Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          l5uNwFI6NHE9Zc39nZt4/D3qgbY+wGgxDcmaR+VO+ow=
Subject key identifier:   B7:20:17:B3:14:38:94:84:0B:88:9C:26:2F:41:86:13:08:87:B7:15
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       019A7112A15C3B1106D24429D0A5998F6CFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0B2E
Signing time:             Tue 11 Nov 2025 04:00:37 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:37 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:37 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: 4hPRa6evqdigqfPx3ckERKJox6Ux8NEh+eR9Kt4d7lQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:a1:5c:3b:11:06:d2:44:29:d0:a5:99:8f:6c:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Nov 11 04:00:37 2025 GMT
            Not After : Nov 12 04:00:37 2025 GMT
        Subject: CN=b72017b3143894840b889c262f4186130887b715
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:c2:81:b1:52:2f:27:cc:21:ce:c1:a7:e0:23:
                    66:7e:58:a7:a3:bd:3f:cc:79:cf:2b:93:26:51:33:
                    21:8d:f4:dd:12:8e:d4:2b:75:b1:d6:77:88:2f:87:
                    42:69:00:b0:69:d5:82:f2:ff:aa:46:0e:58:11:c8:
                    c8:19:57:7b:82:a3:d3:00:72:dd:7f:95:2e:42:66:
                    09:b6:2c:15:f0:08:5a:0d:a9:9e:6b:76:8f:7b:c8:
                    79:94:36:d3:86:e6:7a:3f:6c:f1:c2:be:9b:5e:b2:
                    5c:db:ff:17:cd:e4:67:32:50:fd:50:d7:33:4b:92:
                    08:66:ae:12:03:31:c7:bb:be:52:41:c0:9e:43:c3:
                    f1:cf:1b:83:ce:b9:f7:b2:14:b4:45:df:d8:eb:3d:
                    80:8a:c7:98:64:5c:13:ac:b3:83:68:cc:0c:05:9c:
                    13:64:44:f6:5c:cb:0d:35:bc:55:42:c6:cc:de:7a:
                    fd:ae:9c:91:a1:af:df:e0:ed:a4:55:c6:45:b2:eb:
                    d3:87:5e:e9:42:f4:d5:86:76:59:23:a9:f2:2a:05:
                    1d:ed:91:f2:d8:d3:54:af:89:59:c5:b4:d2:11:f6:
                    e0:4a:c6:aa:ed:0c:05:75:10:3d:a5:e6:0a:47:14:
                    95:ae:e5:64:4a:66:32:21:69:a7:02:98:23:0d:94:
                    9e:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:20:17:B3:14:38:94:84:0B:88:9C:26:2F:41:86:13:08:87:B7:15
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:f8:55:00:c7:46:0a:c1:90:54:1d:96:12:63:b5:40:4a:23:
         f3:46:77:92:a3:be:19:5b:69:41:b5:b4:6c:48:10:f9:4a:ad:
         9c:a2:3b:f5:bd:39:a0:ac:53:c4:1f:86:20:2d:c7:36:ae:51:
         73:a5:7b:66:82:a2:05:fd:77:ab:7a:13:74:84:62:dd:ca:05:
         b0:50:0c:30:32:1e:d5:ac:8c:10:3e:29:b4:fa:6f:61:7d:b0:
         53:1b:cb:67:35:1a:47:cb:2a:c9:9f:9e:75:30:57:08:df:d0:
         b5:4e:b5:18:b7:c4:c8:e0:13:00:38:e4:11:2f:e5:bb:e0:19:
         14:0e:48:d1:18:0a:30:75:59:56:eb:cd:e6:37:bc:e0:50:a0:
         89:ae:26:e4:90:72:d4:84:84:77:fc:2c:5a:2d:45:b5:57:ab:
         94:41:25:5e:5b:99:0c:3a:be:bd:ed:97:53:6b:99:63:4d:b6:
         ca:ef:ed:4b:79:b7:18:78:2e:c7:88:e6:9c:7e:81:13:2c:9d:
         1f:50:70:ba:40:30:d8:c6:4f:09:39:01:3d:29:94:c8:8e:83:
         64:d2:24:ab:d9:fc:a1:2e:9c:6b:a5:dd:a8:16:11:3a:1a:90:
         b6:4a:2e:f6:d4:f0:8a:7b:b1:f2:1a:f1:0d:01:22:95:3f:97:
         09:c4:b6:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEqFcOxEG0kQp0KWZj2z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjUxMTExMDQwMDM3WhcNMjUxMTEyMDQwMDM3WjAzMTEwLwYDVQQD
EyhiNzIwMTdiMzE0Mzg5NDg0MGI4ODljMjYyZjQxODYxMzA4ODdiNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28KBsVIvJ8whzsGn4CNmflino70/
zHnPK5MmUTMhjfTdEo7UK3Wx1neIL4dCaQCwadWC8v+qRg5YEcjIGVd7gqPTAHLd
f5UuQmYJtiwV8AhaDamea3aPe8h5lDbThuZ6P2zxwr6bXrJc2/8XzeRnMlD9UNcz
S5IIZq4SAzHHu75SQcCeQ8PxzxuDzrn3shS0Rd/Y6z2AiseYZFwTrLODaMwMBZwT
ZET2XMsNNbxVQsbM3nr9rpyRoa/f4O2kVcZFsuvTh17pQvTVhnZZI6nyKgUd7ZHy
2NNUr4lZxbTSEfbgSsaq7QwFdRA9peYKRxSVruVkSmYyIWmnApgjDZSefwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcgF7MUOJSEC4icJi9BhhMIh7cVMB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMvhVAMdG
CsGQVB2WEmO1QEoj80Z3kqO+GVtpQbW0bEgQ+UqtnKI79b05oKxTxB+GIC3HNq5R
c6V7ZoKiBf13q3oTdIRi3coFsFAMMDIe1ayMED4ptPpvYX2wUxvLZzUaR8sqyZ+e
dTBXCN/QtU61GLfEyOATADjkES/lu+AZFA5I0RgKMHVZVuvN5je84FCgia4m5JBy
1ISEd/wsWi1FtVerlEElXluZDDq+ve2XU2uZY022yu/tS3m3GHgux4jmnH6BEyyd
H1BwukAw2MZPCTkBPSmUyI6DZNIkq9n8oS6ca6XdqBYROhqQtkou9tTwinux8hrx
DQEilT+XCcS2ag==
-----END CERTIFICATE-----