Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
File:                     owVfB71HqGR4w79HOSVzrNU9Y24.mft (raw, json)
Hash identifier:          ypfPGHpSsTp4k8hid5hgXejh3BmgL0Yvhnyo384G5F0=
Subject key identifier:   2A:32:29:B6:B9:65:5F:3D:D8:39:B3:AB:F7:DE:C3:56:EC:26:BC:80
Authority key identifier: A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E
Certificate issuer:       /CN=a3055f07bd47a86478c3bf47392573acd53d636e
Certificate serial:       019A72260E83A4DB3A8263B26F5F6881118D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 09:01:27 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:27 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:27 +0000
Files and hashes:         1: owVfB71HqGR4w79HOSVzrNU9Y24.crl (hash: de7gjtxPwfzkvkdTKcb9OkZVYCVWdeGKwa6KI4tsGYQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:0e:83:a4:db:3a:82:63:b2:6f:5f:68:81:11:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3055f07bd47a86478c3bf47392573acd53d636e
        Validity
            Not Before: Nov 11 09:01:27 2025 GMT
            Not After : Nov 12 09:01:27 2025 GMT
        Subject: CN=2a3229b6b9655f3dd839b3abf7dec356ec26bc80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:c4:44:d2:8e:bf:ee:68:5b:00:88:da:9c:25:
                    1d:27:cc:e1:73:c9:32:03:dc:43:9b:99:f7:b7:b8:
                    dc:45:71:58:95:ed:ce:72:ad:c5:b6:70:3b:e8:33:
                    ee:da:00:d3:d2:e8:55:43:73:d2:6b:8b:61:9e:23:
                    72:dc:79:4b:68:8e:2d:6a:f3:26:45:f5:f2:e0:ba:
                    e5:b6:5a:e0:1b:a2:41:e4:cc:30:13:f9:4e:dc:8b:
                    46:38:d3:7c:d3:83:29:b9:fc:cc:85:48:83:c2:8f:
                    a0:81:11:a8:5c:c4:47:75:ca:b4:b8:14:ef:5f:be:
                    98:1f:a8:00:3e:1a:3c:ee:24:13:66:70:14:28:44:
                    f1:74:b3:f4:6b:1f:fb:9f:cc:ed:84:c3:b2:16:55:
                    1d:a4:22:51:6d:15:13:1a:95:ba:4d:d3:6c:98:c9:
                    f3:96:0d:bd:4a:13:ff:b5:c3:9d:c3:c9:d6:04:e0:
                    6c:be:f6:23:d6:35:19:52:9e:fe:d1:44:c4:ff:a0:
                    2f:f4:f5:0d:c8:fd:4d:4e:24:42:ff:b2:f3:96:ef:
                    98:ea:99:94:fa:0b:fa:f2:93:37:c7:b8:54:83:84:
                    76:e5:c1:39:b0:12:e8:4f:69:2b:6a:c4:67:d1:8f:
                    a5:45:0c:e5:fa:75:71:d3:d5:c4:b8:f0:63:9e:00:
                    00:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:32:29:B6:B9:65:5F:3D:D8:39:B3:AB:F7:DE:C3:56:EC:26:BC:80
            X509v3 Authority Key Identifier:
                keyid:A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:57:fd:ae:89:ba:6e:d6:eb:60:31:96:b8:f7:78:53:fb:1d:
         e9:2d:8e:c5:92:75:36:4e:22:43:b0:10:87:5f:5a:63:a9:78:
         7c:af:25:35:9f:f2:e2:25:b4:f3:ef:2d:d8:b9:e7:89:89:36:
         85:36:3e:98:87:c5:4e:7f:1f:8e:60:94:1d:d8:57:da:e8:c5:
         2d:de:39:7c:cb:78:09:e6:6a:6d:10:f4:6a:ea:c6:e5:cf:53:
         d9:16:ca:a8:5a:df:80:b0:63:7e:a5:2a:b6:b2:74:63:52:70:
         a1:e0:60:19:e4:a6:fe:54:d2:f3:b8:7b:49:3f:55:08:ca:db:
         e8:38:b6:8b:c0:5f:c5:ed:21:17:67:d1:25:64:47:66:69:38:
         a7:a2:59:36:54:63:3b:57:2f:cb:e1:1a:18:dc:00:8f:9a:79:
         68:27:fc:27:9b:0d:ea:71:7c:30:8b:c5:58:c8:ae:68:23:f1:
         2f:2d:0a:96:a8:20:bc:3f:45:20:de:14:3f:6d:5f:f2:bc:cc:
         a6:96:5b:ab:24:0e:3c:cd:33:df:fd:2d:b4:73:e2:13:6e:e5:
         30:13:63:a6:6c:ec:d2:60:69:4b:58:d5:8e:f5:15:6c:dd:1a:
         f0:5c:ed:c8:99:99:77:7f:16:2d:f0:c2:01:b2:03:37:f5:ed:
         4e:9e:99:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJg6DpNs6gmOyb19ogRGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDU1ZjA3YmQ0N2E4NjQ3OGMzYmY0NzM5MjU3M2FjZDUz
ZDYzNmUwHhcNMjUxMTExMDkwMTI3WhcNMjUxMTEyMDkwMTI3WjAzMTEwLwYDVQQD
EygyYTMyMjliNmI5NjU1ZjNkZDgzOWIzYWJmN2RlYzM1NmVjMjZiYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sRE0o6/7mhbAIjanCUdJ8zhc8ky
A9xDm5n3t7jcRXFYle3Ocq3FtnA76DPu2gDT0uhVQ3PSa4thniNy3HlLaI4tavMm
RfXy4LrltlrgG6JB5MwwE/lO3ItGONN804MpufzMhUiDwo+ggRGoXMRHdcq0uBTv
X76YH6gAPho87iQTZnAUKETxdLP0ax/7n8zthMOyFlUdpCJRbRUTGpW6TdNsmMnz
lg29ShP/tcOdw8nWBOBsvvYj1jUZUp7+0UTE/6Av9PUNyP1NTiRC/7Lzlu+Y6pmU
+gv68pM3x7hUg4R25cE5sBLoT2krasRn0Y+lRQzl+nVx09XEuPBjngAAQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoyKba5ZV892Dmzq/few1bsJryAMB8GA1UdIwQY
MBaAFKMFXwe9R6hkeMO/Rzklc6zVPWNuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUt
YTNhYWQxMTc4Y2Q0LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUtYTNhYWQxMTc4Y2Q0
LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACVf9rom6
btbrYDGWuPd4U/sd6S2OxZJ1Nk4iQ7AQh19aY6l4fK8lNZ/y4iW08+8t2LnniYk2
hTY+mIfFTn8fjmCUHdhX2ujFLd45fMt4CeZqbRD0aurG5c9T2RbKqFrfgLBjfqUq
trJ0Y1JwoeBgGeSm/lTS87h7ST9VCMrb6Di2i8Bfxe0hF2fRJWRHZmk4p6JZNlRj
O1cvy+EaGNwAj5p5aCf8J5sN6nF8MIvFWMiuaCPxLy0KlqggvD9FIN4UP21f8rzM
ppZbqyQOPM0z3/0ttHPiE27lMBNjpmzs0mBpS1jVjvUVbN0a8FztyJmZd38WLfDC
AbIDN/XtTp6ZDw==
-----END CERTIFICATE-----