Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8b2f14-c329-4cbb-ad41-17407165afe6/1/oQ80HTq1Y7n8QJgK58F0AsIV7yo.mft
File:                     oQ80HTq1Y7n8QJgK58F0AsIV7yo.mft (raw, json)
Hash identifier:          D/T0E4Hw/1sMIbdm2Nundm2hKrKHywq0N5zyWpG0CnQ=
Subject key identifier:   5A:CF:DE:20:90:A0:B2:84:62:E9:93:FB:D0:E2:44:4F:E4:B6:8D:09
Authority key identifier: A1:0F:34:1D:3A:B5:63:B9:FC:40:98:0A:E7:C1:74:02:C2:15:EF:2A
Certificate issuer:       /CN=a10f341d3ab563b9fc40980ae7c17402c215ef2a
Certificate serial:       019A71B790183F6DB09E02C352F09118A386
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oQ80HTq1Y7n8QJgK58F0AsIV7yo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/8b2f14-c329-4cbb-ad41-17407165afe6/1/oQ80HTq1Y7n8QJgK58F0AsIV7yo.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:00:46 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:46 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:46 +0000
Files and hashes:         1: oQ80HTq1Y7n8QJgK58F0AsIV7yo.crl (hash: A5F+/L7g7Thru+jydzERLeOk6NktFJkZhhdwgr/MNsM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/8b2f14-c329-4cbb-ad41-17407165afe6/1/oQ80HTq1Y7n8QJgK58F0AsIV7yo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/8b2f14-c329-4cbb-ad41-17407165afe6/1/oQ80HTq1Y7n8QJgK58F0AsIV7yo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oQ80HTq1Y7n8QJgK58F0AsIV7yo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:90:18:3f:6d:b0:9e:02:c3:52:f0:91:18:a3:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a10f341d3ab563b9fc40980ae7c17402c215ef2a
        Validity
            Not Before: Nov 11 07:00:46 2025 GMT
            Not After : Nov 12 07:00:46 2025 GMT
        Subject: CN=5acfde2090a0b28462e993fbd0e2444fe4b68d09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:7d:57:f6:0d:c2:0f:41:c5:a3:ca:dd:f0:76:
                    84:c4:66:aa:0a:41:b8:9c:b2:6b:74:ba:4d:98:cf:
                    73:9a:71:1b:1b:f2:6c:69:3b:1e:08:0e:37:01:2e:
                    db:96:b3:ce:23:fe:b9:67:12:82:90:66:44:88:d4:
                    85:a0:68:74:c4:be:a2:fe:ac:20:ce:82:b3:d4:43:
                    34:01:d1:8d:b5:dc:6b:0f:c8:ba:a1:00:57:c0:85:
                    51:23:55:c4:ee:fb:9c:0c:82:1c:63:ec:68:23:5a:
                    a2:ef:fe:cf:e4:e6:5a:cc:5f:39:40:65:e7:92:2c:
                    ce:ab:9f:0c:82:35:ea:82:12:61:07:cc:58:18:3f:
                    f1:6b:85:b8:6e:67:61:46:84:dd:b6:ad:26:56:a4:
                    c9:6e:f6:ae:42:c8:30:29:47:f5:56:a1:fe:89:5a:
                    0a:7a:cb:7a:59:18:a9:9a:2c:65:fe:31:d1:17:ad:
                    e3:72:f9:45:72:6b:ce:dc:df:68:c5:59:cb:d6:96:
                    e7:84:85:35:fb:72:b0:62:d5:f0:25:ff:02:c8:37:
                    7e:e1:6e:38:a2:9e:c5:d3:b5:6f:72:16:38:31:b8:
                    dc:47:cd:ea:b4:6f:e8:48:bc:c7:62:d4:b8:ad:77:
                    0f:40:f8:b9:d6:90:58:5f:3e:54:2b:ec:fd:61:0f:
                    c3:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:CF:DE:20:90:A0:B2:84:62:E9:93:FB:D0:E2:44:4F:E4:B6:8D:09
