Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          MaBhnLJHraxTVvYarnKO4yL/mi+jG0ui3M9wZbljlC4=
Subject key identifier:   3C:C3:2B:86:71:AE:56:F8:DB:A9:4C:92:21:45:79:3C:A4:DA:C2:A3
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       019A72257F746FA4370ABE42269CC6A6D2D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          146A
Signing time:             Tue 11 Nov 2025 09:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:51 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: CrCs2GW2+H+h5vDRvA7NvbtVK8u91VECUOEWa/5gr74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:7f:74:6f:a4:37:0a:be:42:26:9c:c6:a6:d2:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Nov 11 09:00:51 2025 GMT
            Not After : Nov 12 09:00:51 2025 GMT
        Subject: CN=3cc32b8671ae56f8dba94c922145793ca4dac2a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:be:28:4d:32:00:58:01:06:37:47:e9:99:22:
                    41:3c:60:bc:55:74:99:8d:b9:dd:5f:7a:ee:f8:b5:
                    26:48:07:ff:8f:18:c0:5a:38:7e:da:9a:c2:ba:cb:
                    cc:5b:11:4e:da:d6:ca:bb:4a:35:1f:73:17:18:22:
                    6c:66:cf:45:34:66:45:d7:ae:d2:60:bf:f1:12:38:
                    25:2b:05:f5:56:ae:8a:84:9c:3f:4b:a0:84:1c:84:
                    75:df:1a:3b:0c:a5:e4:51:14:e5:c2:68:08:d3:d6:
                    d9:1e:44:91:61:f6:5b:7a:89:64:fd:ab:ba:3f:9a:
                    5c:ef:4c:40:ba:d6:b9:3c:63:93:11:6e:aa:9b:46:
                    86:96:78:c8:b9:d8:2d:1f:25:5d:de:7a:ad:2e:01:
                    cc:5d:b9:c6:1f:2f:a5:8d:e5:14:7c:33:bd:80:37:
                    9f:92:6c:72:8e:94:66:f0:34:7c:a7:11:d4:f2:8b:
                    0b:ab:6f:9e:e7:27:07:5c:8b:f5:7e:4d:2d:6e:13:
                    09:b0:7b:45:77:6c:dc:61:2a:8c:bf:fc:05:5c:0a:
                    ba:3c:82:2e:9e:12:73:d3:44:cc:b2:b1:e2:b8:9e:
                    82:8c:40:c8:81:05:e0:0c:c4:ac:da:af:a8:32:21:
                    e7:42:fa:ac:1a:80:85:e8:fd:19:5c:31:4e:b0:e0:
                    fd:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:C3:2B:86:71:AE:56:F8:DB:A9:4C:92:21:45:79:3C:A4:DA:C2:A3
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:82:73:83:ad:4b:99:62:38:af:47:96:1d:7e:5d:b7:fa:ce:
         ef:fc:62:6d:2f:7e:a8:94:c3:4c:17:41:64:24:17:37:ec:dc:
         8f:15:71:7a:3e:60:43:e8:7e:04:c0:9d:82:a6:25:95:7c:57:
         4a:09:2e:86:fb:89:47:28:60:ac:fd:ef:58:d2:d6:48:13:21:
         b7:9b:a6:69:26:47:6e:ad:dc:87:64:12:fe:bc:d0:4c:22:2e:
         00:1a:72:b3:e1:cd:2b:e9:19:c1:c9:93:e6:8c:c7:f3:85:a8:
         e1:79:83:5a:d7:2d:f0:a4:ef:d3:e9:05:d5:4e:f6:85:1a:94:
         1c:57:e6:84:ec:20:14:9e:ba:03:bb:2a:8d:12:31:ee:d8:f5:
         e0:48:8f:af:16:4f:e6:80:c2:e1:83:52:99:f6:a0:9b:d3:cc:
         1f:c0:cb:fa:45:3a:74:79:95:e0:16:32:26:58:cc:76:5d:17:
         66:af:50:60:34:63:d2:95:ee:86:bf:61:a8:c0:4c:c2:2f:92:
         c1:85:02:94:74:09:1e:72:f4:10:c6:a7:11:f5:21:b3:62:b2:
         48:53:b3:9b:e4:a8:85:9d:07:6a:15:1f:be:e0:c3:90:52:ff:
         0c:fd:c3:72:cf:69:b9:80:71:f4:f3:91:36:dc:53:80:fd:68:
         25:e5:6d:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJX90b6Q3Cr5CJpzGptLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjUxMTExMDkwMDUxWhcNMjUxMTEyMDkwMDUxWjAzMTEwLwYDVQQD
EygzY2MzMmI4NjcxYWU1NmY4ZGJhOTRjOTIyMTQ1NzkzY2E0ZGFjMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr74oTTIAWAEGN0fpmSJBPGC8VXSZ
jbndX3ru+LUmSAf/jxjAWjh+2prCusvMWxFO2tbKu0o1H3MXGCJsZs9FNGZF167S
YL/xEjglKwX1Vq6KhJw/S6CEHIR13xo7DKXkURTlwmgI09bZHkSRYfZbeolk/au6
P5pc70xAuta5PGOTEW6qm0aGlnjIudgtHyVd3nqtLgHMXbnGHy+ljeUUfDO9gDef
kmxyjpRm8DR8pxHU8osLq2+e5ycHXIv1fk0tbhMJsHtFd2zcYSqMv/wFXAq6PIIu
nhJz00TMsrHiuJ6CjEDIgQXgDMSs2q+oMiHnQvqsGoCF6P0ZXDFOsOD9KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzDK4Zxrlb426lMkiFFeTyk2sKjMB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsIJzg61L
mWI4r0eWHX5dt/rO7/xibS9+qJTDTBdBZCQXN+zcjxVxej5gQ+h+BMCdgqYllXxX
SgkuhvuJRyhgrP3vWNLWSBMht5umaSZHbq3ch2QS/rzQTCIuABpys+HNK+kZwcmT
5ozH84Wo4XmDWtct8KTv0+kF1U72hRqUHFfmhOwgFJ66A7sqjRIx7tj14EiPrxZP
5oDC4YNSmfagm9PMH8DL+kU6dHmV4BYyJljMdl0XZq9QYDRj0pXuhr9hqMBMwi+S
wYUClHQJHnL0EManEfUhs2KySFOzm+SohZ0HahUfvuDDkFL/DP3Dcs9puYBx9POR
NtxTgP1oJeVtcw==
-----END CERTIFICATE-----