Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
File:                     OWN43jPRC4yw-AhitkkaTenP_N8.mft (raw, json)
Hash identifier:          OzZ8D5og38he1tj+5E+nhEMAYtheuOkO326lGBrZxFc=
Subject key identifier:   79:B5:3C:42:32:A5:E1:7C:E8:CE:05:A5:A5:56:16:26:D1:3C:AD:41
Authority key identifier: 39:63:78:DE:33:D1:0B:8C:B0:F8:08:62:B6:49:1A:4D:E9:CF:FC:DF
Certificate issuer:       /CN=396378de33d10b8cb0f80862b6491a4de9cffcdf
Certificate serial:       019A70A4E56816D8A16E2205C114525AB306
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
Manifest number:          06A3
Signing time:             Tue 11 Nov 2025 02:00:46 +0000
Manifest this update:     Tue 11 Nov 2025 02:00:46 +0000
Manifest next update:     Wed 12 Nov 2025 02:00:46 +0000
Files and hashes:         1: OWN43jPRC4yw-AhitkkaTenP_N8.crl (hash: lCzCag/XQg6I89qs0iwp3eXBpqHnyeNPr2BZ+qvV67k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a4:e5:68:16:d8:a1:6e:22:05:c1:14:52:5a:b3:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=396378de33d10b8cb0f80862b6491a4de9cffcdf
        Validity
            Not Before: Nov 11 02:00:46 2025 GMT
            Not After : Nov 12 02:00:46 2025 GMT
        Subject: CN=79b53c4232a5e17ce8ce05a5a5561626d13cad41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:e8:a9:f9:41:d3:71:a2:2c:51:bc:dd:a7:56:
                    4a:dc:7c:3b:01:ef:2e:ca:93:cd:e1:18:3e:ed:1b:
                    9e:5f:c0:8a:8a:77:2d:83:c1:9a:26:df:7e:a4:9c:
                    cb:32:8e:bf:22:83:16:c6:98:58:a2:6d:9a:af:fd:
                    05:31:1f:b4:ba:6c:4c:f9:c1:38:00:43:48:3e:e5:
                    14:60:be:98:f8:b9:91:20:8b:94:5d:5f:5b:1d:37:
                    37:5b:59:68:cc:76:98:7f:98:2e:0e:80:ef:0d:fd:
                    61:d9:56:0c:71:e6:bc:21:98:be:77:9e:6f:da:14:
                    d2:83:b7:56:38:e4:1c:d4:68:93:9f:b4:40:5d:c0:
                    2b:63:6e:a4:82:81:25:68:9b:a6:4c:ae:de:5b:1d:
                    ea:ff:c7:55:82:18:9d:c8:28:3f:12:90:87:df:a7:
                    ed:5b:ea:c7:23:13:44:d7:f1:da:75:62:17:34:1d:
                    53:77:4f:53:9a:50:06:12:dc:72:08:aa:41:77:87:
                    f3:a1:d1:7d:52:92:b3:e7:9a:f4:ab:d7:17:c4:08:
                    04:4f:f1:86:87:f2:3a:27:fe:84:50:12:74:f1:92:
                    36:bc:74:56:32:34:bf:a5:00:35:b4:cd:50:0c:5a:
                    a3:c1:79:fa:90:6b:2c:cb:dd:4f:b6:46:68:c9:8b:
                    6c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:B5:3C:42:32:A5:E1:7C:E8:CE:05:A5:A5:56:16:26:D1:3C:AD:41
