Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
File:                     OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json)
Hash identifier:          yDxZC1wS5mXKCzSUpsWRqONfAGHpu+98TJCsJ+1kVkw=
Subject key identifier:   A8:93:D4:20:9F:BC:E3:26:50:68:2A:73:BE:FB:1C:4E:B0:FF:32:28
Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
Certificate issuer:       /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Certificate serial:       019A006BDEBA6CEE3D54B747ADE0037AFCCB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
Manifest number:          032E
Signing time:             Mon 20 Oct 2025 07:01:00 +0000
Manifest this update:     Mon 20 Oct 2025 07:01:00 +0000
Manifest next update:     Tue 21 Oct 2025 07:01:00 +0000
Files and hashes:         1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: p+tEnQXiWjpXcbKFgLCFq767Q1DKB6s6pnK6nzXJcCk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:6b:de:ba:6c:ee:3d:54:b7:47:ad:e0:03:7a:fc:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
        Validity
            Not Before: Oct 20 07:01:00 2025 GMT
            Not After : Oct 21 07:01:00 2025 GMT
        Subject: CN=a893d4209fbce32650682a73befb1c4eb0ff3228
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:41:ee:4e:62:66:eb:6d:55:43:1c:b5:c5:58:
                    f6:0d:f1:3c:d5:b6:d1:17:3f:d0:a7:93:b4:a4:01:
                    f8:aa:57:1e:c6:19:08:a6:de:af:8c:86:9f:c8:dc:
                    57:78:14:7a:a6:41:2b:85:b7:ad:7b:40:33:d3:a0:
                    5c:dd:66:32:db:da:f3:84:71:fb:4a:ad:2b:bd:b1:
                    3b:6d:30:49:fc:73:dc:56:3f:fd:38:2b:df:cf:61:
                    f5:92:00:8e:bc:ab:0b:40:68:60:3c:9f:5e:26:3f:
                    d8:e7:24:67:9d:96:1a:c3:f3:bc:b6:2b:d0:d8:a2:
                    d9:1f:5e:0b:5e:93:cd:6e:d9:7f:e0:82:fe:55:ee:
                    97:6a:00:2b:89:32:d4:01:00:66:f7:32:36:30:f8:
                    71:74:c1:4f:ff:2e:95:d8:34:3e:7e:95:fd:c1:f7:
                    c9:ae:bd:eb:5b:ae:96:28:55:4e:8a:79:e1:0f:a4:
                    c1:68:ad:30:ec:67:25:19:f0:db:27:61:43:a5:d9:
                    b5:be:f2:8a:f2:8a:86:8f:f9:6d:cf:bb:7d:02:9a:
                    80:1f:da:41:6c:50:e1:99:f4:1d:1e:55:4e:e5:98:
                    f1:70:04:22:ac:f0:aa:09:d7:8e:af:da:04:94:25:
                    d3:9a:2f:f2:21:a1:d2:b6:1b:a0:82:1f:db:2c:f7:
                    a6:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:93:D4:20:9F:BC:E3:26:50:68:2A:73:BE:FB:1C:4E:B0:FF:32:28
            X509v3 Authority Key Identifier:
                keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:f1:a5:f0:b6:6d:7c:ab:6e:15:c6:4e:5f:f4:36:07:f0:33:
         0c:82:bb:f2:fe:da:7e:20:08:07:1c:00:47:13:f4:fe:e1:1e:
         f2:95:99:7a:b9:e2:b1:11:80:40:2a:c8:ac:92:7a:d6:69:c2:
         4f:24:5f:53:8d:f9:9c:96:28:86:12:f3:d1:41:a9:cd:27:f3:
         80:e5:25:11:16:a0:14:5f:84:9a:39:c5:f3:68:f1:99:a3:85:
         d3:7d:38:09:e5:83:a6:e6:67:2d:cc:33:03:50:9f:ad:f1:bf:
         8e:a2:b2:d6:8c:26:cc:b2:3e:6a:d5:7f:6b:d2:bd:62:b4:8f:
         27:35:7e:da:49:cf:52:f1:ac:80:25:f0:dc:d2:3d:36:c6:40:
         91:3a:8c:3d:4f:8a:57:9f:9d:a5:fe:9b:0c:25:f4:d3:c9:5e:
         19:e6:ed:f9:97:8d:5c:98:2c:9e:10:8d:d0:a5:5b:b1:8f:b0:
         34:70:2d:61:7a:e5:23:cf:ca:c4:d5:94:43:22:73:81:e8:43:
         80:3d:41:b0:2e:3d:2a:0e:f2:ee:4e:f0:5a:7e:db:0a:83:aa:
         64:5f:e7:46:4d:42:06:5f:d5:a0:32:cf:36:94:96:83:6b:3e:
         c2:82:2b:11:22:4f:29:4c:2d:69:a3:65:43:bb:79:04:b1:59:
         23:df:2c:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAa966bO49VLdHreADevzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw
YjU3YmEwHhcNMjUxMDIwMDcwMTAwWhcNMjUxMDIxMDcwMTAwWjAzMTEwLwYDVQQD
EyhhODkzZDQyMDlmYmNlMzI2NTA2ODJhNzNiZWZiMWM0ZWIwZmYzMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0HuTmJm621VQxy1xVj2DfE81bbR
Fz/Qp5O0pAH4qlcexhkIpt6vjIafyNxXeBR6pkErhbete0Az06Bc3WYy29rzhHH7
Sq0rvbE7bTBJ/HPcVj/9OCvfz2H1kgCOvKsLQGhgPJ9eJj/Y5yRnnZYaw/O8tivQ
2KLZH14LXpPNbtl/4IL+Ve6XagAriTLUAQBm9zI2MPhxdMFP/y6V2DQ+fpX9wffJ
rr3rW66WKFVOinnhD6TBaK0w7GclGfDbJ2FDpdm1vvKK8oqGj/ltz7t9ApqAH9pB
bFDhmfQdHlVO5ZjxcAQirPCqCdeOr9oElCXTmi/yIaHSthuggh/bLPemIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKiT1CCfvOMmUGgqc777HE6w/zIoMB8GA1UdIwQY
MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt
YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz
LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg/Gl8LZt
fKtuFcZOX/Q2B/AzDIK78v7afiAIBxwARxP0/uEe8pWZernisRGAQCrIrJJ61mnC
TyRfU435nJYohhLz0UGpzSfzgOUlERagFF+EmjnF82jxmaOF0304CeWDpuZnLcwz
A1CfrfG/jqKy1owmzLI+atV/a9K9YrSPJzV+2knPUvGsgCXw3NI9NsZAkTqMPU+K
V5+dpf6bDCX008leGebt+ZeNXJgsnhCN0KVbsY+wNHAtYXrlI8/KxNWUQyJzgehD
gD1BsC49Kg7y7k7wWn7bCoOqZF/nRk1CBl/VoDLPNpSWg2s+woIrESJPKUwtaaNl
Q7t5BLFZI98sHg==
-----END CERTIFICATE-----