Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
File:                     OXy939eSBtZcTugWjq9ucJAg-V0.mft (raw, json)
Hash identifier:          lCPPHUUvayI2O0IGV3r0Pk/OJydpX43bff9rYqpn69E=
Subject key identifier:   C9:CD:AC:99:08:F1:C4:39:EC:9D:77:59:07:0F:04:34:18:22:F1:6E
Authority key identifier: 39:7C:BD:DF:D7:92:06:D6:5C:4E:E8:16:8E:AF:6E:70:90:20:F9:5D
Certificate issuer:       /CN=397cbddfd79206d65c4ee8168eaf6e709020f95d
Certificate serial:       019A71B87766EF284E6F0FBAE23FA16F251F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
Manifest number:          0ADE
Signing time:             Tue 11 Nov 2025 07:01:45 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:45 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:45 +0000
Files and hashes:         1: OXy939eSBtZcTugWjq9ucJAg-V0.crl (hash: foDqGud7IqQOuAtvqO8tWOIwAqqTG8xwBXDfE0GgdXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:77:66:ef:28:4e:6f:0f:ba:e2:3f:a1:6f:25:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397cbddfd79206d65c4ee8168eaf6e709020f95d
        Validity
            Not Before: Nov 11 07:01:45 2025 GMT
            Not After : Nov 12 07:01:45 2025 GMT
        Subject: CN=c9cdac9908f1c439ec9d7759070f04341822f16e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:62:9b:56:bd:18:c1:aa:6c:9a:5b:e7:16:b2:
                    cc:b1:cb:05:92:e3:42:c4:19:11:70:3a:17:c4:d5:
                    4d:df:a9:1c:57:37:57:f3:81:88:72:2a:a8:a5:3d:
                    35:b0:36:35:86:4a:9d:b7:15:4b:07:e7:4f:81:57:
                    fa:54:76:e7:96:17:ff:5e:1e:b7:6c:6a:29:c4:97:
                    82:8e:c5:37:3e:e2:fa:0f:a6:29:f6:86:c8:b3:2c:
                    2a:b7:c8:5e:6f:dd:cc:5b:52:51:2b:0b:4b:ec:14:
                    fb:56:06:2d:01:56:78:b3:0b:45:4e:18:c5:0d:e9:
                    cd:af:64:66:96:ca:42:3c:0c:cf:a0:64:dd:c8:09:
                    f2:b6:01:6b:04:fd:cb:29:d0:9d:ca:87:75:bb:f5:
                    d9:a9:36:e3:dd:02:5b:e0:e1:1d:3d:40:8b:50:fd:
                    ea:b5:17:02:75:b3:bc:2c:f7:36:f7:75:70:71:9f:
                    9a:1e:03:07:43:90:c7:96:31:c5:6b:84:ce:9f:47:
                    83:32:f7:36:a3:4e:d6:aa:95:d8:f1:dd:7f:4d:42:
                    96:5e:a5:2c:f7:2e:92:1f:79:00:7b:42:ee:6d:1d:
                    41:12:72:2e:61:60:4d:d6:ff:28:dc:e3:76:a0:da:
                    f7:94:26:8e:d0:fd:0b:e0:20:f2:9d:60:d7:6b:26:
                    d6:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:CD:AC:99:08:F1:C4:39:EC:9D:77:59:07:0F:04:34:18:22:F1:6E