            X509v3 Authority Key Identifier:
                keyid:39:63:78:DE:33:D1:0B:8C:B0:F8:08:62:B6:49:1A:4D:E9:CF:FC:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:43:9e:ee:b9:30:9c:f2:31:fd:af:eb:2a:36:9f:09:7c:7b:
         c6:2c:41:46:96:bc:9d:52:85:0f:a7:a7:73:a0:6d:7d:91:fe:
         18:27:bc:9b:54:91:3c:4a:ba:5d:b1:91:35:d3:66:dc:e0:22:
         17:4d:04:be:94:64:2c:a2:43:0b:dc:c7:1e:88:97:e2:16:af:
         f9:68:ea:a8:67:8e:e8:30:84:37:12:f9:c3:cf:44:d8:47:9d:
         51:ca:34:f9:36:d0:9b:68:85:32:5b:a0:33:15:e5:61:7e:c1:
         1e:be:6b:88:15:5e:a5:24:25:a8:0a:5a:32:40:d2:ee:c6:dc:
         88:59:f4:f0:a1:7e:c2:23:88:cc:83:5e:30:7d:12:2d:15:49:
         de:83:fa:2f:db:49:21:ad:48:59:f3:18:8a:a9:f6:3a:07:36:
         2e:4e:9f:e7:1a:d2:a5:22:cb:ac:cc:d6:8d:de:50:c7:d3:e9:
         c3:74:01:27:27:29:2b:31:b3:f0:ca:b6:2b:da:ff:84:bb:d8:
         69:0a:d6:34:8b:ba:f1:5f:52:cd:7c:83:3e:64:8d:07:9b:c8:
         50:4a:d5:74:3e:94:03:d9:2e:1e:da:88:7f:77:57:31:27:54:
         9e:83:15:4b:b7:f0:25:9c:fc:5e:8a:1f:27:a3:89:1d:ac:ff:
         87:06:a6:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpOVoFtihbiIFwRRSWrMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NjM3OGRlMzNkMTBiOGNiMGY4MDg2MmI2NDkxYTRkZTlj
ZmZjZGYwHhcNMjUxMTExMDIwMDQ2WhcNMjUxMTEyMDIwMDQ2WjAzMTEwLwYDVQQD
Eyg3OWI1M2M0MjMyYTVlMTdjZThjZTA1YTVhNTU2MTYyNmQxM2NhZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuip+UHTcaIsUbzdp1ZK3Hw7Ae8u
ypPN4Rg+7RueX8CKinctg8GaJt9+pJzLMo6/IoMWxphYom2ar/0FMR+0umxM+cE4
AENIPuUUYL6Y+LmRIIuUXV9bHTc3W1lozHaYf5guDoDvDf1h2VYMcea8IZi+d55v
2hTSg7dWOOQc1GiTn7RAXcArY26kgoElaJumTK7eWx3q/8dVghidyCg/EpCH36ft
W+rHIxNE1/HadWIXNB1Td09TmlAGEtxyCKpBd4fzodF9UpKz55r0q9cXxAgET/GG
h/I6J/6EUBJ08ZI2vHRWMjS/pQA1tM1QDFqjwXn6kGssy91PtkZoyYtsXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHm1PEIypeF86M4FpaVWFibRPK1BMB8GA1UdIwQY
MBaAFDljeN4z0QuMsPgIYrZJGk3pz/zfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mNzU2Y2YtMDYyOC00ZjcyLWExMTct
YmJlMDczYmY2YTY0LzEvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mNzU2Y2YtMDYyOC00ZjcyLWExMTctYmJlMDczYmY2YTY0
LzEvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlUOe7rkw
nPIx/a/rKjafCXx7xixBRpa8nVKFD6enc6BtfZH+GCe8m1SRPEq6XbGRNdNm3OAi
F00EvpRkLKJDC9zHHoiX4hav+WjqqGeO6DCENxL5w89E2EedUco0+TbQm2iFMlug
MxXlYX7BHr5riBVepSQlqApaMkDS7sbciFn08KF+wiOIzINeMH0SLRVJ3oP6L9tJ
Ia1IWfMYiqn2Ogc2Lk6f5xrSpSLLrMzWjd5Qx9Ppw3QBJycpKzGz8Mq2K9r/hLvY
aQrWNIu68V9SzXyDPmSNB5vIUErVdD6UA9kuHtqIf3dXMSdUnoMVS7fwJZz8Xoof
J6OJHaz/hwam+Q==
-----END CERTIFICATE-----