Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft
File:                     oJD-k_R_g4ea4suDVIjNn31pm8A.mft (raw, json)
Hash identifier:          FepDEZDPNwQFp7D2TfGrTtaPXQagnaqORk/z01l3+Bk=
Subject key identifier:   1C:E8:66:A7:6A:38:3A:00:8D:A7:00:33:0F:A1:33:C0:25:DA:26:BA
Authority key identifier: A0:90:FE:93:F4:7F:83:87:9A:E2:CB:83:54:88:CD:9F:7D:69:9B:C0
Certificate issuer:       /CN=a090fe93f47f83879ae2cb835488cd9f7d699bc0
Certificate serial:       019A71B81190154D6599CB538AB28F459507
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oJD-k_R_g4ea4suDVIjNn31pm8A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:01:19 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:19 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:19 +0000
Files and hashes:         1: oJD-k_R_g4ea4suDVIjNn31pm8A.crl (hash: 4wVIbmQLyf/6KH16rHxtyvzTXC2pH6Zif3BNaynCcQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oJD-k_R_g4ea4suDVIjNn31pm8A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:11:90:15:4d:65:99:cb:53:8a:b2:8f:45:95:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a090fe93f47f83879ae2cb835488cd9f7d699bc0
        Validity
            Not Before: Nov 11 07:01:19 2025 GMT
            Not After : Nov 12 07:01:19 2025 GMT
        Subject: CN=1ce866a76a383a008da700330fa133c025da26ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:59:a1:f8:db:9d:44:04:41:85:55:16:f3:5c:
                    38:ab:30:43:59:5c:93:48:a5:8f:42:ef:74:f7:92:
                    e1:22:67:7b:4c:87:20:2f:c6:18:4e:2e:b9:48:28:
                    b5:e8:7c:72:73:35:ad:88:3c:c1:d4:36:21:d8:9b:
                    b1:f0:d3:5b:83:6f:89:cc:06:57:d9:97:34:aa:a4:
                    8c:e1:c6:a2:70:52:6b:71:00:62:d2:b8:07:a4:82:
                    0c:f9:96:c7:90:c9:f1:83:1f:7a:af:78:5d:26:6a:
                    a9:a3:39:7d:b8:76:2d:35:02:9f:ec:d9:59:d8:82:
                    7b:b6:1d:7c:c1:a2:bd:b4:db:c7:40:4b:34:a4:2f:
                    a3:1e:2d:03:0b:5e:2f:f0:0c:49:c2:8d:c0:a2:09:
                    3c:49:f7:0f:d6:76:e8:e2:6a:f3:63:ac:d7:7e:22:
                    b0:a3:d6:f4:c4:24:5e:cf:32:86:51:8a:88:a9:c7:
                    51:6d:5a:85:dc:97:92:fe:46:15:2c:09:cb:34:df:
                    6f:8c:a8:50:7b:06:01:68:1f:3f:84:90:78:d6:57:
                    6c:5d:08:66:06:9c:b5:f4:b8:45:66:df:f3:13:51:
                    1c:2c:ed:05:b8:4b:12:28:05:08:59:69:26:99:fe:
                    5b:61:08:28:51:80:22:5d:e7:37:9b:bd:a7:17:23:
                    b0:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:E8:66:A7:6A:38:3A:00:8D:A7:00:33:0F:A1:33:C0:25:DA:26:BA
            X509v3 Authority Key Identifier:
