Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.mft
File:                     OOdr5zhCITzgy8kz0aN0g1fyKD8.mft (raw, json)
Hash identifier:          2S6K3+giGMLNQ+2E6lEFJwFEkcCfqU/Qf2C6kxG02lQ=
Subject key identifier:   5B:0C:0C:00:D1:EE:4A:75:48:27:DA:86:A4:4B:FB:8A:7F:A7:A8:B2
Authority key identifier: 38:E7:6B:E7:38:42:21:3C:E0:CB:C9:33:D1:A3:74:83:57:F2:28:3F
Certificate issuer:       /CN=38e76be73842213ce0cbc933d1a3748357f2283f
Certificate serial:       019A7180804D0706A35C7CCA0BF743D4715D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OOdr5zhCITzgy8kz0aN0g1fyKD8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.mft
Manifest number:          013A
Signing time:             Tue 11 Nov 2025 06:00:38 +0000
Manifest this update:     Tue 11 Nov 2025 06:00:38 +0000
Manifest next update:     Wed 12 Nov 2025 06:00:38 +0000
Files and hashes:         1: OOdr5zhCITzgy8kz0aN0g1fyKD8.crl (hash: xpH0cA8Yl8yP2VYzMdYGl2H1+d8No1c+ZXVGh5hDqAU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OOdr5zhCITzgy8kz0aN0g1fyKD8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 06:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:80:80:4d:07:06:a3:5c:7c:ca:0b:f7:43:d4:71:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38e76be73842213ce0cbc933d1a3748357f2283f
        Validity
            Not Before: Nov 11 06:00:38 2025 GMT
            Not After : Nov 12 06:00:38 2025 GMT
        Subject: CN=5b0c0c00d1ee4a754827da86a44bfb8a7fa7a8b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:5c:62:63:4f:6e:10:43:d0:64:f2:6a:7c:8a:
                    d3:2a:4a:55:9c:87:e8:f4:b4:13:9b:32:06:c0:d2:
                    13:51:a4:6c:70:c8:d8:28:7e:88:71:d0:55:66:fa:
                    ac:c9:e9:02:6a:f5:84:e2:b6:b2:29:d3:f4:31:f0:
                    26:77:60:2f:a5:cd:56:75:94:15:17:fb:77:0d:7d:
                    30:a1:18:33:ec:a8:72:f2:39:ab:45:b1:08:5e:63:
                    d7:af:6a:8f:16:03:21:b4:42:64:a1:2c:4b:39:c4:
                    b2:d5:70:a3:2e:89:bf:10:6d:32:a2:3e:95:a3:fa:
                    b4:46:37:ee:5f:00:91:47:33:24:d6:b9:c8:04:38:
                    8f:ac:4e:c8:01:ee:25:f4:8d:3f:cc:35:02:ab:bc:
                    c3:cc:fe:08:7d:df:a4:c3:b3:01:65:e2:3e:d4:26:
                    2d:02:85:49:79:41:17:68:fa:35:ac:cd:fb:25:85:
                    a1:7c:46:19:1c:a1:cd:4b:8c:c6:ef:e6:4d:5f:ce:
                    f7:ab:09:54:f9:d4:58:e7:3e:1a:ba:dc:c7:e2:21:
                    10:5a:f3:48:77:52:11:a5:01:e4:73:39:6f:80:13:
                    5a:b5:b5:bf:7f:0a:98:bf:b6:51:ee:f9:c0:44:e6:
                    78:18:d2:28:60:06:79:59:8f:73:95:05:6b:6a:62:
                    33:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:0C:0C:00:D1:EE:4A:75:48:27:DA:86:A4:4B:FB:8A:7F:A7:A8:B2
            X509v3 Authority Key Identifier:
