Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft
File:                     O63rHzjiUanY1hTzLTbyat9P1YA.mft (raw, json)
Hash identifier:          lWHaG5muGGO6mcDgLTqZrlw9Ns9NuaBIiohAHDvr5vk=
Subject key identifier:   FF:24:FF:C9:BF:C3:04:87:D2:E8:8F:48:4E:93:08:FF:70:46:0E:80
Authority key identifier: 3B:AD:EB:1F:38:E2:51:A9:D8:D6:14:F3:2D:36:F2:6A:DF:4F:D5:80
Certificate issuer:       /CN=3badeb1f38e251a9d8d614f32d36f26adf4fd580
Certificate serial:       019A0222C476FC237849260AD48040616B94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O63rHzjiUanY1hTzLTbyat9P1YA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft
Manifest number:          0E90
Signing time:             Mon 20 Oct 2025 15:00:24 +0000
Manifest this update:     Mon 20 Oct 2025 15:00:24 +0000
Manifest next update:     Tue 21 Oct 2025 15:00:24 +0000
Files and hashes:         1: O63rHzjiUanY1hTzLTbyat9P1YA.crl (hash: 9XRA7EZwCnXqozSCHcb2TAvDTW4qKBsOQGDvizlb52Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O63rHzjiUanY1hTzLTbyat9P1YA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:22:c4:76:fc:23:78:49:26:0a:d4:80:40:61:6b:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3badeb1f38e251a9d8d614f32d36f26adf4fd580
        Validity
            Not Before: Oct 20 15:00:24 2025 GMT
            Not After : Oct 21 15:00:24 2025 GMT
        Subject: CN=ff24ffc9bfc30487d2e88f484e9308ff70460e80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:99:35:66:be:62:da:42:06:b5:c6:c2:82:78:
                    5c:f5:6e:bd:f4:4c:4d:af:f7:d6:63:32:55:66:bf:
                    d8:90:4b:cf:f5:bb:e6:0d:9d:35:8d:e3:72:e3:87:
                    f8:b9:cf:7e:64:1f:75:64:ce:b1:b0:0d:87:f6:07:
                    b6:bd:88:50:8f:31:d7:56:3d:6a:ff:5b:33:e8:33:
                    ec:6a:63:00:a3:aa:0a:4a:11:6d:59:f4:b1:78:3b:
                    b6:fc:f7:62:6c:1a:0f:13:74:3f:32:c6:7f:cb:2d:
                    f3:c3:26:88:76:d3:3b:ce:45:ee:3f:53:54:18:02:
                    d4:a6:ff:ee:81:5c:6f:cf:1a:7e:2e:df:08:e2:0b:
                    b9:eb:41:8c:f5:a4:71:51:4c:09:f0:cb:c8:45:01:
                    6d:27:e5:73:5a:0e:e2:f9:65:b5:21:10:3d:db:29:
                    62:7d:60:36:94:65:fd:8a:60:ab:af:00:da:3d:ae:
                    e0:93:c2:ce:5a:ae:04:b6:5c:14:57:c1:57:9b:4c:
                    2a:66:7d:b7:89:48:39:3a:d8:d6:42:a5:45:e7:aa:
                    66:7d:3a:44:60:6e:ad:30:e9:e3:f6:39:46:77:d4:
                    67:8c:0a:2a:00:51:d9:5f:b1:ea:87:ed:61:30:75:
                    98:94:8a:ff:55:cb:85:06:ac:2b:92:ba:63:66:20:
                    0b:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:24:FF:C9:BF:C3:04:87:D2:E8:8F:48:4E:93:08:FF:70:46:0E:80
            X509v3 Authority Key Identifier:
