Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          13ILUYNvQJvTgX1iKwWyQoSEZfCAFOSYy7Grygprkjk=
Subject key identifier:   0E:17:31:18:93:E7:74:13:AD:EB:7E:36:50:ED:90:A4:F0:B2:73:D1
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       019A71B8D8C1BFA3A9864CA9D372CEAF314D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          1418
Signing time:             Tue 11 Nov 2025 07:02:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:10 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: NmESy4Hwb2useLt5LzSMbgMaFBWMo/trXZsle69/vq0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d8:c1:bf:a3:a9:86:4c:a9:d3:72:ce:af:31:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Nov 11 07:02:10 2025 GMT
            Not After : Nov 12 07:02:10 2025 GMT
        Subject: CN=0e17311893e77413adeb7e3650ed90a4f0b273d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:2d:c0:3f:06:78:93:79:48:12:89:1d:06:fb:
                    8e:b7:25:4b:a3:f3:bb:6f:7d:f0:f9:4f:3e:bd:3a:
                    a5:0d:fb:5b:b0:52:30:8a:c5:f5:96:44:2d:54:fe:
                    e9:89:85:22:e4:1d:9e:08:a2:17:13:c9:1b:10:f6:
                    5e:e6:2b:7b:b0:2d:71:2f:03:1d:4d:b5:f4:86:66:
                    56:3c:2b:ea:0b:cf:1b:3d:03:99:77:4b:9f:93:f0:
                    e4:a2:e8:60:36:42:5d:a1:3b:32:0d:4a:2d:22:ec:
                    30:4e:18:78:4b:50:70:04:57:04:1c:e0:8f:46:9d:
                    e9:0b:7e:d3:ab:5d:9c:49:32:9e:c7:82:36:62:f4:
                    ba:b7:d6:9e:c5:61:68:74:37:e7:82:46:f8:b6:53:
                    62:f7:fd:8c:c1:b1:5a:24:b0:f9:be:9a:cb:3a:9a:
                    00:69:3d:d9:00:2a:d7:dd:6c:6a:9c:f3:8a:3e:df:
                    66:32:72:bb:94:19:ed:fe:11:b9:2f:04:2f:2b:0e:
                    21:1a:10:4f:19:1b:87:81:9b:33:2e:5c:d1:fa:ad:
                    09:28:28:d9:ef:a1:d7:68:7a:4b:59:60:b6:af:b6:
                    a9:41:08:2e:70:b2:6a:22:43:8b:84:f1:11:ab:63:
                    6b:62:89:60:70:de:2f:60:54:5d:7b:8b:e5:0d:9e:
                    76:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:17:31:18:93:E7:74:13:AD:EB:7E:36:50:ED:90:A4:F0:B2:73:D1
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:d3:c8:94:4a:00:c7:b3:f4:7e:33:c9:e3:31:ae:ef:41:79:
         a3:e9:74:af:04:ff:93:1e:63:62:1c:52:9f:87:31:9b:1d:96:
         3a:44:0e:05:af:83:18:89:42:4b:f6:00:0a:c7:be:5d:1b:53:
         cf:18:39:3e:b2:ec:4b:c4:c4:e5:1e:8f:18:7e:56:5a:63:71:
         e7:79:01:f8:c4:8c:2d:d0:a6:9d:b0:1e:a6:28:20:ef:f8:3d:
         25:95:7c:e5:a3:30:f3:2f:7f:8e:57:fa:3a:ef:62:49:7e:fa:
         d5:45:45:da:f4:7b:e7:1e:da:1f:0c:21:a9:86:a9:24:27:d0:
         b8:e6:f4:27:fe:05:7f:53:95:81:7b:3c:9e:3e:a9:62:90:75:
         77:44:2e:9d:02:25:8b:36:04:bd:bb:13:29:8b:4f:8f:f6:3e:
         11:ff:81:df:dc:6b:22:ed:94:58:14:3e:e2:36:33:8f:76:2a:
         77:bf:47:71:67:df:69:51:6f:fe:56:39:4c:39:c3:4c:f3:ed:
         3f:42:c4:79:8c:c5:77:04:cc:b2:d8:43:fe:8c:64:4e:e2:3a:
         d7:c0:d1:79:c2:a6:5c:55:4f:f2:bd:49:63:35:df:74:4f:fa:
         d0:bb:9c:ee:ab:d7:7b:09:b3:40:ff:c3:c8:16:a9:a8:74:cb:
         b1:6e:49:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNjBv6Ophkyp03LOrzFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjUxMTExMDcwMjEwWhcNMjUxMTEyMDcwMjEwWjAzMTEwLwYDVQQD
EygwZTE3MzExODkzZTc3NDEzYWRlYjdlMzY1MGVkOTBhNGYwYjI3M2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3S3APwZ4k3lIEokdBvuOtyVLo/O7
b33w+U8+vTqlDftbsFIwisX1lkQtVP7piYUi5B2eCKIXE8kbEPZe5it7sC1xLwMd
TbX0hmZWPCvqC88bPQOZd0ufk/DkouhgNkJdoTsyDUotIuwwThh4S1BwBFcEHOCP
Rp3pC37Tq12cSTKex4I2YvS6t9aexWFodDfngkb4tlNi9/2MwbFaJLD5vprLOpoA
aT3ZACrX3WxqnPOKPt9mMnK7lBnt/hG5LwQvKw4hGhBPGRuHgZszLlzR+q0JKCjZ
76HXaHpLWWC2r7apQQgucLJqIkOLhPERq2NrYolgcN4vYFRde4vlDZ52wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4XMRiT53QTret+NlDtkKTwsnPRMB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABdPIlEoA
x7P0fjPJ4zGu70F5o+l0rwT/kx5jYhxSn4cxmx2WOkQOBa+DGIlCS/YACse+XRtT
zxg5PrLsS8TE5R6PGH5WWmNx53kB+MSMLdCmnbAepigg7/g9JZV85aMw8y9/jlf6
Ou9iSX761UVF2vR75x7aHwwhqYapJCfQuOb0J/4Ff1OVgXs8nj6pYpB1d0QunQIl
izYEvbsTKYtPj/Y+Ef+B39xrIu2UWBQ+4jYzj3Yqd79HcWffaVFv/lY5TDnDTPPt
P0LEeYzFdwTMsthD/oxkTuI618DRecKmXFVP8r1JYzXfdE/60Luc7qvXewmzQP/D
yBapqHTLsW5J3Q==
-----END CERTIFICATE-----