Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
File:                     OQGfnAqym0Lg2xLprIezJ7_FWvk.mft (raw, json)
Hash identifier:          jMMSNKfbcFjSe8Tl0mgFKikoWHA7eOJL2hrfmlGSgQA=
Subject key identifier:   3F:B3:19:33:CB:76:8D:49:88:B3:74:0D:07:09:3A:07:C4:52:5A:4E
Authority key identifier: 39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
Certificate issuer:       /CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Certificate serial:       019A71B773642BCFF40ED3D849D1B0606D7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:00:39 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:39 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:39 +0000
Files and hashes:         1: OQGfnAqym0Lg2xLprIezJ7_FWvk.crl (hash: VpoBr1NE/WqUF9ucU5jMwBSSNkF/R46BeoaAd3miuIA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:73:64:2b:cf:f4:0e:d3:d8:49:d1:b0:60:6d:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
        Validity
            Not Before: Nov 11 07:00:39 2025 GMT
            Not After : Nov 12 07:00:39 2025 GMT
        Subject: CN=3fb31933cb768d4988b3740d07093a07c4525a4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:23:23:1b:25:9f:1a:fe:a2:aa:22:91:c6:21:
                    66:a8:37:f3:72:64:b0:a1:a8:2a:f8:7b:0f:48:55:
                    d1:a7:ec:6d:89:29:85:45:3a:78:db:16:a1:2a:71:
                    fc:4e:7f:9a:8e:01:10:6c:ce:60:35:d8:52:4c:48:
                    a8:06:4a:ec:2e:ba:92:6e:b9:ee:37:9f:0c:5e:0a:
                    4d:d1:9f:9f:88:a7:57:c1:56:b4:78:6a:0c:37:2f:
                    0c:07:d8:af:4d:7f:c7:a4:31:42:0f:10:53:a7:90:
                    1c:03:3c:a1:0f:c9:96:bd:3f:1b:8b:e8:c5:3b:f7:
                    5b:4c:03:46:bc:8b:89:eb:e0:f9:26:32:04:b4:06:
                    ad:b7:fd:98:bd:45:64:a1:37:42:96:17:33:62:34:
                    31:ae:3a:5a:88:2b:4b:af:84:be:74:39:74:b7:8c:
                    00:7d:5c:b8:40:48:88:9b:18:6d:0a:cb:5f:c7:6f:
                    28:7d:ca:d7:21:8d:fb:1f:10:08:01:e3:63:ac:25:
                    95:01:7d:a5:73:d7:da:23:94:ce:22:ad:40:b0:e4:
                    92:06:84:53:e8:27:8d:c6:ef:3c:82:6d:36:59:d0:
                    f3:56:ae:8c:37:a8:7f:68:1c:57:11:cd:55:d9:58:
                    d6:68:79:6e:70:99:2c:de:b5:ab:4a:b8:e4:19:4f:
                    3a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:B3:19:33:CB:76:8D:49:88:B3:74:0D:07:09:3A:07:C4:52:5A:4E
            X509v3 Authority Key Identifier:
                keyid:39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:a7:67:2e:05:6e:33:e0:9b:f3:f4:c5:d8:1b:a9:ed:75:8f:
         42:a1:fe:4a:1f:ee:2e:32:4f:b4:93:a2:27:e8:d6:56:7a:80:
         a1:87:dd:de:f4:ce:c6:80:4f:5a:60:f7:63:83:21:03:fd:16:
         bd:86:c2:2b:86:fb:1a:43:ae:23:04:45:13:1f:fd:14:29:61:
         2b:d5:7e:8f:f6:82:c2:32:9f:7f:52:c4:16:59:21:27:b4:ba:
         51:22:f7:11:79:5e:a1:47:f1:40:d2:12:f5:d3:d9:95:b8:9a:
         8e:77:78:b9:d9:0c:93:14:fa:36:94:a6:22:de:98:d2:6d:7f:
         99:72:17:88:32:00:4e:c9:15:db:9a:93:10:44:7d:28:e1:7d:
         68:ae:a1:c7:dd:2a:a6:c1:72:b1:e8:85:0b:a8:63:30:cc:a5:
         11:28:27:93:72:32:1f:3e:3d:0f:33:80:0a:81:7b:1d:df:a3:
         d8:bd:4f:ce:13:91:5a:d8:8e:85:e4:49:6f:79:ac:17:2d:b6:
         49:cb:44:cc:53:ab:4c:54:1d:72:1d:23:22:3b:02:c9:38:a6:
         0d:0d:95:42:83:7e:65:90:39:85:b9:9d:39:4a:ff:e6:07:3b:
         0d:69:3e:65:a6:41:78:0d:37:3c:73:6a:6d:7e:8e:39:3f:a9:
         e3:9d:a7:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3NkK8/0DtPYSdGwYG19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDE5ZjljMGFiMjliNDJlMGRiMTJlOWFjODdiMzI3YmZj
NTVhZjkwHhcNMjUxMTExMDcwMDM5WhcNMjUxMTEyMDcwMDM5WjAzMTEwLwYDVQQD
EygzZmIzMTkzM2NiNzY4ZDQ5ODhiMzc0MGQwNzA5M2EwN2M0NTI1YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSMjGyWfGv6iqiKRxiFmqDfzcmSw
oagq+HsPSFXRp+xtiSmFRTp42xahKnH8Tn+ajgEQbM5gNdhSTEioBkrsLrqSbrnu
N58MXgpN0Z+fiKdXwVa0eGoMNy8MB9ivTX/HpDFCDxBTp5AcAzyhD8mWvT8bi+jF
O/dbTANGvIuJ6+D5JjIEtAatt/2YvUVkoTdClhczYjQxrjpaiCtLr4S+dDl0t4wA
fVy4QEiImxhtCstfx28ofcrXIY37HxAIAeNjrCWVAX2lc9faI5TOIq1AsOSSBoRT
6CeNxu88gm02WdDzVq6MN6h/aBxXEc1V2VjWaHlucJks3rWrSrjkGU86FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+zGTPLdo1JiLN0DQcJOgfEUlpOMB8GA1UdIwQY
MBaAFDkBn5wKsptC4NsS6ayHsye/xVr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYt
Nzg4ZjVhNTgwNDRmLzEvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYtNzg4ZjVhNTgwNDRm
LzEvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGKdnLgVu
M+Cb8/TF2Bup7XWPQqH+Sh/uLjJPtJOiJ+jWVnqAoYfd3vTOxoBPWmD3Y4MhA/0W
vYbCK4b7GkOuIwRFEx/9FClhK9V+j/aCwjKff1LEFlkhJ7S6USL3EXleoUfxQNIS
9dPZlbiajnd4udkMkxT6NpSmIt6Y0m1/mXIXiDIATskV25qTEER9KOF9aK6hx90q
psFyseiFC6hjMMylESgnk3IyHz49DzOACoF7Hd+j2L1PzhORWtiOheRJb3msFy22
SctEzFOrTFQdch0jIjsCyTimDQ2VQoN+ZZA5hbmdOUr/5gc7DWk+ZaZBeA03PHNq
bX6OOT+p452nPg==
-----END CERTIFICATE-----