                keyid:3B:AD:EB:1F:38:E2:51:A9:D8:D6:14:F3:2D:36:F2:6A:DF:4F:D5:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O63rHzjiUanY1hTzLTbyat9P1YA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:4d:e9:02:86:5b:60:c6:ab:6e:ae:21:e0:43:50:63:54:66:
         90:e4:27:be:7a:08:1e:71:23:8b:08:10:b8:8c:92:1b:f4:69:
         05:c3:86:f8:fc:72:c2:aa:51:93:f2:6a:8d:8c:74:0b:9a:41:
         ff:19:82:dc:10:f2:4f:b7:64:a2:10:bc:36:02:58:1b:76:af:
         98:60:cf:a4:e7:8a:32:85:59:96:26:9b:3e:07:81:3f:c9:b6:
         b1:d2:c0:50:3a:66:10:e7:aa:b3:90:f1:3d:65:5d:90:23:af:
         64:cf:24:34:9b:ac:52:27:2d:3f:eb:85:49:6e:31:f7:30:ee:
         59:72:56:c9:dc:42:1f:82:cf:1e:3a:24:0a:cd:09:fe:ec:8d:
         7b:be:6b:c0:e1:c6:01:97:77:e5:96:8b:f7:d1:85:04:a7:92:
         eb:66:cb:b6:e1:b2:a0:da:a7:d3:56:8a:3c:39:f7:7b:3d:36:
         8a:cc:c8:96:61:97:c3:d8:64:c5:8d:d3:14:61:5c:93:31:41:
         87:31:8d:fc:0c:f6:f7:a4:14:b0:6c:6b:81:01:82:b7:11:28:
         5b:0b:16:9d:46:3d:64:dd:14:2c:a9:51:8b:b6:fe:af:0f:3c:
         1e:bd:b1:fc:d6:57:56:5d:89:eb:7f:1b:2c:27:bd:7f:67:85:
         01:97:e2:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCIsR2/CN4SSYK1IBAYWuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYWRlYjFmMzhlMjUxYTlkOGQ2MTRmMzJkMzZmMjZhZGY0
ZmQ1ODAwHhcNMjUxMDIwMTUwMDI0WhcNMjUxMDIxMTUwMDI0WjAzMTEwLwYDVQQD
EyhmZjI0ZmZjOWJmYzMwNDg3ZDJlODhmNDg0ZTkzMDhmZjcwNDYwZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpk1Zr5i2kIGtcbCgnhc9W699ExN
r/fWYzJVZr/YkEvP9bvmDZ01jeNy44f4uc9+ZB91ZM6xsA2H9ge2vYhQjzHXVj1q
/1sz6DPsamMAo6oKShFtWfSxeDu2/PdibBoPE3Q/MsZ/yy3zwyaIdtM7zkXuP1NU
GALUpv/ugVxvzxp+Lt8I4gu560GM9aRxUUwJ8MvIRQFtJ+VzWg7i+WW1IRA92yli
fWA2lGX9imCrrwDaPa7gk8LOWq4EtlwUV8FXm0wqZn23iUg5OtjWQqVF56pmfTpE
YG6tMOnj9jlGd9RnjAoqAFHZX7Hqh+1hMHWYlIr/VcuFBqwrkrpjZiALQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8k/8m/wwSH0uiPSE6TCP9wRg6AMB8GA1UdIwQY
MBaAFDut6x844lGp2NYU8y028mrfT9WAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzYzckh6amlVYW5ZMWhUekxUYnlhdDlQMVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmJhMGYtZDU2ZC00ZDdmLWE4YjUt
NGM4N2ZlNWZkYWRjLzEvTzYzckh6amlVYW5ZMWhUekxUYnlhdDlQMVlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmJhMGYtZDU2ZC00ZDdmLWE4YjUtNGM4N2ZlNWZkYWRj
LzEvTzYzckh6amlVYW5ZMWhUekxUYnlhdDlQMVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOk3pAoZb
YMarbq4h4ENQY1RmkOQnvnoIHnEjiwgQuIySG/RpBcOG+PxywqpRk/JqjYx0C5pB
/xmC3BDyT7dkohC8NgJYG3avmGDPpOeKMoVZliabPgeBP8m2sdLAUDpmEOeqs5Dx
PWVdkCOvZM8kNJusUictP+uFSW4x9zDuWXJWydxCH4LPHjokCs0J/uyNe75rwOHG
AZd35ZaL99GFBKeS62bLtuGyoNqn01aKPDn3ez02iszIlmGXw9hkxY3TFGFckzFB
hzGN/Az296QUsGxrgQGCtxEoWwsWnUY9ZN0ULKlRi7b+rw88Hr2x/NZXVl2J638b
LCe9f2eFAZfivg==
-----END CERTIFICATE-----