Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          cxFN1uQsi6VXuWBUnxWo8qzcBPjTzetoYilDXtj3Rr8=
Subject key identifier:   EE:5C:2C:3E:51:6C:1E:35:C6:2F:EA:AB:ED:CE:C3:9C:23:97:C3:FF
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       019A70DBF54C2C5353F35923506A805E406B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          03F0
Signing time:             Tue 11 Nov 2025 03:00:54 +0000
Manifest this update:     Tue 11 Nov 2025 03:00:54 +0000
Manifest next update:     Wed 12 Nov 2025 03:00:54 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: /2/dWYCU+aNQ5oAhADFH3wOx8S/P1m03zXe9Mc9ywDE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:db:f5:4c:2c:53:53:f3:59:23:50:6a:80:5e:40:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Nov 11 03:00:54 2025 GMT
            Not After : Nov 12 03:00:54 2025 GMT
        Subject: CN=ee5c2c3e516c1e35c62feaabedcec39c2397c3ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e9:53:30:fd:29:81:8f:3e:0a:0f:2b:60:d3:
                    ef:f2:a1:69:2a:0b:d8:38:8c:78:17:98:0f:d8:3a:
                    41:1f:76:36:2b:14:ba:88:79:48:5f:de:25:0a:86:
                    4f:30:57:d9:19:1d:e6:66:e9:56:e5:ed:aa:60:96:
                    ef:cd:95:d7:1d:da:b7:68:36:8f:e3:4c:1e:4b:0f:
                    f0:39:af:08:25:a1:94:68:b2:cf:16:d9:54:47:e6:
                    3b:7e:d7:ff:ab:9f:15:01:7a:f5:c2:f6:07:7c:66:
                    fb:66:b8:40:d9:f6:be:86:76:e5:72:97:e3:41:99:
                    39:b7:32:3f:f8:a1:c4:aa:47:92:be:bb:4b:c3:89:
                    5a:f5:95:97:47:ec:b2:c8:e4:ed:c6:7a:f9:73:39:
                    bc:e4:e4:56:4c:c2:31:d1:04:38:f9:12:8a:96:cd:
                    99:39:e8:20:b8:f6:ed:a6:8c:bb:68:5d:27:10:51:
                    0a:1e:99:0b:18:92:b1:04:5f:ea:07:e7:48:4a:db:
                    8b:d6:36:0b:93:c0:92:a4:75:81:21:e2:d1:ca:1a:
                    33:88:4b:c1:24:7a:3e:63:8f:7a:1a:7f:a8:5c:47:
                    ea:1a:5e:96:f5:dd:f7:c0:48:b0:a5:ff:61:71:70:
                    96:e1:94:ca:c1:76:cc:01:7a:5b:99:cb:26:8a:b4:
                    3f:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:5C:2C:3E:51:6C:1E:35:C6:2F:EA:AB:ED:CE:C3:9C:23:97:C3:FF
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:fb:17:18:b0:27:f5:8e:b8:9f:8c:37:d7:57:a4:9e:c8:7c:
         3d:26:06:fd:82:89:f1:c3:29:ae:b5:16:7e:1c:e9:5d:72:1c:
         ee:85:fa:00:9c:a4:e5:ad:cb:d4:09:59:b8:7d:c3:93:a9:e0:
         53:30:a0:fe:1d:42:3f:16:1e:1c:a0:13:bb:19:75:ad:60:62:
         16:aa:4a:ab:08:4a:2d:f5:94:07:36:30:1d:5c:07:c0:cb:61:
         d8:d3:55:b3:62:57:84:df:ec:2c:0a:fb:d8:90:98:f0:14:43:
         57:8e:e6:39:9c:42:6d:b7:a4:38:a1:ef:28:49:d6:33:14:e6:
         e8:d6:8c:0d:89:d9:d5:f0:0c:2f:64:06:7e:da:9a:a8:62:91:
         67:1c:fa:5a:fe:3f:8f:47:94:d9:bc:9d:0d:4a:ab:6f:d9:05:
         45:1f:82:cc:dd:24:50:c8:fb:08:0b:db:1b:61:62:08:06:5f:
         ce:f0:e1:7c:62:3c:69:d3:6e:66:a8:62:75:87:22:6d:ef:60:
         60:6b:49:1d:28:47:00:d6:5e:86:b0:b2:67:4d:08:fe:c2:cc:
         6e:82:f2:ba:4b:c6:30:b3:dc:10:ad:58:16:23:41:b9:dc:26:
         f6:a8:f1:ca:cb:c8:c8:24:65:26:ca:6e:d1:e8:7a:db:cb:4a:
         b3:78:cf:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2/VMLFNT81kjUGqAXkBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjUxMTExMDMwMDU0WhcNMjUxMTEyMDMwMDU0WjAzMTEwLwYDVQQD
EyhlZTVjMmMzZTUxNmMxZTM1YzYyZmVhYWJlZGNlYzM5YzIzOTdjM2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlelTMP0pgY8+Cg8rYNPv8qFpKgvY
OIx4F5gP2DpBH3Y2KxS6iHlIX94lCoZPMFfZGR3mZulW5e2qYJbvzZXXHdq3aDaP
40weSw/wOa8IJaGUaLLPFtlUR+Y7ftf/q58VAXr1wvYHfGb7ZrhA2fa+hnblcpfj
QZk5tzI/+KHEqkeSvrtLw4la9ZWXR+yyyOTtxnr5czm85ORWTMIx0QQ4+RKKls2Z
OegguPbtpoy7aF0nEFEKHpkLGJKxBF/qB+dIStuL1jYLk8CSpHWBIeLRyhoziEvB
JHo+Y496Gn+oXEfqGl6W9d33wEiwpf9hcXCW4ZTKwXbMAXpbmcsmirQ/3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5cLD5RbB41xi/qq+3Ow5wjl8P/MB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlPsXGLAn
9Y64n4w311eknsh8PSYG/YKJ8cMprrUWfhzpXXIc7oX6AJyk5a3L1AlZuH3Dk6ng
UzCg/h1CPxYeHKATuxl1rWBiFqpKqwhKLfWUBzYwHVwHwMth2NNVs2JXhN/sLAr7
2JCY8BRDV47mOZxCbbekOKHvKEnWMxTm6NaMDYnZ1fAML2QGftqaqGKRZxz6Wv4/
j0eU2bydDUqrb9kFRR+CzN0kUMj7CAvbG2FiCAZfzvDhfGI8adNuZqhidYcibe9g
YGtJHShHANZehrCyZ00I/sLMboLyukvGMLPcEK1YFiNBudwm9qjxysvIyCRlJspu
0eh628tKs3jPRQ==
-----END CERTIFICATE-----