Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
File:                     ofM7gYxgo6zGnzmgsuDuqrttk-A.mft (raw, json)
Hash identifier:          UsOf5ERxrkYHlDfkNZs2Y0FO+e+AHaEFUkYtI2GTLuA=
Subject key identifier:   D6:D8:4C:E8:D8:66:3E:98:85:B3:A3:CB:82:DB:14:C9:53:D8:70:85
Authority key identifier: A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0
Certificate issuer:       /CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
Certificate serial:       0199FD342574E21C7FD785BC1C9016951E61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
Manifest number:          1329
Signing time:             Sun 19 Oct 2025 16:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:16 +0000
Files and hashes:         1: ofM7gYxgo6zGnzmgsuDuqrttk-A.crl (hash: xnZOeC/dTsbGCOBHHDKIid9QQMKI3xn2/xocH6O+tYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:25:74:e2:1c:7f:d7:85:bc:1c:90:16:95:1e:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
        Validity
            Not Before: Oct 19 16:01:16 2025 GMT
            Not After : Oct 20 16:01:16 2025 GMT
        Subject: CN=d6d84ce8d8663e9885b3a3cb82db14c953d87085
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:10:a2:89:16:66:83:c1:22:9f:22:68:55:32:
                    d2:7f:7b:b7:e4:20:60:b4:09:81:02:2b:c7:4d:0d:
                    be:fb:2e:83:ad:07:e4:a2:cd:08:b7:ff:cd:a2:c7:
                    6a:b9:19:17:1b:5e:7c:77:53:19:7f:dd:11:5e:ff:
                    77:3a:e1:42:7d:50:3e:46:4b:4e:bc:3d:85:4e:0f:
                    a1:e3:a7:50:a4:9f:02:6e:e7:19:37:7a:6d:7b:70:
                    f0:31:1a:1e:ba:68:18:c7:4f:83:04:0b:4b:4b:08:
                    db:b7:63:7b:97:b4:c4:41:88:62:8c:91:08:b2:f3:
                    ff:93:ce:bd:2b:7b:c4:7f:ea:76:16:41:46:aa:ea:
                    91:45:8a:29:92:3b:65:ff:41:ea:2b:50:72:ca:5a:
                    ef:8d:f8:a3:cd:ec:2c:d2:63:d5:9e:9c:a6:29:d6:
                    f2:c6:8a:4e:58:00:17:26:3d:d2:c0:f1:72:a3:9d:
                    b4:8f:64:28:13:d8:c1:dc:b4:59:03:7a:c1:1c:b6:
                    17:6b:aa:48:eb:03:34:79:c8:a1:c7:e8:bf:91:93:
                    25:9d:8d:47:34:fd:62:a9:87:71:84:c8:53:45:7b:
                    3b:b7:3f:73:92:b8:42:7f:07:bf:54:db:5a:7c:f7:
                    84:39:3b:cd:b3:e3:59:1a:bf:24:9d:f0:4c:0c:0d:
                    b1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:D8:4C:E8:D8:66:3E:98:85:B3:A3:CB:82:DB:14:C9:53:D8:70:85
            X509v3 Authority Key Identifier:
                keyid:A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:09:50:19:5e:ad:2b:25:2d:62:64:dc:91:8e:a1:97:25:8b:
         ca:6a:45:9f:17:7b:50:b1:4c:c8:39:dd:21:9b:3a:a1:f0:ba:
         b4:39:b9:6b:3f:31:67:51:d3:7f:b8:89:49:75:3e:72:6d:62:
         6a:72:f0:83:18:d0:72:35:8e:51:da:ea:b1:70:16:c0:a2:9f:
         59:4e:13:7c:7c:22:23:31:e2:69:80:14:7a:d3:9b:13:60:ea:
         2f:96:9b:4b:11:ff:ac:ad:fa:7d:99:32:77:1b:42:bb:c4:c4:
         32:3d:24:dd:15:c0:09:73:78:ce:3e:b4:77:27:40:15:e7:75:
         f0:33:aa:84:c8:e2:8c:58:a6:1e:fe:75:0e:7e:86:e5:b0:d4:
         5c:8e:0e:cd:43:66:0a:1f:08:97:de:90:d6:50:27:4c:4e:15:
         75:53:f1:0b:1d:37:ee:b9:a7:99:2e:f6:3e:d3:d2:88:06:b4:
         c7:61:69:d8:8c:3c:33:27:8e:ce:2c:11:3f:00:af:2f:96:2b:
         45:e0:2f:5d:21:af:79:bc:44:03:ed:47:a2:2c:8e:ac:5c:d8:
         72:e6:50:01:d0:3c:f3:44:0a:3d:cc:7d:33:c2:05:9e:0a:92:
         86:8a:62:f2:5d:0e:9b:b4:5f:3e:ec:82:20:29:2f:20:86:6d:
         ca:a3:d5:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NCV04hx/14W8HJAWlR5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZjMzYjgxOGM2MGEzYWNjNjlmMzlhMGIyZTBlZWFhYmI2
ZDkzZTAwHhcNMjUxMDE5MTYwMTE2WhcNMjUxMDIwMTYwMTE2WjAzMTEwLwYDVQQD
EyhkNmQ4NGNlOGQ4NjYzZTk4ODViM2EzY2I4MmRiMTRjOTUzZDg3MDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxCiiRZmg8EinyJoVTLSf3u35CBg
tAmBAivHTQ2++y6DrQfkos0It//NosdquRkXG158d1MZf90RXv93OuFCfVA+RktO
vD2FTg+h46dQpJ8CbucZN3pte3DwMRoeumgYx0+DBAtLSwjbt2N7l7TEQYhijJEI
svP/k869K3vEf+p2FkFGquqRRYopkjtl/0HqK1Byylrvjfijzews0mPVnpymKdby
xopOWAAXJj3SwPFyo520j2QoE9jB3LRZA3rBHLYXa6pI6wM0ecihx+i/kZMlnY1H
NP1iqYdxhMhTRXs7tz9zkrhCfwe/VNtafPeEOTvNs+NZGr8knfBMDA2xsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbYTOjYZj6YhbOjy4LbFMlT2HCFMB8GA1UdIwQY
MBaAFKHzO4GMYKOsxp85oLLg7qq7bZPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQt
ZTE1MmRkZjVhYjA2LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQtZTE1MmRkZjVhYjA2
LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcQlQGV6t
KyUtYmTckY6hlyWLympFnxd7ULFMyDndIZs6ofC6tDm5az8xZ1HTf7iJSXU+cm1i
anLwgxjQcjWOUdrqsXAWwKKfWU4TfHwiIzHiaYAUetObE2DqL5abSxH/rK36fZky
dxtCu8TEMj0k3RXACXN4zj60dydAFed18DOqhMjijFimHv51Dn6G5bDUXI4OzUNm
Ch8Il96Q1lAnTE4VdVPxCx037rmnmS72PtPSiAa0x2Fp2Iw8MyeOziwRPwCvL5Yr
ReAvXSGvebxEA+1HoiyOrFzYcuZQAdA880QKPcx9M8IFngqShopi8l0Om7RfPuyC
ICkvIIZtyqPVZQ==
-----END CERTIFICATE-----