Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          O3TjQ8c1WRC+U6/+/AY+/HzqYixamQ0nb9Xtt9dD99E=
Subject key identifier:   1A:C9:34:26:C1:97:34:42:BF:05:9F:8B:50:7A:85:5A:00:F1:32:65
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       0199FDDA2CAF751F8D49B7A1D3FB8D4ECA20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 19:02:37 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:37 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:37 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: F09++OwfjljWA/Slol50MyGz9RdN8F9IpKNlZ3x/Sho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:2c:af:75:1f:8d:49:b7:a1:d3:fb:8d:4e:ca:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Oct 19 19:02:37 2025 GMT
            Not After : Oct 20 19:02:37 2025 GMT
        Subject: CN=1ac93426c1973442bf059f8b507a855a00f13265
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:11:96:b6:c1:eb:e8:8d:1e:84:96:f4:22:1c:
                    ed:82:3b:b3:0f:0c:bb:1c:16:3c:73:ed:79:01:93:
                    73:e2:3f:8e:5f:33:d9:95:41:3c:6d:1f:03:be:aa:
                    fe:41:bd:30:f8:4d:de:a2:72:04:1c:ad:b3:6a:45:
                    b9:f2:4a:e3:d4:46:2f:a2:f7:de:e9:ab:45:03:5f:
                    37:09:34:d0:5a:5d:23:29:5f:58:ad:68:e4:d7:78:
                    9a:e6:9a:3a:5a:24:1a:55:70:92:54:dc:88:2b:2e:
                    39:db:fc:c1:f1:01:78:f4:c1:8f:3d:07:13:28:b2:
                    89:79:9e:1f:91:f5:18:a8:dd:b0:44:37:9d:cc:83:
                    44:35:38:b6:cb:80:51:59:a4:0d:8a:c2:94:a0:1a:
                    2b:22:f1:2b:0e:f5:d1:b6:a2:8d:a6:61:68:75:b8:
                    75:36:ef:63:f9:c1:12:bf:a1:2f:b6:24:7a:af:48:
                    7f:59:0a:0f:3c:8d:f9:07:bd:9e:df:e2:e2:b9:98:
                    e9:9b:d9:fe:55:d1:3c:bb:b3:40:fe:91:26:1b:84:
                    c8:56:1f:27:31:b4:04:29:ae:9b:74:a2:d2:dc:6f:
                    a4:01:d4:f6:d2:f0:42:ad:eb:a8:b8:02:a3:d0:22:
                    78:40:64:ec:a4:6a:c3:b3:39:3f:d0:72:28:a0:51:
                    73:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:C9:34:26:C1:97:34:42:BF:05:9F:8B:50:7A:85:5A:00:F1:32:65
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:e4:b3:97:4a:4c:12:0f:72:53:3b:69:7f:45:e2:31:7a:c6:
         d7:e3:d9:51:4e:21:08:a6:37:93:79:b5:98:c1:9f:58:e8:98:
         34:eb:34:00:9b:e7:73:25:98:bf:dd:29:21:1f:32:53:7d:79:
         dd:31:c9:83:68:6c:56:4d:2d:c5:bd:c0:50:16:3e:cf:b3:d1:
         e8:26:52:5f:ef:90:f9:1b:d4:e6:55:58:86:04:d5:03:3a:70:
         2f:89:1e:0e:5b:58:2d:2d:ee:9d:d4:fb:e1:df:fd:fc:47:b1:
         26:e2:04:e8:de:6f:33:cf:a8:90:30:6e:88:36:17:63:12:ed:
         c9:af:31:c1:55:7f:e6:38:95:e5:68:bf:ec:f6:3c:34:c8:31:
         4f:ca:1e:b9:7a:df:95:a2:c8:f5:36:97:89:cf:af:4c:97:0a:
         c8:1f:26:84:15:d8:a4:cb:db:bc:56:4a:06:69:30:1a:df:2b:
         ef:fc:3b:31:38:03:51:bc:fa:3b:0a:62:b2:3c:05:4e:94:b7:
         34:08:8a:d8:9d:50:de:8f:ed:f8:ee:07:d1:64:c4:9b:a5:1a:
         a3:c1:b7:03:85:d6:5e:40:04:0a:af:89:e5:c7:4c:b4:7b:81:
         f1:7b:f8:84:f2:c6:f0:87:d8:8b:19:8b:6f:cf:15:29:32:16:
         cb:a1:cf:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92iyvdR+NSbeh0/uNTsogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjUxMDE5MTkwMjM3WhcNMjUxMDIwMTkwMjM3WjAzMTEwLwYDVQQD
EygxYWM5MzQyNmMxOTczNDQyYmYwNTlmOGI1MDdhODU1YTAwZjEzMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hGWtsHr6I0ehJb0IhztgjuzDwy7
HBY8c+15AZNz4j+OXzPZlUE8bR8Dvqr+Qb0w+E3eonIEHK2zakW58krj1EYvovfe
6atFA183CTTQWl0jKV9YrWjk13ia5po6WiQaVXCSVNyIKy452/zB8QF49MGPPQcT
KLKJeZ4fkfUYqN2wRDedzINENTi2y4BRWaQNisKUoBorIvErDvXRtqKNpmFodbh1
Nu9j+cESv6EvtiR6r0h/WQoPPI35B72e3+LiuZjpm9n+VdE8u7NA/pEmG4TIVh8n
MbQEKa6bdKLS3G+kAdT20vBCreuouAKj0CJ4QGTspGrDszk/0HIooFFzzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrJNCbBlzRCvwWfi1B6hVoA8TJlMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbeSzl0pM
Eg9yUztpf0XiMXrG1+PZUU4hCKY3k3m1mMGfWOiYNOs0AJvncyWYv90pIR8yU315
3THJg2hsVk0txb3AUBY+z7PR6CZSX++Q+RvU5lVYhgTVAzpwL4keDltYLS3undT7
4d/9/EexJuIE6N5vM8+okDBuiDYXYxLtya8xwVV/5jiV5Wi/7PY8NMgxT8oeuXrf
laLI9TaXic+vTJcKyB8mhBXYpMvbvFZKBmkwGt8r7/w7MTgDUbz6OwpisjwFTpS3
NAiK2J1Q3o/t+O4H0WTEm6Uao8G3A4XWXkAECq+J5cdMtHuB8Xv4hPLG8IfYixmL
b88VKTIWy6HPUA==
-----END CERTIFICATE-----