Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          F3IqhddgQzzUlRKipWjS9+ER+JSXZxU7FA+A2wI4WiE=
Subject key identifier:   4B:7E:9B:C0:CE:B2:15:3C:D7:E9:C1:3C:8B:B5:C8:FE:CE:6F:06:12
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       0199FC8F1C7B845ED54C770D5F709748CC38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0D72
Signing time:             Sun 19 Oct 2025 13:01:01 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:01 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:01 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: s5zkVt1Dt4NKLKvC/zbHTWameO8K/7NYPanH+SwDeQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:1c:7b:84:5e:d5:4c:77:0d:5f:70:97:48:cc:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Oct 19 13:01:01 2025 GMT
            Not After : Oct 20 13:01:01 2025 GMT
        Subject: CN=4b7e9bc0ceb2153cd7e9c13c8bb5c8fece6f0612
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:5e:f4:14:6c:5f:b4:56:b0:11:1a:2f:e5:53:
                    ca:a9:42:48:1f:8d:60:02:15:a2:39:07:8f:79:8c:
                    da:26:61:92:0a:49:5f:00:92:84:d1:ce:fc:bd:22:
                    17:4b:14:1c:6f:60:c6:b3:3b:3b:ca:f3:d6:b9:f5:
                    89:44:35:93:6f:e0:32:31:c2:c0:92:a7:29:57:e4:
                    6d:57:93:33:31:36:b7:9a:ca:3d:f1:58:a6:34:07:
                    3d:90:3b:43:fa:35:54:39:28:3c:29:35:74:eb:69:
                    4e:8a:89:d4:19:48:ae:ea:5a:6b:ed:e7:6a:1b:f1:
                    75:df:91:0d:0a:f3:cf:9f:d5:b0:da:0d:2e:91:77:
                    d6:7e:20:02:9a:13:41:4b:bb:4a:9f:d6:69:62:e4:
                    d2:b0:fa:12:33:8d:8e:98:f1:aa:e5:0a:11:6d:57:
                    fa:3f:3e:b5:6d:0a:93:4b:f6:ed:66:1f:89:fe:01:
                    2e:38:38:4d:e4:0c:5c:05:dd:f8:31:e2:51:26:4b:
                    64:38:ae:c5:3b:a6:04:7e:f8:28:c7:65:87:47:c1:
                    cb:ab:04:0a:61:90:ac:d6:5a:3c:68:c3:42:8b:03:
                    ab:3f:b6:0d:f5:3c:b0:38:ec:a3:b4:86:c0:c3:39:
                    bb:7d:a9:57:71:3d:7d:3f:bc:c9:19:11:b0:83:5b:
                    a8:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:7E:9B:C0:CE:B2:15:3C:D7:E9:C1:3C:8B:B5:C8:FE:CE:6F:06:12
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:51:7a:d8:55:25:9a:53:3d:f4:b7:ac:5c:33:3f:ea:37:e7:
         53:c8:95:14:7c:70:be:45:40:ab:20:a4:2c:14:01:53:f5:27:
         56:93:a3:46:e2:7d:f9:c6:c7:3a:71:6e:26:af:cf:72:b1:b9:
         59:7e:b9:78:38:b6:ce:80:f8:98:36:ca:93:f6:d7:9c:5e:11:
         04:7b:93:54:5a:4b:19:ce:42:7c:fb:cb:ee:dc:80:01:c1:38:
         d7:0f:cd:f1:54:f1:25:a1:40:55:64:26:ef:9c:56:08:cf:bf:
         27:6a:51:c0:ef:f0:2c:87:ec:5c:1c:19:c3:7b:96:8b:13:48:
         c3:d5:77:19:a2:95:9f:68:69:d4:de:5e:41:d5:d9:a1:82:74:
         4f:e5:d5:3f:68:af:c3:79:ab:cd:22:13:a1:9f:fa:a5:e5:60:
         1b:93:5f:ba:ce:d1:73:ef:79:fd:d5:12:0f:a9:f4:31:9e:4d:
         8b:4d:9b:41:16:5b:98:f0:41:53:1a:db:6d:a6:fe:24:c9:13:
         35:82:c1:66:b0:fe:07:f2:f9:f6:b5:2c:14:93:e4:55:df:0a:
         da:e2:cf:53:df:87:ec:a0:8b:34:b6:f1:2a:58:6a:4e:a1:71:
         7f:be:3b:ba:53:33:5c:df:4c:8d:b6:0d:a4:d4:80:9c:c0:61:
         84:ba:a4:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jxx7hF7VTHcNX3CXSMw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjUxMDE5MTMwMTAxWhcNMjUxMDIwMTMwMTAxWjAzMTEwLwYDVQQD
Eyg0YjdlOWJjMGNlYjIxNTNjZDdlOWMxM2M4YmI1YzhmZWNlNmYwNjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4170FGxftFawERov5VPKqUJIH41g
AhWiOQePeYzaJmGSCklfAJKE0c78vSIXSxQcb2DGszs7yvPWufWJRDWTb+AyMcLA
kqcpV+RtV5MzMTa3mso98VimNAc9kDtD+jVUOSg8KTV062lOionUGUiu6lpr7edq
G/F135ENCvPPn9Ww2g0ukXfWfiACmhNBS7tKn9ZpYuTSsPoSM42OmPGq5QoRbVf6
Pz61bQqTS/btZh+J/gEuODhN5AxcBd34MeJRJktkOK7FO6YEfvgox2WHR8HLqwQK
YZCs1lo8aMNCiwOrP7YN9TywOOyjtIbAwzm7falXcT19P7zJGRGwg1uoDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEt+m8DOshU81+nBPIu1yP7ObwYSMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKVF62FUl
mlM99LesXDM/6jfnU8iVFHxwvkVAqyCkLBQBU/UnVpOjRuJ9+cbHOnFuJq/PcrG5
WX65eDi2zoD4mDbKk/bXnF4RBHuTVFpLGc5CfPvL7tyAAcE41w/N8VTxJaFAVWQm
75xWCM+/J2pRwO/wLIfsXBwZw3uWixNIw9V3GaKVn2hp1N5eQdXZoYJ0T+XVP2iv
w3mrzSIToZ/6peVgG5Nfus7Rc+95/dUSD6n0MZ5Ni02bQRZbmPBBUxrbbab+JMkT
NYLBZrD+B/L59rUsFJPkVd8K2uLPU9+H7KCLNLbxKlhqTqFxf747ulMzXN9MjbYN
pNSAnMBhhLqksw==
-----END CERTIFICATE-----