                keyid:38:E7:6B:E7:38:42:21:3C:E0:CB:C9:33:D1:A3:74:83:57:F2:28:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OOdr5zhCITzgy8kz0aN0g1fyKD8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/27c86c-a5ad-4253-81dc-15526bf7f4eb/1/OOdr5zhCITzgy8kz0aN0g1fyKD8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:2b:2b:d5:b2:02:20:a8:e3:41:30:de:27:8c:cc:ea:db:16:
         f1:8d:c8:66:68:e0:6b:ab:3a:93:75:50:b5:69:18:20:b2:43:
         5f:bc:f5:51:cb:dc:12:70:51:60:e3:2e:42:56:7d:0b:9c:c7:
         a6:db:c5:42:92:7f:f7:8f:c5:b0:d7:a8:dd:57:7f:3c:8c:2e:
         a4:98:db:ed:93:2b:4e:54:db:e6:8c:10:28:a8:dc:83:00:2e:
         e3:40:fa:68:30:1b:ef:18:4b:c8:cc:b8:b8:96:3e:33:ba:85:
         a0:6c:5f:3f:13:37:e7:e1:6e:e0:43:93:4b:78:82:99:a3:96:
         e9:30:6b:35:31:b8:f6:e2:b7:1a:2f:83:08:70:83:91:95:7a:
         2a:75:35:36:17:60:f9:d6:ef:7e:c8:fb:a3:74:ae:80:54:c6:
         de:d1:df:58:df:3a:b9:01:c0:5b:bd:ba:28:b5:48:90:b2:2b:
         f5:b4:16:2b:22:1a:d1:e7:76:31:96:78:e9:a2:da:84:e5:b3:
         f5:e7:d4:ef:6f:e0:ee:10:70:22:34:3a:f9:b5:cb:9c:4f:f3:
         62:1c:49:b3:d3:4f:a6:3e:2a:93:60:0b:d1:6b:19:ec:02:8b:
         5a:1a:0b:ee:9e:13:76:77:a9:49:04:72:d3:90:f2:a0:b8:17:
         10:87:d6:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgIBNBwajXHzKC/dD1HFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZTc2YmU3Mzg0MjIxM2NlMGNiYzkzM2QxYTM3NDgzNTdm
MjI4M2YwHhcNMjUxMTExMDYwMDM4WhcNMjUxMTEyMDYwMDM4WjAzMTEwLwYDVQQD
Eyg1YjBjMGMwMGQxZWU0YTc1NDgyN2RhODZhNDRiZmI4YTdmYTdhOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylxiY09uEEPQZPJqfIrTKkpVnIfo
9LQTmzIGwNITUaRscMjYKH6IcdBVZvqsyekCavWE4rayKdP0MfAmd2Avpc1WdZQV
F/t3DX0woRgz7Khy8jmrRbEIXmPXr2qPFgMhtEJkoSxLOcSy1XCjLom/EG0yoj6V
o/q0RjfuXwCRRzMk1rnIBDiPrE7IAe4l9I0/zDUCq7zDzP4Ifd+kw7MBZeI+1CYt
AoVJeUEXaPo1rM37JYWhfEYZHKHNS4zG7+ZNX873qwlU+dRY5z4autzH4iEQWvNI
d1IRpQHkczlvgBNatbW/fwqYv7ZR7vnAROZ4GNIoYAZ5WY9zlQVramIzpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsMDADR7kp1SCfahqRL+4p/p6iyMB8GA1UdIwQY
MBaAFDjna+c4QiE84MvJM9GjdINX8ig/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT09kcjV6aENJVHpneThrejBhTjBnMWZ5S0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yN2M4NmMtYTVhZC00MjUzLTgxZGMt
MTU1MjZiZjdmNGViLzEvT09kcjV6aENJVHpneThrejBhTjBnMWZ5S0Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yN2M4NmMtYTVhZC00MjUzLTgxZGMtMTU1MjZiZjdmNGVi
LzEvT09kcjV6aENJVHpneThrejBhTjBnMWZ5S0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaSsr1bIC
IKjjQTDeJ4zM6tsW8Y3IZmjga6s6k3VQtWkYILJDX7z1UcvcEnBRYOMuQlZ9C5zH
ptvFQpJ/94/FsNeo3Vd/PIwupJjb7ZMrTlTb5owQKKjcgwAu40D6aDAb7xhLyMy4
uJY+M7qFoGxfPxM35+Fu4EOTS3iCmaOW6TBrNTG49uK3Gi+DCHCDkZV6KnU1Nhdg
+dbvfsj7o3SugFTG3tHfWN86uQHAW726KLVIkLIr9bQWKyIa0ed2MZZ46aLahOWz
9efU72/g7hBwIjQ6+bXLnE/zYhxJs9NPpj4qk2AL0WsZ7AKLWhoL7p4TdnepSQRy
05DyoLgXEIfWzg==
-----END CERTIFICATE-----