            X509v3 Authority Key Identifier:
                keyid:A1:0F:34:1D:3A:B5:63:B9:FC:40:98:0A:E7:C1:74:02:C2:15:EF:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQ80HTq1Y7n8QJgK58F0AsIV7yo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8b2f14-c329-4cbb-ad41-17407165afe6/1/oQ80HTq1Y7n8QJgK58F0AsIV7yo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8b2f14-c329-4cbb-ad41-17407165afe6/1/oQ80HTq1Y7n8QJgK58F0AsIV7yo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:8e:92:c7:8f:86:4d:a1:7e:2c:f3:49:93:1d:c2:87:82:85:
         79:ff:38:3b:70:22:8d:17:31:4d:02:1b:17:c2:e4:72:8c:3a:
         51:45:af:80:0d:4d:b7:a9:83:89:a5:b5:7e:15:d3:a1:ee:d6:
         c0:84:64:90:f0:08:b3:9d:de:ae:8b:3f:ae:c7:56:a2:b6:ba:
         c1:b8:bd:e9:fc:55:9c:78:cf:4e:a3:06:30:72:8a:18:00:a9:
         be:30:0b:3c:a0:a4:0d:b9:d4:57:33:4d:b9:ab:da:dc:50:37:
         6c:2e:45:e2:20:31:11:55:9a:f0:c2:24:89:d6:e2:d9:db:c9:
         5b:74:31:6b:99:96:3b:7d:55:24:c4:85:69:f9:bf:38:72:fc:
         38:3b:0d:5e:de:0d:24:28:4a:92:9e:2c:30:ff:0b:72:4a:1a:
         d8:f7:4b:37:12:52:99:55:12:bf:d2:34:66:fe:c5:c4:f2:90:
         13:b6:d9:88:09:40:2e:15:9b:0e:b9:1b:86:a3:5b:01:12:5e:
         0d:65:c5:39:7f:d4:f0:fb:85:16:6a:2c:f1:fb:ee:55:96:54:
         52:43:78:6e:d8:ff:83:48:03:8e:4f:d3:f3:eb:e0:88:88:ee:
         17:dc:82:ce:f6:e9:99:ca:72:0a:1a:0b:d2:66:34:ef:c2:ea:
         87:b1:17:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5AYP22wngLDUvCRGKOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMGYzNDFkM2FiNTYzYjlmYzQwOTgwYWU3YzE3NDAyYzIx
NWVmMmEwHhcNMjUxMTExMDcwMDQ2WhcNMjUxMTEyMDcwMDQ2WjAzMTEwLwYDVQQD
Eyg1YWNmZGUyMDkwYTBiMjg0NjJlOTkzZmJkMGUyNDQ0ZmU0YjY4ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5n1X9g3CD0HFo8rd8HaExGaqCkG4
nLJrdLpNmM9zmnEbG/JsaTseCA43AS7blrPOI/65ZxKCkGZEiNSFoGh0xL6i/qwg
zoKz1EM0AdGNtdxrD8i6oQBXwIVRI1XE7vucDIIcY+xoI1qi7/7P5OZazF85QGXn
kizOq58MgjXqghJhB8xYGD/xa4W4bmdhRoTdtq0mVqTJbvauQsgwKUf1VqH+iVoK
est6WRipmixl/jHRF63jcvlFcmvO3N9oxVnL1pbnhIU1+3KwYtXwJf8CyDd+4W44
op7F07VvchY4MbjcR83qtG/oSLzHYtS4rXcPQPi51pBYXz5UK+z9YQ/DFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrP3iCQoLKEYumT+9DiRE/kto0JMB8GA1UdIwQY
MBaAFKEPNB06tWO5/ECYCufBdALCFe8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1E4MEhUcTFZN244UUpnSzU4RjBBc0lWN3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84YjJmMTQtYzMyOS00Y2JiLWFkNDEt
MTc0MDcxNjVhZmU2LzEvb1E4MEhUcTFZN244UUpnSzU4RjBBc0lWN3lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84YjJmMTQtYzMyOS00Y2JiLWFkNDEtMTc0MDcxNjVhZmU2
LzEvb1E4MEhUcTFZN244UUpnSzU4RjBBc0lWN3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo46Sx4+G
TaF+LPNJkx3Ch4KFef84O3AijRcxTQIbF8Lkcow6UUWvgA1Nt6mDiaW1fhXToe7W
wIRkkPAIs53eros/rsdWora6wbi96fxVnHjPTqMGMHKKGACpvjALPKCkDbnUVzNN
uava3FA3bC5F4iAxEVWa8MIkidbi2dvJW3Qxa5mWO31VJMSFafm/OHL8ODsNXt4N
JChKkp4sMP8Lckoa2PdLNxJSmVUSv9I0Zv7FxPKQE7bZiAlALhWbDrkbhqNbARJe
DWXFOX/U8PuFFmos8fvuVZZUUkN4btj/g0gDjk/T8+vgiIjuF9yCzvbpmcpyChoL
0mY078Lqh7EXwg==
-----END CERTIFICATE-----