Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
File:                     aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft (raw, json)
Hash identifier:          lWncK8iZ9Fld/w2RPiX6d0FNnSveOysqK1YywIZk0gk=
Subject key identifier:   D7:9D:07:5C:0F:0C:3C:EB:DF:6B:9D:EE:AE:AA:8A:0B:4D:81:64:F6
Authority key identifier: 68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2
Certificate issuer:       /CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
Certificate serial:       019A71B8BEABF24766B62AE3D1EA837A8FAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
Manifest number:          1703
Signing time:             Tue 11 Nov 2025 07:02:04 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:04 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:04 +0000
Files and hashes:         1: aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl (hash: fR0qA+VXo5ocf0FWguHksSRsR/zELyuuLe6v30yMQNo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:be:ab:f2:47:66:b6:2a:e3:d1:ea:83:7a:8f:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
        Validity
            Not Before: Nov 11 07:02:04 2025 GMT
            Not After : Nov 12 07:02:04 2025 GMT
        Subject: CN=d79d075c0f0c3cebdf6b9deeaeaa8a0b4d8164f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:01:25:ba:2c:d4:1f:e0:6b:35:96:fc:bd:96:
                    01:84:9f:a1:b9:58:e3:d0:bc:b8:93:4d:7b:44:6f:
                    75:49:86:e4:2a:ed:d1:86:5f:9f:d4:13:c9:57:9a:
                    ec:08:51:7c:64:87:a2:43:b4:63:c9:81:4f:d4:84:
                    27:70:72:66:75:23:74:3f:19:e5:5d:cc:78:43:c1:
                    ae:82:f1:cc:28:1d:e5:4e:ab:bd:96:2a:1c:b1:99:
                    ef:f8:b9:87:14:61:24:f6:f7:7a:3e:11:0f:4f:d8:
                    a0:87:d1:7b:93:37:15:e6:08:37:b1:43:58:d7:55:
                    9b:57:3e:f4:19:1b:8a:a1:08:ea:c3:24:59:7d:e2:
                    a3:99:01:78:93:13:aa:4e:87:78:3b:49:a6:9a:43:
                    0b:c6:d7:c0:d8:be:c4:93:7c:e2:45:c5:17:dd:4b:
                    7d:34:a0:bf:17:7b:1a:1a:d6:03:bb:c8:ff:9a:5d:
                    14:e1:a8:f6:30:83:60:b5:3b:f6:86:0b:e0:9d:4e:
                    3b:b6:e6:02:24:7e:20:03:8a:f0:1b:36:13:d9:31:
                    c6:08:e3:1b:c1:4a:13:1e:fa:4d:e7:84:69:38:f4:
                    ea:49:ce:9b:b7:5a:d1:ed:54:b2:d9:f9:98:ca:e8:
                    d5:1f:d8:e2:f7:d3:ae:b4:1c:a8:65:af:a8:a4:be:
                    fb:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:9D:07:5C:0F:0C:3C:EB:DF:6B:9D:EE:AE:AA:8A:0B:4D:81:64:F6
            X509v3 Authority Key Identifier:
                keyid:68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:29:9c:9b:ee:ff:1f:be:cb:e2:a8:b2:5d:6d:00:ae:3e:5a:
         c4:fc:61:8d:08:1a:c8:ed:ab:75:0c:8d:b7:cd:b3:6b:cb:86:
         a6:7d:32:af:ab:f3:85:d8:df:58:b6:8f:b3:9d:4e:05:3d:8e:
         5f:0d:7f:0e:b0:29:13:cb:1b:b3:0b:4e:f1:fe:cc:dc:b3:b3:
         e6:0d:5c:ad:a5:15:b2:c1:db:b6:24:83:33:00:09:bb:a8:b5:
         24:7d:b4:aa:95:5b:f1:b7:32:61:34:1f:24:90:88:8f:36:51:
         a3:7d:bc:1e:f9:f8:ba:81:a9:7a:bb:18:da:37:af:1d:9f:b7:
         05:56:fd:83:30:f0:a5:37:f7:8a:20:26:69:30:03:b5:45:d8:
         36:8c:0f:bb:df:ef:c5:4e:90:5e:93:c8:c9:94:01:30:50:4a:
         39:d5:b7:74:10:44:66:69:0a:f8:2d:ce:80:55:76:2d:f9:2b:
         0d:57:d7:15:ee:7b:59:de:0c:76:7f:56:eb:4b:cd:02:d5:38:
         0f:27:8c:75:b1:d1:b6:86:a1:09:f9:70:a0:b2:28:3a:a4:6a:
         5f:c3:8c:64:d3:34:87:e9:e8:a9:69:b6:7d:b2:04:90:83:6c:
         14:ce:d2:37:00:91:d5:e1:77:b1:41:50:43:03:e4:ae:cb:8e:
         91:86:3c:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuL6r8kdmtirj0eqDeo+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTFlNmVhNTI3ZGMzODVhNzlhM2UwODgyN2RiZjY5MGM5
MWM0YzIwHhcNMjUxMTExMDcwMjA0WhcNMjUxMTEyMDcwMjA0WjAzMTEwLwYDVQQD
EyhkNzlkMDc1YzBmMGMzY2ViZGY2YjlkZWVhZWFhOGEwYjRkODE2NGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgEluizUH+BrNZb8vZYBhJ+huVjj
0Ly4k017RG91SYbkKu3Rhl+f1BPJV5rsCFF8ZIeiQ7RjyYFP1IQncHJmdSN0Pxnl
Xcx4Q8GugvHMKB3lTqu9liocsZnv+LmHFGEk9vd6PhEPT9igh9F7kzcV5gg3sUNY
11WbVz70GRuKoQjqwyRZfeKjmQF4kxOqTod4O0mmmkMLxtfA2L7Ek3ziRcUX3Ut9
NKC/F3saGtYDu8j/ml0U4aj2MINgtTv2hgvgnU47tuYCJH4gA4rwGzYT2THGCOMb
wUoTHvpN54RpOPTqSc6bt1rR7VSy2fmYyujVH9ji99OutByoZa+opL77LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNedB1wPDDzr32ud7q6qigtNgWT2MB8GA1UdIwQY
MBaAFGjh5upSfcOFp5o+CIJ9v2kMkcTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4Mzkt
MTdkMDk3ZmY4OWMyLzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4MzktMTdkMDk3ZmY4OWMy
LzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPCmcm+7/
H77L4qiyXW0Arj5axPxhjQgayO2rdQyNt82za8uGpn0yr6vzhdjfWLaPs51OBT2O
Xw1/DrApE8sbswtO8f7M3LOz5g1craUVssHbtiSDMwAJu6i1JH20qpVb8bcyYTQf
JJCIjzZRo328Hvn4uoGpersY2jevHZ+3BVb9gzDwpTf3iiAmaTADtUXYNowPu9/v
xU6QXpPIyZQBMFBKOdW3dBBEZmkK+C3OgFV2LfkrDVfXFe57Wd4Mdn9W60vNAtU4
DyeMdbHRtoahCflwoLIoOqRqX8OMZNM0h+noqWm2fbIEkINsFM7SNwCR1eF3sUFQ
QwPkrsuOkYY8aA==
-----END CERTIFICATE-----