Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
File:                     oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft (raw, json)
Hash identifier:          +Kd6Ackbd8Jwj41SKfigDty+EXLADFBNo3EEv+PkMeM=
Subject key identifier:   6E:1A:09:8F:BC:72:BD:E3:CE:36:BB:36:94:2D:C6:94:4E:5E:76:9F
Authority key identifier: A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10
Certificate issuer:       /CN=a223d15344c02a551e63f831c604f80dbec4ba10
Certificate serial:       019A71B7E7582609003F905E1C210D951AB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
Manifest number:          0B74
Signing time:             Tue 11 Nov 2025 07:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:08 +0000
Files and hashes:         1: oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl (hash: FflMv/jt13VsBg3JDLjSMppoaevmY83egmnF94RrBxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:e7:58:26:09:00:3f:90:5e:1c:21:0d:95:1a:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a223d15344c02a551e63f831c604f80dbec4ba10
        Validity
            Not Before: Nov 11 07:01:08 2025 GMT
            Not After : Nov 12 07:01:08 2025 GMT
        Subject: CN=6e1a098fbc72bde3ce36bb36942dc6944e5e769f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:83:40:81:35:54:b9:9e:b1:28:e5:24:13:27:
                    b2:17:09:1c:56:d0:20:3d:9a:57:14:81:ae:c1:33:
                    4a:d5:18:cb:ed:f1:4d:4a:42:79:52:25:38:a1:10:
                    f6:5e:fe:97:27:cb:4f:57:90:2b:8a:2a:b2:02:17:
                    ad:74:8e:02:0c:b9:10:d1:6a:dc:0e:a5:b8:e5:33:
                    25:dc:80:90:34:fb:f4:3b:97:69:cf:e5:49:52:b6:
                    77:9a:48:f3:a5:a5:b1:48:e5:e5:25:2c:e8:cc:c0:
                    bf:df:d3:42:f6:0f:ad:0c:67:58:05:81:d9:1e:5a:
                    39:06:51:d7:9b:03:f5:0c:39:e4:f2:e4:6d:f0:48:
                    e2:7e:ec:65:6f:2b:cf:f4:49:81:3b:4a:f3:cb:b4:
                    04:19:84:63:b8:15:9b:82:6d:3f:22:c3:53:f0:74:
                    c4:6a:89:09:14:22:2a:74:54:e1:de:df:43:7e:7e:
                    df:28:13:7a:c3:ce:34:7a:34:7d:30:eb:a2:6e:47:
                    5f:e2:f1:79:3c:0a:e9:94:03:76:13:73:df:ea:da:
                    29:91:31:da:a8:56:5e:84:9d:bb:73:c4:f2:ef:11:
                    e4:ee:bf:35:42:4a:a1:f2:45:a1:6d:83:fc:c6:1f:
                    82:a9:f8:22:a6:28:82:5c:54:a7:9d:7d:26:89:0a:
                    93:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:1A:09:8F:BC:72:BD:E3:CE:36:BB:36:94:2D:C6:94:4E:5E:76:9F
            X509v3 Authority Key Identifier:
                keyid:A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:b3:cf:54:fa:37:03:41:71:61:82:b9:8a:68:2b:0f:80:3a:
         3c:7b:34:03:9a:a3:dc:43:94:2a:89:d2:f5:e8:08:e1:a7:be:
         a3:88:08:aa:10:d2:e8:99:87:d5:4e:41:3e:83:17:1a:1a:00:
         b3:32:75:57:9a:3f:04:49:42:48:9f:a2:06:bd:1a:e1:ae:df:
         30:8e:71:b3:5c:27:8a:ab:b7:62:1e:98:eb:0c:cb:71:50:73:
         67:8f:ae:f5:f8:d8:96:6f:0f:bd:ca:cc:7a:3f:e8:a6:ba:d2:
         76:70:29:ad:11:e6:2d:e9:ab:92:2f:62:67:0f:79:1d:a9:e7:
         e7:98:cb:95:bb:c1:50:6a:f2:dd:8b:fd:3b:0d:90:2d:60:00:
         5a:c0:76:49:ca:ae:2d:d4:04:0c:8d:59:dc:c5:1a:0f:4b:25:
         81:51:7b:c6:73:4f:be:22:d3:3d:72:af:c9:0e:4e:42:13:fe:
         5a:60:95:67:29:e8:76:01:96:a2:a7:c7:fa:9c:0c:47:41:c5:
         61:2e:0c:f2:b8:37:f2:d9:c4:82:69:b3:e1:7e:ad:13:86:d7:
         86:4c:24:9e:57:da:81:9e:08:d0:6d:32:83:49:7f:df:f1:36:
         1f:28:1c:86:51:e2:76:28:a7:1c:c0:63:d5:0b:0d:68:22:dc:
         4e:5f:ef:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+dYJgkAP5BeHCENlRq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjNkMTUzNDRjMDJhNTUxZTYzZjgzMWM2MDRmODBkYmVj
NGJhMTAwHhcNMjUxMTExMDcwMTA4WhcNMjUxMTEyMDcwMTA4WjAzMTEwLwYDVQQD
Eyg2ZTFhMDk4ZmJjNzJiZGUzY2UzNmJiMzY5NDJkYzY5NDRlNWU3NjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4NAgTVUuZ6xKOUkEyeyFwkcVtAg
PZpXFIGuwTNK1RjL7fFNSkJ5UiU4oRD2Xv6XJ8tPV5AriiqyAhetdI4CDLkQ0Wrc
DqW45TMl3ICQNPv0O5dpz+VJUrZ3mkjzpaWxSOXlJSzozMC/39NC9g+tDGdYBYHZ
Hlo5BlHXmwP1DDnk8uRt8EjifuxlbyvP9EmBO0rzy7QEGYRjuBWbgm0/IsNT8HTE
aokJFCIqdFTh3t9Dfn7fKBN6w840ejR9MOuibkdf4vF5PArplAN2E3Pf6topkTHa
qFZehJ27c8Ty7xHk7r81Qkqh8kWhbYP8xh+CqfgipiiCXFSnnX0miQqTJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG4aCY+8cr3jzja7NpQtxpROXnafMB8GA1UdIwQY
MBaAFKIj0VNEwCpVHmP4McYE+A2+xLoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTct
ODA5YTJkN2ZmMzQ4LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTctODA5YTJkN2ZmMzQ4
LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB7PPVPo3
A0FxYYK5imgrD4A6PHs0A5qj3EOUKonS9egI4ae+o4gIqhDS6JmH1U5BPoMXGhoA
szJ1V5o/BElCSJ+iBr0a4a7fMI5xs1wniqu3Yh6Y6wzLcVBzZ4+u9fjYlm8PvcrM
ej/oprrSdnAprRHmLemrki9iZw95Hann55jLlbvBUGry3Yv9Ow2QLWAAWsB2Scqu
LdQEDI1Z3MUaD0slgVF7xnNPviLTPXKvyQ5OQhP+WmCVZynodgGWoqfH+pwMR0HF
YS4M8rg38tnEgmmz4X6tE4bXhkwknlfagZ4I0G0yg0l/3/E2HygchlHidiinHMBj
1QsNaCLcTl/vcQ==
-----END CERTIFICATE-----