQ3DP2MhBiNoV+FwNxR4iaNbqHtVho
Pp4QYpzaPKtuN8C71Qn0eIzm8uX/BIDHvImTMOXxwS/Jpazziqp2PySVS0pedYKs
CHv2UI/dWtvmc2c4LHSmY0vrp8bpp9GXC0tRpBy8SmGU55ljX1dYLU2vY1qizeov
07DbIDIer3xakeGxx2kR2DD89ZuV/vTzRJANXKOIf1kGl/MTYnZx6ae6H00AYzGR
RmOY6xgIu/totHi79YOK0BBoNJFTeFU8YnZjGtnFxR/qTuHDCzPV92LMO5/WErLu
rfTJ2hf7K8RUUA==
-----END CERTIFICATE-----