                keyid:A0:90:FE:93:F4:7F:83:87:9A:E2:CB:83:54:88:CD:9F:7D:69:9B:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJD-k_R_g4ea4suDVIjNn31pm8A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:98:87:b2:21:38:d6:e8:ad:e9:4a:61:8f:3a:42:7b:c7:e1:
         27:10:b5:fc:7b:95:01:de:5b:8e:25:43:27:eb:e8:14:0d:ad:
         42:44:8b:27:e2:57:ac:7c:30:5f:e8:3d:eb:c8:41:6a:c1:73:
         19:88:73:4f:5e:d1:74:8b:9f:c9:6b:26:f0:c4:c8:b4:bd:0b:
         e7:a0:d1:bc:11:d1:38:5c:bf:d8:af:10:53:5f:ac:b2:e3:7f:
         07:fd:5f:2d:4c:22:bf:38:d6:79:ca:c7:47:90:f5:5b:10:99:
         f9:c2:f9:3c:15:87:cc:bc:55:9f:e6:52:be:8f:af:7a:7b:46:
         b9:a1:35:9c:78:6b:07:52:1b:52:20:b5:e0:0d:49:a1:28:93:
         f1:7e:42:04:ce:19:0b:a6:25:e5:0b:1b:71:6b:48:94:23:eb:
         c4:81:11:4c:b4:33:1c:69:4d:f7:dd:25:44:09:e6:1c:9f:7a:
         0c:4a:da:f1:b5:b0:8a:c6:3f:43:c3:32:41:b5:f9:bb:67:07:
         0c:cc:55:69:35:26:43:0a:52:56:53:2d:14:40:f1:41:e9:ef:
         58:1d:9b:ff:c1:79:48:ad:c5:71:d1:4c:eb:4e:01:6f:e2:c4:
         65:ef:88:cf:4c:1e:b9:cc:ff:4b:51:ab:9c:94:fe:20:55:68:
         22:13:0f:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBGQFU1lmctTirKPRZUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOTBmZTkzZjQ3ZjgzODc5YWUyY2I4MzU0ODhjZDlmN2Q2
OTliYzAwHhcNMjUxMTExMDcwMTE5WhcNMjUxMTEyMDcwMTE5WjAzMTEwLwYDVQQD
EygxY2U4NjZhNzZhMzgzYTAwOGRhNzAwMzMwZmExMzNjMDI1ZGEyNmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFmh+NudRARBhVUW81w4qzBDWVyT
SKWPQu9095LhImd7TIcgL8YYTi65SCi16HxyczWtiDzB1DYh2Jux8NNbg2+JzAZX
2Zc0qqSM4caicFJrcQBi0rgHpIIM+ZbHkMnxgx96r3hdJmqpozl9uHYtNQKf7NlZ
2IJ7th18waK9tNvHQEs0pC+jHi0DC14v8AxJwo3Aogk8SfcP1nbo4mrzY6zXfiKw
o9b0xCRezzKGUYqIqcdRbVqF3JeS/kYVLAnLNN9vjKhQewYBaB8/hJB41ldsXQhm
Bpy19LhFZt/zE1EcLO0FuEsSKAUIWWkmmf5bYQgoUYAiXec3m72nFyOwSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBzoZqdqODoAjacAMw+hM8Al2ia6MB8GA1UdIwQY
MBaAFKCQ/pP0f4OHmuLLg1SIzZ99aZvAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pELWtfUl9nNGVhNHN1RFZJak5uMzFwbThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYmJjYzktZjgzMi00YjViLWJjMjIt
MjU3ODFlMTE2NzgyLzEvb0pELWtfUl9nNGVhNHN1RFZJak5uMzFwbThBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYmJjYzktZjgzMi00YjViLWJjMjItMjU3ODFlMTE2Nzgy
LzEvb0pELWtfUl9nNGVhNHN1RFZJak5uMzFwbThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuZiHsiE4
1uit6UphjzpCe8fhJxC1/HuVAd5bjiVDJ+voFA2tQkSLJ+JXrHwwX+g968hBasFz
GYhzT17RdIufyWsm8MTItL0L56DRvBHROFy/2K8QU1+ssuN/B/1fLUwivzjWecrH
R5D1WxCZ+cL5PBWHzLxVn+ZSvo+ventGuaE1nHhrB1IbUiC14A1JoSiT8X5CBM4Z
C6Yl5QsbcWtIlCPrxIERTLQzHGlN990lRAnmHJ96DEra8bWwisY/Q8MyQbX5u2cH
DMxVaTUmQwpSVlMtFEDxQenvWB2b/8F5SK3FcdFM604Bb+LEZe+Iz0weucz/S1Gr
nJT+IFVoIhMPJA==
-----END CERTIFICATE-----