Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          JaRPplV2CNlpRVpUZwHpWGWdWZ6Qp3dFSzhKhe27gAs=
Subject key identifier:   C0:B2:29:E3:79:FA:AE:51:1A:D1:81:83:0A:3E:F0:CA:27:C7:2B:21
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       019A72CAB0A42BEDB69DC78080B30048B46E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          06A1
Signing time:             Tue 11 Nov 2025 12:01:17 +0000
Manifest this update:     Tue 11 Nov 2025 12:01:17 +0000
Manifest next update:     Wed 12 Nov 2025 12:01:17 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: urAPM6WG+IxDYyzW6+sk7xVdoA40vgLSonn3nAThAWU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:b0:a4:2b:ed:b6:9d:c7:80:80:b3:00:48:b4:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Nov 11 12:01:17 2025 GMT
            Not After : Nov 12 12:01:17 2025 GMT
        Subject: CN=c0b229e379faae511ad181830a3ef0ca27c72b21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:3b:b4:9e:26:3e:a9:33:75:85:71:bb:a4:ee:
                    47:da:89:09:60:6e:f0:de:e6:b0:1c:9f:83:39:de:
                    7b:2c:25:ba:81:b4:30:ef:b8:0d:51:9f:85:3f:c8:
                    5c:18:3a:df:ea:e2:ac:39:c5:e5:a8:9d:e4:d5:5d:
                    bf:87:aa:e4:0e:b0:ff:30:58:1e:39:03:14:d9:7e:
                    68:03:66:84:6f:99:21:fe:3b:df:84:83:16:66:e4:
                    b6:49:46:f5:24:99:db:42:1d:a8:ea:bf:c8:59:eb:
                    6e:7b:d5:84:97:9d:86:54:78:42:37:a4:c6:ad:07:
                    3e:18:b4:1f:72:04:1a:09:53:7f:92:93:a9:1c:4c:
                    a2:41:73:0c:69:25:60:87:db:c4:4a:72:97:23:44:
                    69:13:a2:17:26:fb:3a:ae:c3:f9:25:40:92:07:f2:
                    1c:3c:23:e2:c1:b1:78:a4:7a:e5:ce:83:68:1d:23:
                    66:d6:7d:b1:34:2d:eb:8d:d5:58:9d:e3:3e:60:ca:
                    44:a1:6c:56:4f:29:fb:5c:39:37:8c:26:13:e4:9d:
                    c6:93:e5:da:f2:eb:a6:05:7e:40:31:e5:70:23:5a:
                    7f:5d:b9:1e:95:5d:d4:36:09:ce:18:eb:b2:0a:f8:
                    04:7f:e7:9c:28:e0:95:e4:7c:65:80:35:df:fc:51:
                    24:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:B2:29:E3:79:FA:AE:51:1A:D1:81:83:0A:3E:F0:CA:27:C7:2B:21
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:7f:9b:02:89:cf:63:98:57:45:ac:fd:46:56:76:29:d6:4f:
         73:0d:d9:f3:2c:b3:c0:aa:b0:c2:9c:f4:63:6b:a5:18:d9:c1:
         bf:d5:da:44:7a:32:37:cc:80:77:d4:d2:95:0b:5e:e6:74:61:
         2a:46:76:5d:a0:3c:87:fd:b1:7b:0d:56:9b:df:e2:08:3d:ba:
         e6:8c:10:c3:78:a3:60:d7:20:f9:ad:34:f4:2d:b7:df:a2:46:
         01:5c:d9:db:4e:49:2f:d0:9d:a5:d7:8f:d3:9c:8a:56:8c:c7:
         44:1a:41:50:64:9b:14:5e:9e:1b:a1:d7:65:7e:67:53:af:8f:
         72:4b:f3:fe:9f:b4:e9:29:39:79:9d:3b:8a:3f:94:d4:f5:67:
         aa:5e:d3:54:d9:68:0f:fe:b3:73:0d:69:7f:33:92:91:4b:cc:
         a0:eb:e0:25:55:6c:dd:9d:f3:fc:38:2c:bd:27:00:8e:6a:76:
         ef:13:eb:24:b8:b3:e4:5b:20:33:18:ed:28:cf:55:94:f9:21:
         fb:a6:54:12:35:6e:87:77:2a:b6:3e:de:df:c9:4f:68:f0:9f:
         21:b6:54:23:f1:67:c2:0d:6d:4e:6d:a8:de:56:6a:4d:aa:d1:
         14:fc:53:a4:60:ec:d6:86:fb:64:ff:ec:d8:84:45:bc:99:be:
         e5:92:f8:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyrCkK+22nceAgLMASLRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjUxMTExMTIwMTE3WhcNMjUxMTEyMTIwMTE3WjAzMTEwLwYDVQQD
EyhjMGIyMjllMzc5ZmFhZTUxMWFkMTgxODMwYTNlZjBjYTI3YzcyYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDu0niY+qTN1hXG7pO5H2okJYG7w
3uawHJ+DOd57LCW6gbQw77gNUZ+FP8hcGDrf6uKsOcXlqJ3k1V2/h6rkDrD/MFge
OQMU2X5oA2aEb5kh/jvfhIMWZuS2SUb1JJnbQh2o6r/IWetue9WEl52GVHhCN6TG
rQc+GLQfcgQaCVN/kpOpHEyiQXMMaSVgh9vESnKXI0RpE6IXJvs6rsP5JUCSB/Ic
PCPiwbF4pHrlzoNoHSNm1n2xNC3rjdVYneM+YMpEoWxWTyn7XDk3jCYT5J3Gk+Xa
8uumBX5AMeVwI1p/XbkelV3UNgnOGOuyCvgEf+ecKOCV5HxlgDXf/FEksQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCyKeN5+q5RGtGBgwo+8MonxyshMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAln+bAonP
Y5hXRaz9RlZ2KdZPcw3Z8yyzwKqwwpz0Y2ulGNnBv9XaRHoyN8yAd9TSlQte5nRh
KkZ2XaA8h/2xew1Wm9/iCD265owQw3ijYNcg+a009C2336JGAVzZ205JL9CdpdeP
05yKVozHRBpBUGSbFF6eG6HXZX5nU6+Pckvz/p+06Sk5eZ07ij+U1PVnql7TVNlo
D/6zcw1pfzOSkUvMoOvgJVVs3Z3z/DgsvScAjmp27xPrJLiz5FsgMxjtKM9VlPkh
+6ZUEjVuh3cqtj7e38lPaPCfIbZUI/Fnwg1tTm2o3lZqTarRFPxTpGDs1ob7ZP/s
2IRFvJm+5ZL4KA==
-----END CERTIFICATE-----