Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
File:                     oUYsqczoyP_R-dfefH6QXG6JPPw.mft (raw, json)
Hash identifier:          /oIfjyC/o0+cjQzc8u5OfJqqEOsHsdWNvc59UzanNe0=
Subject key identifier:   D4:AC:07:84:16:13:D8:B7:B6:A3:B6:DE:6A:47:1E:91:96:84:59:79
Authority key identifier: A1:46:2C:A9:CC:E8:C8:FF:D1:F9:D7:DE:7C:7E:90:5C:6E:89:3C:FC
Certificate issuer:       /CN=a1462ca9cce8c8ffd1f9d7de7c7e905c6e893cfc
Certificate serial:       019A71B81F92CB528F57C8403DCA32D7EE3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:01:23 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:23 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:23 +0000
Files and hashes:         1: oUYsqczoyP_R-dfefH6QXG6JPPw.crl (hash: IjC9weHW4yCz9xZwUlkGslkxHmSiyc8oJDBhjJFjN+w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:1f:92:cb:52:8f:57:c8:40:3d:ca:32:d7:ee:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1462ca9cce8c8ffd1f9d7de7c7e905c6e893cfc
        Validity
            Not Before: Nov 11 07:01:23 2025 GMT
            Not After : Nov 12 07:01:23 2025 GMT
        Subject: CN=d4ac07841613d8b7b6a3b6de6a471e9196845979
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f5:ed:0d:34:4f:ee:19:25:f0:ef:58:f1:83:
                    d4:0a:27:47:92:25:4e:6f:4e:8c:2c:c7:63:f0:3f:
                    0d:c8:b6:1e:9a:6a:32:d5:e1:e4:f1:a1:48:9a:62:
                    9c:c4:f1:bb:cd:4c:9b:02:94:2c:38:5e:ca:2a:1b:
                    c5:6a:b4:ce:86:33:ea:ae:0f:c3:8f:96:fd:05:cd:
                    c1:27:fd:d5:74:a2:bf:70:fa:bc:9b:5a:65:6b:0d:
                    2a:ac:66:c8:d7:ac:b0:6a:e6:78:e5:92:08:6c:0d:
                    70:c3:32:56:eb:5c:43:9c:3a:8c:e1:ba:5c:36:7f:
                    b1:01:9b:57:c3:86:24:9e:a8:30:91:93:88:f0:92:
                    d2:69:8a:ae:cd:d9:37:ae:60:88:f4:7c:2f:41:ae:
                    75:51:e7:b5:26:3f:7e:56:6b:e2:cb:f4:20:f7:f2:
                    f9:a2:61:6f:da:89:bf:07:e6:77:ad:bc:ef:8f:45:
                    1c:a3:91:6f:63:f1:1e:60:50:ac:15:fd:12:f4:2f:
                    1e:fe:7b:d1:95:5c:8f:66:6e:1c:1b:4a:c8:d8:f1:
                    04:d6:55:70:f9:28:25:ee:50:80:89:3f:7a:3a:6b:
                    9b:8a:e3:61:87:1a:35:bd:cd:45:4d:7f:0f:d6:3e:
                    35:a8:93:34:6d:9b:c8:7a:c6:fb:6e:a6:c2:14:9c:
                    35:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:AC:07:84:16:13:D8:B7:B6:A3:B6:DE:6A:47:1E:91:96:84:59:79
            X509v3 Authority Key Identifier:
