Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
File:                     1OXVJHHqh0idSKBiCEem1VbxY9s.mft (raw, json)
Hash identifier:          nD4tXwtR+S+owZGx7d5BB2fEAHAGNODvMTSLw5kOz5w=
Subject key identifier:   E4:6D:05:B6:5B:E5:20:BC:0C:18:AF:6D:B5:8D:8D:6C:3D:72:25:32
Authority key identifier: D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB
Certificate issuer:       /CN=d4e5d52471ea87489d48a0620847a6d556f163db
Certificate serial:       019A7113567A8F36CC078EC7ECF01D8FE80F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
Manifest number:          16AD
Signing time:             Tue 11 Nov 2025 04:01:23 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:23 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:23 +0000
Files and hashes:         1: 1OXVJHHqh0idSKBiCEem1VbxY9s.crl (hash: Ynklfr6NNqyLWaKx6+VXwchyUcJRTrZD9rOjRwE0ImI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:56:7a:8f:36:cc:07:8e:c7:ec:f0:1d:8f:e8:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4e5d52471ea87489d48a0620847a6d556f163db
        Validity
            Not Before: Nov 11 04:01:23 2025 GMT
            Not After : Nov 12 04:01:23 2025 GMT
        Subject: CN=e46d05b65be520bc0c18af6db58d8d6c3d722532
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:67:a4:f7:35:a4:3d:16:e6:93:6a:34:c5:85:
                    23:28:d2:be:b6:a8:e7:4f:a5:b3:81:53:89:39:54:
                    a0:ef:e0:f1:fd:0e:97:a9:c2:f6:82:8a:6b:a0:9c:
                    75:41:c9:3b:6f:ec:cb:77:f8:c2:21:e5:51:00:ae:
                    34:02:65:8b:ce:08:f2:11:cb:54:62:01:3b:31:c3:
                    43:b1:52:84:12:4d:dc:56:fc:13:3e:77:95:ff:5d:
                    e7:60:2d:ee:b4:09:da:30:be:20:3f:db:fe:55:5b:
                    76:05:17:43:62:b2:c4:7b:6b:70:83:67:0a:f4:2c:
                    36:c9:86:8b:cc:03:eb:41:87:38:ee:7d:1a:2e:15:
                    b3:70:a9:f1:ba:df:1b:16:1d:1a:28:2e:a8:e4:6a:
                    89:a5:37:97:ff:1b:f7:27:7b:d3:4d:2f:e0:76:99:
                    58:88:2e:8d:bc:7d:1e:3f:e1:ac:3c:c3:da:a0:7a:
                    cc:c3:12:27:4d:7b:96:14:c2:22:e5:be:01:9d:8e:
                    9e:aa:d6:9c:d9:3a:9e:71:94:db:1e:a8:e0:d5:7c:
                    bb:1f:bf:b0:05:02:07:c1:64:cc:0b:02:c0:14:28:
                    68:e6:2e:22:3f:c8:11:d6:1b:07:61:a6:91:6c:69:
                    40:0f:34:db:9d:cf:48:59:d7:4c:e0:e4:5a:97:c8:
                    9d:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:6D:05:B6:5B:E5:20:BC:0C:18:AF:6D:B5:8D:8D:6C:3D:72:25:32
            X509v3 Authority Key Identifier:
                keyid:D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:f9:27:84:fa:04:29:dd:f7:fe:39:f6:e4:0b:fe:a6:54:c2:
         5d:f2:f0:ac:ce:1f:7d:16:5a:e7:e5:8c:11:d2:a4:63:2d:5f:
         6a:4d:e1:3e:2a:6b:fa:11:98:63:ab:a3:17:c6:53:eb:16:40:
         41:b9:e7:38:3c:1f:2d:96:b7:97:8b:72:f5:e9:55:8f:04:1f:
         ba:26:c1:f9:1d:7f:8a:c2:d9:1b:f9:58:95:22:ee:82:dc:29:
         70:fb:90:29:d0:72:ef:f3:79:0c:33:ef:5e:53:d4:9f:93:45:
         25:3c:04:dc:fd:f3:30:27:3a:6c:33:f7:a1:03:15:7a:62:49:
         c6:1c:37:28:e3:3f:0e:65:4c:e7:a7:fd:98:df:21:db:91:6b:
         ba:6d:37:27:73:77:d4:08:1a:86:b5:fb:a4:c4:a1:4d:dd:9b:
         9d:84:4e:1f:c6:ba:10:ea:74:66:93:7d:1e:98:6a:4f:92:be:
         ae:d1:ae:e3:36:44:c8:04:58:f4:88:27:51:05:2d:f8:ff:1f:
         c2:5c:78:40:e0:8b:b4:a4:ac:23:4d:5e:0f:9c:8f:41:91:41:
         56:72:8d:8e:a5:45:1a:ca:07:66:45:c1:df:80:5d:c9:43:bf:
         11:a6:dd:27:a9:df:ba:87:0c:f5:7f:3b:d0:cd:38:85:70:69:
         3e:b3:0e:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1Z6jzbMB47H7PAdj+gPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTVkNTI0NzFlYTg3NDg5ZDQ4YTA2MjA4NDdhNmQ1NTZm
MTYzZGIwHhcNMjUxMTExMDQwMTIzWhcNMjUxMTEyMDQwMTIzWjAzMTEwLwYDVQQD
EyhlNDZkMDViNjViZTUyMGJjMGMxOGFmNmRiNThkOGQ2YzNkNzIyNTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGek9zWkPRbmk2o0xYUjKNK+tqjn
T6WzgVOJOVSg7+Dx/Q6XqcL2goproJx1Qck7b+zLd/jCIeVRAK40AmWLzgjyEctU
YgE7McNDsVKEEk3cVvwTPneV/13nYC3utAnaML4gP9v+VVt2BRdDYrLEe2twg2cK
9Cw2yYaLzAPrQYc47n0aLhWzcKnxut8bFh0aKC6o5GqJpTeX/xv3J3vTTS/gdplY
iC6NvH0eP+GsPMPaoHrMwxInTXuWFMIi5b4BnY6eqtac2TqecZTbHqjg1Xy7H7+w
BQIHwWTMCwLAFCho5i4iP8gR1hsHYaaRbGlADzTbnc9IWddM4ORal8idGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFORtBbZb5SC8DBivbbWNjWw9ciUyMB8GA1UdIwQY
MBaAFNTl1SRx6odInUigYghHptVW8WPbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMt
MDE4MmNiMDJjODAwLzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMtMDE4MmNiMDJjODAw
LzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyPknhPoE
Kd33/jn25Av+plTCXfLwrM4ffRZa5+WMEdKkYy1fak3hPipr+hGYY6ujF8ZT6xZA
QbnnODwfLZa3l4ty9elVjwQfuibB+R1/isLZG/lYlSLugtwpcPuQKdBy7/N5DDPv
XlPUn5NFJTwE3P3zMCc6bDP3oQMVemJJxhw3KOM/DmVM56f9mN8h25Frum03J3N3
1AgahrX7pMShTd2bnYROH8a6EOp0ZpN9HphqT5K+rtGu4zZEyARY9IgnUQUt+P8f
wlx4QOCLtKSsI01eD5yPQZFBVnKNjqVFGsoHZkXB34BdyUO/EabdJ6nfuocM9X87
0M04hXBpPrMO8A==
-----END CERTIFICATE-----