Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
File:                     OneLgrqpeIoayvLsNothmB71HfI.mft (raw, json)
Hash identifier:          w2atpS5q+UjSzYVjNmIHYezdVmkMfpBEd+k2tX1d5Tk=
Subject key identifier:   9C:A0:3F:77:A0:38:72:62:37:32:56:DB:CE:4A:27:A7:9C:A7:65:94
Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
Certificate issuer:       /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Certificate serial:       019A725C6D2C15FEBB348D0FD23F14737ABA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
Manifest number:          1725
Signing time:             Tue 11 Nov 2025 10:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:51 +0000
Files and hashes:         1: OneLgrqpeIoayvLsNothmB71HfI.crl (hash: 6+7MgRVYKOcf0hqVp1hmtkv/vUcuvzjIW8/8sa/RdhQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:6d:2c:15:fe:bb:34:8d:0f:d2:3f:14:73:7a:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
        Validity
            Not Before: Nov 11 10:00:51 2025 GMT
            Not After : Nov 12 10:00:51 2025 GMT
        Subject: CN=9ca03f77a0387262373256dbce4a27a79ca76594
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:e7:02:4c:58:d7:b4:9b:3f:fb:61:2c:ac:39:
                    6a:61:4b:d4:93:94:d3:3a:5c:6e:ec:45:14:53:a7:
                    65:d7:7e:de:75:43:ce:40:ee:35:7f:1f:54:3d:2b:
                    50:30:d2:70:21:d9:95:ed:3d:c8:b0:f7:3a:ac:f7:
                    64:59:b7:85:1d:ef:fa:a0:64:ba:b0:9d:52:78:89:
                    f4:49:43:d5:3c:f9:0b:b2:82:97:ac:6e:49:a0:dd:
                    c0:de:81:71:dd:3e:41:fc:3e:af:85:5b:6e:51:51:
                    b8:e4:fa:22:34:ee:1b:4c:19:e3:4a:ce:d7:03:1d:
                    35:9a:64:35:93:f7:57:00:29:28:da:1c:cb:97:69:
                    8c:9e:6b:0e:9c:b3:42:9d:c1:df:66:ae:01:b9:16:
                    c0:35:12:19:40:84:72:76:54:02:a0:ec:18:07:7b:
                    6f:56:13:d1:f3:1b:61:66:25:e3:e6:43:44:43:60:
                    b4:7c:14:30:2e:e8:7f:cd:13:37:a6:20:83:cf:6c:
                    83:48:de:37:80:7c:b5:5d:71:08:ee:4a:2b:49:55:
                    b4:f2:9a:20:ac:d0:62:b2:9c:b7:09:61:d7:ca:7f:
                    3d:3d:28:b0:b5:26:2b:f8:32:d5:1b:51:e4:77:9c:
                    8f:9f:ca:48:69:a9:07:82:48:96:fb:ca:7d:25:c8:
                    0f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:A0:3F:77:A0:38:72:62:37:32:56:DB:CE:4A:27:A7:9C:A7:65:94
            X509v3 Authority Key Identifier:
                keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:70:d2:a1:2c:0b:75:de:98:b2:4a:ae:04:31:25:23:8e:0e:
         a8:41:de:dc:33:e0:c4:58:13:78:91:31:7b:46:17:93:81:bd:
         cc:25:15:80:83:09:3c:e5:96:fe:b0:a0:dc:fe:a5:37:b8:51:
         89:86:c8:13:e9:fa:98:c0:61:70:e0:95:31:15:a8:d5:69:94:
         d1:67:2b:76:b9:8f:f8:d9:0d:79:92:3b:6f:cd:aa:44:a8:1e:
         41:e5:08:07:6d:b6:5d:ad:08:a3:51:4e:70:0b:d9:a6:dc:66:
         40:ec:e2:80:0b:ae:e7:88:66:99:74:e5:e5:f9:bc:31:fe:cd:
         12:e6:3e:24:cd:d6:e6:9a:2e:49:2b:a3:2d:aa:66:6f:6a:0e:
         ce:31:87:d4:7b:04:b8:16:2f:24:8d:f6:e6:a9:80:b2:b3:3e:
         6c:fc:b3:9f:e5:a0:20:04:ba:ad:71:c0:e1:6e:c8:f1:e8:cd:
         c9:ec:4f:cb:48:d8:dc:7d:25:93:56:2d:26:d6:d5:45:eb:0c:
         25:f5:3c:97:69:9d:33:b4:6c:d2:9e:20:92:02:b2:0e:8c:4b:
         a4:a5:09:58:d2:52:75:07:9a:e5:11:5c:60:92:73:de:98:1d:
         d2:89:0e:a7:09:34:b3:4d:61:e8:b4:ba:bd:29:da:34:f5:a6:
         0e:c0:bc:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXG0sFf67NI0P0j8Uc3q6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm
NTFkZjIwHhcNMjUxMTExMTAwMDUxWhcNMjUxMTEyMTAwMDUxWjAzMTEwLwYDVQQD
Eyg5Y2EwM2Y3N2EwMzg3MjYyMzczMjU2ZGJjZTRhMjdhNzljYTc2NTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+cCTFjXtJs/+2EsrDlqYUvUk5TT
Olxu7EUUU6dl137edUPOQO41fx9UPStQMNJwIdmV7T3IsPc6rPdkWbeFHe/6oGS6
sJ1SeIn0SUPVPPkLsoKXrG5JoN3A3oFx3T5B/D6vhVtuUVG45PoiNO4bTBnjSs7X
Ax01mmQ1k/dXACko2hzLl2mMnmsOnLNCncHfZq4BuRbANRIZQIRydlQCoOwYB3tv
VhPR8xthZiXj5kNEQ2C0fBQwLuh/zRM3piCDz2yDSN43gHy1XXEI7korSVW08pog
rNBispy3CWHXyn89PSiwtSYr+DLVG1Hkd5yPn8pIaakHgkiW+8p9JcgPnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJygP3egOHJiNzJW285KJ6ecp2WUMB8GA1UdIwQY
MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct
MThkMzNiZWI3YzMxLzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx
LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv3DSoSwL
dd6YskquBDElI44OqEHe3DPgxFgTeJExe0YXk4G9zCUVgIMJPOWW/rCg3P6lN7hR
iYbIE+n6mMBhcOCVMRWo1WmU0WcrdrmP+NkNeZI7b82qRKgeQeUIB222Xa0Io1FO
cAvZptxmQOzigAuu54hmmXTl5fm8Mf7NEuY+JM3W5pouSSujLapmb2oOzjGH1HsE
uBYvJI325qmAsrM+bPyzn+WgIAS6rXHA4W7I8ejNyexPy0jY3H0lk1YtJtbVResM
JfU8l2mdM7Rs0p4gkgKyDoxLpKUJWNJSdQea5RFcYJJz3pgd0okOpwk0s01h6LS6
vSnaNPWmDsC80w==
-----END CERTIFICATE-----