                keyid:A1:46:2C:A9:CC:E8:C8:FF:D1:F9:D7:DE:7C:7E:90:5C:6E:89:3C:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:bc:53:5b:0f:5f:3b:b4:45:02:50:1b:a6:f6:2b:2d:5b:76:
         d9:f2:7b:2b:e0:7a:bf:cb:16:6c:8e:2b:45:39:57:90:2c:bd:
         31:47:4f:7b:01:85:a2:d1:b9:13:5c:aa:9b:c9:19:e2:fd:db:
         2f:68:46:8e:18:5f:51:95:3e:9d:ef:bf:ad:d8:4a:e1:d7:28:
         a2:46:d1:64:2d:37:35:4b:5c:63:d9:cb:05:fc:68:ad:3e:81:
         b0:29:76:8d:36:16:2d:e6:dd:73:b5:49:37:0f:87:e6:96:81:
         d5:41:5f:2d:5f:96:b4:13:35:2f:d3:77:e3:ce:2e:da:1d:11:
         69:bb:71:a4:82:1d:1a:2e:e9:98:1f:09:b0:db:b5:a4:dc:d2:
         cb:44:2b:7f:4d:50:7f:7f:0b:87:fd:13:34:70:3e:62:cb:ee:
         68:6c:bc:a5:5b:1a:bf:56:e2:e7:e3:fd:c8:a1:78:38:49:b0:
         0d:81:e3:18:ad:f1:96:3f:0e:55:69:9f:5c:42:d3:fd:da:6b:
         e6:e8:c9:d8:f8:07:fb:a7:b2:b9:d9:6b:f2:8c:4e:80:f9:3d:
         64:45:6a:b2:e2:f9:2d:a2:17:ca:69:69:8e:9c:7c:b4:2f:05:
         32:f3:e7:99:a2:2b:ab:fa:68:36:56:a4:76:54:20:c0:09:7d:
         9c:71:39:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuB+Sy1KPV8hAPcoy1+4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDYyY2E5Y2NlOGM4ZmZkMWY5ZDdkZTdjN2U5MDVjNmU4
OTNjZmMwHhcNMjUxMTExMDcwMTIzWhcNMjUxMTEyMDcwMTIzWjAzMTEwLwYDVQQD
EyhkNGFjMDc4NDE2MTNkOGI3YjZhM2I2ZGU2YTQ3MWU5MTk2ODQ1OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvXtDTRP7hkl8O9Y8YPUCidHkiVO
b06MLMdj8D8NyLYemmoy1eHk8aFImmKcxPG7zUybApQsOF7KKhvFarTOhjPqrg/D
j5b9Bc3BJ/3VdKK/cPq8m1plaw0qrGbI16ywauZ45ZIIbA1wwzJW61xDnDqM4bpc
Nn+xAZtXw4YknqgwkZOI8JLSaYquzdk3rmCI9HwvQa51Uee1Jj9+Vmviy/Qg9/L5
omFv2om/B+Z3rbzvj0Uco5FvY/EeYFCsFf0S9C8e/nvRlVyPZm4cG0rI2PEE1lVw
+Sgl7lCAiT96OmubiuNhhxo1vc1FTX8P1j41qJM0bZvIesb7bqbCFJw1GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSsB4QWE9i3tqO23mpHHpGWhFl5MB8GA1UdIwQY
MBaAFKFGLKnM6Mj/0fnX3nx+kFxuiTz8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS83OTcxZWQtNTg0Mi00ZTViLWI4Mjgt
MjcyY2M5MmNjNjBiLzEvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS83OTcxZWQtNTg0Mi00ZTViLWI4MjgtMjcyY2M5MmNjNjBi
LzEvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANrxTWw9f
O7RFAlAbpvYrLVt22fJ7K+B6v8sWbI4rRTlXkCy9MUdPewGFotG5E1yqm8kZ4v3b
L2hGjhhfUZU+ne+/rdhK4dcookbRZC03NUtcY9nLBfxorT6BsCl2jTYWLebdc7VJ
Nw+H5paB1UFfLV+WtBM1L9N3484u2h0RabtxpIIdGi7pmB8JsNu1pNzSy0Qrf01Q
f38Lh/0TNHA+YsvuaGy8pVsav1bi5+P9yKF4OEmwDYHjGK3xlj8OVWmfXELT/dpr
5ujJ2PgH+6eyudlr8oxOgPk9ZEVqsuL5LaIXymlpjpx8tC8FMvPnmaIrq/poNlak
dlQgwAl9nHE52w==
-----END CERTIFICATE-----