Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
File:                     OoLcXHHOpyxlsCahJnifOIZXC6Y.mft (raw, json)
Hash identifier:          i1rK2IVGiTWYJu9jfaF82TDWqaFGk/G8F/e1ex9O4kA=
Subject key identifier:   24:E9:97:4F:96:35:1E:90:67:85:1C:3E:0E:58:83:21:7F:28:BB:8C
Authority key identifier: 3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6
Certificate issuer:       /CN=3a82dc5c71cea72c65b026a126789f3886570ba6
Certificate serial:       019A71B8D50D06AD9C25F6DB7C907AFC53EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:02:09 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:09 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:09 +0000
Files and hashes:         1: OoLcXHHOpyxlsCahJnifOIZXC6Y.crl (hash: v7Q/YiyT5YEJLk7zEjlk/QbWbGJZv4KhfNKzpK//NZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d5:0d:06:ad:9c:25:f6:db:7c:90:7a:fc:53:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a82dc5c71cea72c65b026a126789f3886570ba6
        Validity
            Not Before: Nov 11 07:02:09 2025 GMT
            Not After : Nov 12 07:02:09 2025 GMT
        Subject: CN=24e9974f96351e9067851c3e0e5883217f28bb8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b6:1b:9c:96:19:56:fe:97:0f:5d:90:68:b6:
                    3e:ea:5b:36:ba:69:c9:65:7c:6e:bc:6a:e9:c2:67:
                    2d:b2:de:91:14:30:5d:87:bb:0a:19:88:94:65:eb:
                    eb:52:24:97:0d:40:21:fa:2f:45:34:ea:9e:99:af:
                    3e:d9:cc:f7:1f:6f:3d:0f:c8:e9:28:b0:5d:eb:49:
                    b2:af:80:0c:b1:e9:e5:91:d6:06:d4:04:48:f5:4d:
                    45:2f:0e:c3:77:06:31:da:8c:57:01:af:10:0f:b2:
                    1e:95:aa:f9:c9:ab:c3:6a:98:ce:83:c7:07:68:be:
                    c5:9f:fd:88:22:9d:89:ca:b5:db:60:2f:bf:eb:99:
                    c5:d9:9a:d3:42:74:aa:8c:b1:bc:e4:d9:79:20:4a:
                    b4:80:36:38:21:ab:90:0b:b0:45:d9:83:58:fb:ba:
                    dd:8e:b8:27:52:9d:4a:6f:c6:6b:dd:92:48:d9:a9:
                    d7:1e:e0:50:2b:f2:dc:77:37:bd:8c:8b:61:a5:69:
                    70:1b:2b:90:5a:ce:c6:7e:b3:3e:b8:97:75:dc:81:
                    41:76:ac:8d:55:4f:ff:26:fb:cf:91:38:48:04:55:
                    ee:48:b4:c7:e1:b3:35:d8:1e:5f:88:09:81:6c:29:
                    0a:69:1c:dd:5a:eb:55:28:60:f9:66:08:da:19:e2:
                    d2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:E9:97:4F:96:35:1E:90:67:85:1C:3E:0E:58:83:21:7F:28:BB:8C
            X509v3 Authority Key Identifier:
                keyid:3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:52:34:90:4e:f6:af:e4:38:e5:55:f2:3b:c7:0b:be:6d:11:
         93:5a:04:5f:c1:69:2f:1d:7d:20:13:c4:5c:7d:d3:54:42:77:
         d1:5c:c5:de:47:90:ff:88:98:62:05:1a:6f:c0:50:67:d1:5d:
         de:ac:e2:5c:a8:d4:fc:5f:96:53:07:d9:1e:4c:68:ab:e1:6e:
         0d:ec:36:90:21:24:3e:6f:d2:05:23:c0:e6:eb:e1:d3:5b:8e:
         0b:62:c0:0e:e7:cd:30:05:2d:f3:36:39:2a:a2:33:8d:36:cc:
         a6:21:60:05:f5:76:04:66:dd:9a:00:44:59:f0:cd:3d:cf:18:
         a1:79:2b:20:63:ad:76:f1:a0:3c:2a:45:aa:6d:c7:d7:3b:59:
         16:d2:30:75:8b:3a:74:82:5b:04:04:fe:c5:e0:1f:00:99:fe:
         4d:f6:04:86:c5:7f:ef:ab:d0:af:40:d6:58:8a:17:0e:a5:f6:
         a0:4c:7c:54:21:36:79:0b:c7:5c:2c:20:94:58:77:d1:eb:e1:
         9e:19:25:3b:30:86:2a:36:30:cd:07:b0:19:7f:16:ac:09:2e:
         6c:c5:eb:63:1c:43:d8:d2:f9:ef:a3:5d:7e:35:77:9c:4b:06:
         f5:b0:ae:d3:5a:1b:86:94:0c:2f:d1:65:06:d4:5e:33:fc:f3:
         2b:a0:93:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNUNBq2cJfbbfJB6/FPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODJkYzVjNzFjZWE3MmM2NWIwMjZhMTI2Nzg5ZjM4ODY1
NzBiYTYwHhcNMjUxMTExMDcwMjA5WhcNMjUxMTEyMDcwMjA5WjAzMTEwLwYDVQQD
EygyNGU5OTc0Zjk2MzUxZTkwNjc4NTFjM2UwZTU4ODMyMTdmMjhiYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7YbnJYZVv6XD12QaLY+6ls2umnJ
ZXxuvGrpwmctst6RFDBdh7sKGYiUZevrUiSXDUAh+i9FNOqema8+2cz3H289D8jp
KLBd60myr4AMsenlkdYG1ARI9U1FLw7DdwYx2oxXAa8QD7Ielar5yavDapjOg8cH
aL7Fn/2IIp2JyrXbYC+/65nF2ZrTQnSqjLG85Nl5IEq0gDY4IauQC7BF2YNY+7rd
jrgnUp1Kb8Zr3ZJI2anXHuBQK/Lcdze9jIthpWlwGyuQWs7GfrM+uJd13IFBdqyN
VU//JvvPkThIBFXuSLTH4bM12B5fiAmBbCkKaRzdWutVKGD5ZgjaGeLSZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTpl0+WNR6QZ4UcPg5YgyF/KLuMMB8GA1UdIwQY
MBaAFDqC3FxxzqcsZbAmoSZ4nziGVwumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDIt
ZGMxZmFiNDM5ZTMwLzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDItZGMxZmFiNDM5ZTMw
LzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUVI0kE72
r+Q45VXyO8cLvm0Rk1oEX8FpLx19IBPEXH3TVEJ30VzF3keQ/4iYYgUab8BQZ9Fd
3qziXKjU/F+WUwfZHkxoq+FuDew2kCEkPm/SBSPA5uvh01uOC2LADufNMAUt8zY5
KqIzjTbMpiFgBfV2BGbdmgBEWfDNPc8YoXkrIGOtdvGgPCpFqm3H1ztZFtIwdYs6
dIJbBAT+xeAfAJn+TfYEhsV/76vQr0DWWIoXDqX2oEx8VCE2eQvHXCwglFh30evh
nhklOzCGKjYwzQewGX8WrAkubMXrYxxD2NL576NdfjV3nEsG9bCu01obhpQML9Fl
BtReM/zzK6CTBg==
-----END CERTIFICATE-----