Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
File:                     0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft (raw, json)
Hash identifier:          wV9Qptbz4OWGCZvxXiz0Qea7syaP6t80x1fET4ljD/0=
Subject key identifier:   60:DA:45:C0:E5:89:0F:57:6D:42:2E:78:65:DA:5F:81:B2:EC:4A:C6
Authority key identifier: D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED
Certificate issuer:       /CN=d2897b335382f8224f5d890e31b386321c6bb3ed
Certificate serial:       019A73A6B6241E2F74879772129405D7B10A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
Manifest number:          0B2C
Signing time:             Tue 11 Nov 2025 16:01:36 +0000
Manifest this update:     Tue 11 Nov 2025 16:01:36 +0000
Manifest next update:     Wed 12 Nov 2025 16:01:36 +0000
Files and hashes:         1: 0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl (hash: kCYnOfnJ+VQ0XZFJuYUD/mWu0dcvHU3KrmEhDwNXOKo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:b6:24:1e:2f:74:87:97:72:12:94:05:d7:b1:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2897b335382f8224f5d890e31b386321c6bb3ed
        Validity
            Not Before: Nov 11 16:01:36 2025 GMT
            Not After : Nov 12 16:01:36 2025 GMT
        Subject: CN=60da45c0e5890f576d422e7865da5f81b2ec4ac6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:71:0a:e4:a7:da:ef:cd:6b:72:f5:10:8d:5d:
                    c7:92:ba:c7:d3:14:fe:c9:86:90:bd:7a:23:78:cd:
                    a1:41:ff:45:f4:10:56:ef:80:5f:fd:1b:a9:c3:3f:
                    28:e5:47:29:5b:91:64:25:3f:17:bf:ec:1e:29:30:
                    ec:ad:3b:7a:43:c7:ae:95:a8:e8:5a:4f:e3:75:0c:
                    ab:b2:e7:f4:73:0e:59:21:ba:24:e8:7e:57:de:f7:
                    40:52:69:b8:e7:40:ff:07:a8:3b:67:a1:ea:51:be:
                    29:4f:2c:1a:05:37:16:3b:34:dd:3d:a6:18:23:83:
                    f2:81:31:a6:ec:fb:e5:a1:8e:11:72:94:4b:57:80:
                    b1:58:9a:a4:36:ee:21:de:b7:68:89:4a:f1:71:75:
                    80:b2:50:fd:6e:18:21:90:c3:80:9d:50:2e:3e:23:
                    64:1b:5e:86:56:45:5a:8a:93:d2:c3:39:b6:45:d0:
                    10:3b:27:ef:f9:e6:e5:28:ef:31:0a:90:12:a1:5f:
                    27:f4:40:47:49:98:d8:68:ea:3d:c0:9e:0c:02:1f:
                    ed:c2:4e:6e:1b:a4:b5:72:e9:1e:d9:13:82:ca:4f:
                    1d:aa:7a:6b:3e:14:03:a1:21:97:cd:90:68:15:ff:
                    91:f6:09:b9:84:a2:80:68:7e:db:54:0b:8f:5b:58:
                    10:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:DA:45:C0:E5:89:0F:57:6D:42:2E:78:65:DA:5F:81:B2:EC:4A:C6
            X509v3 Authority Key Identifier:
                keyid:D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:e3:67:9b:83:a7:46:f9:77:2b:d7:e0:bf:a1:07:f5:bb:25:
         8f:49:48:42:45:cf:1a:6a:c8:b0:23:89:80:9e:71:fe:c7:0c:
         b2:f7:29:02:55:2c:37:56:22:6f:28:b8:7d:cd:4b:77:92:d1:
         ef:26:66:1b:42:28:ec:27:ac:fe:53:91:fe:ac:74:2a:86:41:
         99:20:22:3c:b9:d2:b6:21:96:8f:8b:e2:3d:07:1c:ca:12:c0:
         17:d2:86:0d:97:70:48:9b:e8:eb:11:91:46:af:b3:a2:ca:18:
         2e:79:12:ba:95:d4:e3:82:b9:ef:63:0d:47:6c:1c:29:a4:64:
         18:a2:80:10:e9:2e:ad:19:02:82:fd:64:d1:ce:8b:81:35:b2:
         4b:a5:41:de:a2:a0:13:fa:24:ef:09:29:8c:80:64:f3:fb:ed:
         97:a1:47:dc:5c:83:9e:fc:93:d7:2f:e6:ce:d7:2b:d0:0d:1a:
         40:16:43:22:90:eb:2c:22:8c:4a:6b:9f:a6:a1:3a:4f:fd:da:
         80:67:ee:ed:a1:1f:ac:98:01:cb:a9:ae:09:f8:cf:fd:d7:76:
         cc:0a:a7:2a:cd:7e:88:ad:94:c1:57:d5:07:bd:59:09:d7:3f:
         f4:80:bf:31:c0:07:16:62:dc:1a:aa:e6:59:dd:5d:89:ab:60:
         5d:1a:ea:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzprYkHi90h5dyEpQF17EKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyODk3YjMzNTM4MmY4MjI0ZjVkODkwZTMxYjM4NjMyMWM2
YmIzZWQwHhcNMjUxMTExMTYwMTM2WhcNMjUxMTEyMTYwMTM2WjAzMTEwLwYDVQQD
Eyg2MGRhNDVjMGU1ODkwZjU3NmQ0MjJlNzg2NWRhNWY4MWIyZWM0YWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnEK5Kfa781rcvUQjV3HkrrH0xT+
yYaQvXojeM2hQf9F9BBW74Bf/Rupwz8o5UcpW5FkJT8Xv+weKTDsrTt6Q8eulajo
Wk/jdQyrsuf0cw5ZIbok6H5X3vdAUmm450D/B6g7Z6HqUb4pTywaBTcWOzTdPaYY
I4PygTGm7PvloY4RcpRLV4CxWJqkNu4h3rdoiUrxcXWAslD9bhghkMOAnVAuPiNk
G16GVkVaipPSwzm2RdAQOyfv+eblKO8xCpASoV8n9EBHSZjYaOo9wJ4MAh/twk5u
G6S1cuke2ROCyk8dqnprPhQDoSGXzZBoFf+R9gm5hKKAaH7bVAuPW1gQpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDaRcDliQ9XbUIueGXaX4Gy7ErGMB8GA1UdIwQY
MBaAFNKJezNTgvgiT12JDjGzhjIca7PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTct
NWI1MzMyYWYxODUxLzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTctNWI1MzMyYWYxODUx
LzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcONnm4On
Rvl3K9fgv6EH9bslj0lIQkXPGmrIsCOJgJ5x/scMsvcpAlUsN1Yibyi4fc1Ld5LR
7yZmG0Io7Ces/lOR/qx0KoZBmSAiPLnStiGWj4viPQccyhLAF9KGDZdwSJvo6xGR
Rq+zosoYLnkSupXU44K572MNR2wcKaRkGKKAEOkurRkCgv1k0c6LgTWyS6VB3qKg
E/ok7wkpjIBk8/vtl6FH3FyDnvyT1y/mztcr0A0aQBZDIpDrLCKMSmufpqE6T/3a
gGfu7aEfrJgBy6muCfjP/dd2zAqnKs1+iK2UwVfVB71ZCdc/9IC/McAHFmLcGqrm
Wd1diatgXRrqIA==
-----END CERTIFICATE-----