Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
File:                     oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json)
Hash identifier:          O2kjCdZWFHEyMEmYNO7rc9oCH/gUaFhoCmxRPo7BN+c=
Subject key identifier:   0F:0A:39:3A:09:10:C6:72:E9:20:73:AA:1E:51:22:0B:E2:E9:8D:0B
Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB
Certificate issuer:       /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
Certificate serial:       019A71130AB8ADA570D700FF21CC154F71E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
Manifest number:          063E
Signing time:             Tue 11 Nov 2025 04:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:04 +0000
Files and hashes:         1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: P/bbt7KGrRaPpT8vxl62N2Oj00ER/2kxSNBG62VJ72s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:0a:b8:ad:a5:70:d7:00:ff:21:cc:15:4f:71:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
        Validity
            Not Before: Nov 11 04:01:04 2025 GMT
            Not After : Nov 12 04:01:04 2025 GMT
        Subject: CN=0f0a393a0910c672e92073aa1e51220be2e98d0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:cb:41:d3:f1:9d:95:de:1d:df:3f:28:a2:90:
                    20:e8:73:6f:b1:01:7d:53:0b:b5:02:50:a4:e7:62:
                    00:be:35:0c:71:68:c0:ea:4f:8d:87:08:d6:a8:47:
                    e3:97:64:0b:7e:e7:f8:02:e6:87:00:74:3c:38:da:
                    65:ac:fb:9a:ec:d0:a5:29:5d:11:5b:f1:2e:00:28:
                    a3:92:b1:c7:0b:b2:77:bf:b3:9b:2a:cc:54:b7:31:
                    77:53:b5:3b:bc:27:fa:3f:63:33:64:50:7e:78:2d:
                    9b:1f:c0:c9:46:34:bb:0b:2e:dd:1a:ce:c3:28:0e:
                    c4:ec:41:fa:22:a1:93:4f:90:3c:5f:23:68:88:5d:
                    98:92:2c:e6:3c:80:85:ed:e4:d9:c1:c1:41:86:bb:
                    ef:b9:90:20:43:ad:1a:43:79:b7:82:c7:d1:a8:dd:
                    c8:4f:a5:91:7f:1a:7a:20:1f:34:2f:b2:e6:54:d9:
                    85:93:4e:72:d0:09:01:39:57:42:45:78:af:ca:e3:
                    23:72:7a:1e:cd:b7:67:d2:4b:e2:51:97:a1:dd:06:
                    13:c6:ed:d3:82:f6:cb:4b:2b:91:35:56:77:30:41:
                    7c:50:0f:3f:d6:60:5d:26:b6:05:1c:fb:ef:bb:f3:
                    58:3e:bc:30:cd:ab:b9:7e:d9:41:ea:1b:64:a3:9f:
                    aa:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:0A:39:3A:09:10:C6:72:E9:20:73:AA:1E:51:22:0B:E2:E9:8D:0B
            X509v3 Authority Key Identifier:
                keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:a3:24:c1:a2:d1:85:e9:bc:79:e8:37:5a:e6:8c:5d:ba:3c:
         30:32:af:02:d7:0a:01:66:fa:32:d6:a0:29:fd:a5:0e:9a:55:
         86:80:18:86:97:6f:76:30:b6:8a:de:f4:b2:60:eb:1c:4c:c0:
         d1:ac:0d:f8:55:1f:d7:48:0f:2c:84:33:90:f9:ab:b5:0f:9e:
         0e:62:55:99:c6:a8:4d:c6:a0:39:16:6b:71:23:b4:a6:ca:d7:
         57:ae:7c:27:90:be:52:59:a8:b8:b5:14:e5:6f:20:5d:e0:30:
         ae:7e:af:e3:e2:f0:1d:24:0b:d9:f2:79:95:a3:85:47:c7:ab:
         af:71:cd:90:ce:bf:cd:aa:aa:80:f1:6d:34:23:e6:7c:c6:fd:
         75:bd:5b:20:28:31:c8:e4:54:af:25:79:21:26:57:ca:00:41:
         9a:e2:c5:c5:81:a6:37:9a:e3:f0:0f:e3:dd:96:78:93:7d:4b:
         aa:9d:13:3f:e5:94:6c:f7:52:f9:a9:db:5e:d7:66:53:c1:82:
         5e:d3:d9:d8:bf:14:b7:40:03:78:4a:c9:12:0c:5a:c2:10:d1:
         96:c3:fc:25:96:a7:1d:14:a5:bd:75:11:fc:8b:04:16:7e:f2:
         9a:09:bf:df:46:db:40:99:e7:77:e1:60:d6:c4:b2:d0:40:43:
         16:b7:45:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEwq4raVw1wD/IcwVT3HhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz
OTQzY2IwHhcNMjUxMTExMDQwMTA0WhcNMjUxMTEyMDQwMTA0WjAzMTEwLwYDVQQD
EygwZjBhMzkzYTA5MTBjNjcyZTkyMDczYWExZTUxMjIwYmUyZTk4ZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0stB0/Gdld4d3z8oopAg6HNvsQF9
Uwu1AlCk52IAvjUMcWjA6k+NhwjWqEfjl2QLfuf4AuaHAHQ8ONplrPua7NClKV0R
W/EuACijkrHHC7J3v7ObKsxUtzF3U7U7vCf6P2MzZFB+eC2bH8DJRjS7Cy7dGs7D
KA7E7EH6IqGTT5A8XyNoiF2YkizmPICF7eTZwcFBhrvvuZAgQ60aQ3m3gsfRqN3I
T6WRfxp6IB80L7LmVNmFk05y0AkBOVdCRXivyuMjcnoezbdn0kviUZeh3QYTxu3T
gvbLSyuRNVZ3MEF8UA8/1mBdJrYFHPvvu/NYPrwwzau5ftlB6htko5+qLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8KOToJEMZy6SBzqh5RIgvi6Y0LMB8GA1UdIwQY
MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt
NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl
LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI6MkwaLR
hem8eeg3WuaMXbo8MDKvAtcKAWb6MtagKf2lDppVhoAYhpdvdjC2it70smDrHEzA
0awN+FUf10gPLIQzkPmrtQ+eDmJVmcaoTcagORZrcSO0psrXV658J5C+UlmouLUU
5W8gXeAwrn6v4+LwHSQL2fJ5laOFR8err3HNkM6/zaqqgPFtNCPmfMb9db1bICgx
yORUryV5ISZXygBBmuLFxYGmN5rj8A/j3ZZ4k31Lqp0TP+WUbPdS+anbXtdmU8GC
XtPZ2L8Ut0ADeErJEgxawhDRlsP8JZanHRSlvXUR/IsEFn7ymgm/30bbQJnnd+Fg
1sSy0EBDFrdFjg==
-----END CERTIFICATE-----