            X509v3 Authority Key Identifier:
                keyid:39:7C:BD:DF:D7:92:06:D6:5C:4E:E8:16:8E:AF:6E:70:90:20:F9:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:dd:75:4b:c6:4d:69:0c:8e:75:90:4e:87:32:fa:e7:cf:b8:
         ea:52:48:68:b6:e2:77:5f:b8:db:3b:f9:ff:46:b0:1e:dc:3a:
         0c:54:37:09:09:6b:cb:26:d4:6d:15:52:01:2d:1a:a7:1a:a6:
         80:7a:c4:2c:13:52:f3:03:15:67:13:00:0f:9a:ce:fa:49:9f:
         4e:6a:8a:f6:f4:aa:6e:6a:80:ee:94:c7:ef:f5:0c:e3:e2:6f:
         d5:da:89:45:6b:bc:50:25:4a:5b:0c:f3:a2:de:38:60:b9:5e:
         3e:37:04:91:5e:d6:44:46:bd:8c:bb:83:4b:eb:37:23:59:0e:
         db:95:36:7f:b5:84:5e:ac:ed:b3:5d:4c:42:c9:7e:90:7b:dc:
         78:dc:f0:c7:84:a2:f4:38:0c:97:fe:d3:4e:28:53:e1:c3:8c:
         28:f3:16:a1:2a:e9:6c:76:5b:69:35:3a:56:ae:16:77:ce:68:
         d0:17:2d:f0:45:13:69:70:99:d7:0a:63:69:02:02:a3:fc:96:
         2b:c6:4f:a9:a2:57:6c:31:68:17:1c:61:fa:d6:01:84:e2:fb:
         2e:d9:d2:c8:5a:13:e3:05:5e:f3:b5:99:3c:f9:c8:b8:f5:6b:
         ae:5a:3a:74:f7:94:4c:a6:85:92:f5:d8:62:0e:d4:ea:68:7e:
         92:ac:6b:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHdm7yhObw+64j+hbyUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2NiZGRmZDc5MjA2ZDY1YzRlZTgxNjhlYWY2ZTcwOTAy
MGY5NWQwHhcNMjUxMTExMDcwMTQ1WhcNMjUxMTEyMDcwMTQ1WjAzMTEwLwYDVQQD
EyhjOWNkYWM5OTA4ZjFjNDM5ZWM5ZDc3NTkwNzBmMDQzNDE4MjJmMTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWKbVr0YwapsmlvnFrLMscsFkuNC
xBkRcDoXxNVN36kcVzdX84GIciqopT01sDY1hkqdtxVLB+dPgVf6VHbnlhf/Xh63
bGopxJeCjsU3PuL6D6Yp9obIsywqt8heb93MW1JRKwtL7BT7VgYtAVZ4swtFThjF
DenNr2RmlspCPAzPoGTdyAnytgFrBP3LKdCdyod1u/XZqTbj3QJb4OEdPUCLUP3q
tRcCdbO8LPc293VwcZ+aHgMHQ5DHljHFa4TOn0eDMvc2o07WqpXY8d1/TUKWXqUs
9y6SH3kAe0LubR1BEnIuYWBN1v8o3ON2oNr3lCaO0P0L4CDynWDXaybWvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnNrJkI8cQ57J13WQcPBDQYIvFuMB8GA1UdIwQY
MBaAFDl8vd/XkgbWXE7oFo6vbnCQIPldMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9kN2E0ZDUtNTE0NC00ZTE4LTg4N2Mt
YTZiMGZkZTIxOTA2LzEvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9kN2E0ZDUtNTE0NC00ZTE4LTg4N2MtYTZiMGZkZTIxOTA2
LzEvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAt11S8ZN
aQyOdZBOhzL658+46lJIaLbid1+42zv5/0awHtw6DFQ3CQlryybUbRVSAS0apxqm
gHrELBNS8wMVZxMAD5rO+kmfTmqK9vSqbmqA7pTH7/UM4+Jv1dqJRWu8UCVKWwzz
ot44YLlePjcEkV7WREa9jLuDS+s3I1kO25U2f7WEXqzts11MQsl+kHvceNzwx4Si
9DgMl/7TTihT4cOMKPMWoSrpbHZbaTU6Vq4Wd85o0Bct8EUTaXCZ1wpjaQICo/yW
K8ZPqaJXbDFoFxxh+tYBhOL7LtnSyFoT4wVe87WZPPnIuPVrrlo6dPeUTKaFkvXY
Yg7U6mh+kqxrkA==
-----END CERTIFICATE-----