Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft
File:                     AhtowZzVXWul-GX7DdDW-MnZ49o.mft (raw, json)
Hash identifier:          dqoNSI25w6ynnVOOPiWoRbeM05+j91qbFEuDHC8QBhw=
Subject key identifier:   8E:59:BF:31:CD:F0:90:55:8C:57:4D:45:A9:C1:25:49:9F:35:F6:92
Authority key identifier: 02:1B:68:C1:9C:D5:5D:6B:A5:F8:65:FB:0D:D0:D6:F8:C9:D9:E3:DA
Certificate issuer:       /CN=021b68c19cd55d6ba5f865fb0dd0d6f8c9d9e3da
Certificate serial:       019A71B7EF0700300A13AC55527993B12065
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AhtowZzVXWul-GX7DdDW-MnZ49o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft
Manifest number:          01D3
Signing time:             Tue 11 Nov 2025 07:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:10 +0000
Files and hashes:         1: AhtowZzVXWul-GX7DdDW-MnZ49o.crl (hash: uVWXhjKoDOEbbzvrUE/pSD4Un/B8h1YazoU8tf9H2V0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AhtowZzVXWul-GX7DdDW-MnZ49o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:ef:07:00:30:0a:13:ac:55:52:79:93:b1:20:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=021b68c19cd55d6ba5f865fb0dd0d6f8c9d9e3da
        Validity
            Not Before: Nov 11 07:01:10 2025 GMT
            Not After : Nov 12 07:01:10 2025 GMT
        Subject: CN=8e59bf31cdf090558c574d45a9c125499f35f692
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:83:95:4d:44:a0:13:07:1e:94:91:46:b8:c4:
                    ff:99:c6:ba:e7:f4:ed:4d:97:32:92:5e:95:8f:02:
                    6b:26:17:ba:18:6d:2e:f6:00:3a:23:d0:3c:23:a0:
                    b1:6e:21:1c:74:e6:67:3c:11:34:f3:54:01:7d:70:
                    b3:90:47:dd:d4:a7:78:49:44:49:27:c5:4c:a5:a3:
                    be:ef:87:95:a3:1d:f7:3d:07:b8:6c:6f:d3:25:5e:
                    23:9b:51:c6:3e:6a:85:bc:d3:38:8e:b3:48:d1:22:
                    b7:23:33:ac:15:ec:00:6c:df:81:36:d7:b7:24:ab:
                    ac:e9:df:11:ef:48:46:5c:c3:e3:83:dc:e7:ce:f2:
                    6a:dc:84:c2:13:f7:80:15:60:13:5e:90:cd:66:d3:
                    b0:f4:92:2c:ee:59:e7:a9:ae:03:86:08:ae:2e:09:
                    d0:12:f0:99:f9:5d:e3:51:5f:0f:1e:a1:6c:f9:16:
                    9f:a0:49:a6:35:ab:89:43:79:67:db:0b:96:5d:d3:
                    02:f6:69:15:5d:b0:11:a6:9e:85:f9:40:4b:59:4f:
                    e2:df:b9:b8:94:e7:1c:6c:7f:4a:33:d8:41:f4:7b:
                    48:85:b9:e8:05:9b:a5:52:e4:f2:04:2c:ce:eb:d9:
                    69:23:78:79:06:ec:fa:27:35:b1:02:68:94:df:51:
                    a9:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:59:BF:31:CD:F0:90:55:8C:57:4D:45:A9:C1:25:49:9F:35:F6:92
            X509v3 Authority Key Identifier:
                keyid:02:1B:68:C1:9C:D5:5D:6B:A5:F8:65:FB:0D:D0:D6:F8:C9:D9:E3:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhtowZzVXWul-GX7DdDW-MnZ49o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:47:4d:db:2a:bd:d6:2c:a6:b4:94:39:0d:ae:c5:88:e7:37:
         65:5b:45:b9:cb:da:d8:55:f9:09:d6:be:b2:93:88:36:75:4d:
         04:e5:9d:c5:8b:a7:5d:b1:5f:a9:de:ce:52:d2:9f:9c:3c:61:
         62:9c:a2:15:8e:2d:5e:56:23:26:51:9e:ea:42:6c:3d:ac:9e:
         11:e0:9b:28:af:9b:8d:0f:15:c8:e6:00:27:ad:35:3f:91:83:
         b1:19:6e:50:13:43:68:1b:12:f8:68:75:0d:de:af:ab:6a:32:
         65:ff:eb:fe:11:bd:cb:84:f0:d6:51:7b:45:5d:3e:99:23:ae:
         f8:91:96:af:03:2d:35:ce:5c:ba:7e:c8:4b:88:94:e1:9b:3c:
         5a:55:d8:6d:14:48:09:23:ff:c9:e5:f7:3e:53:e7:66:37:a8:
         50:c1:da:57:69:ca:64:dd:ad:ca:49:d8:84:a4:c0:a6:6d:4c:
         a6:8c:3b:ba:5c:d3:b7:57:aa:2e:f2:43:96:1e:d1:6f:f6:0d:
         11:1b:7a:d2:5a:93:df:ac:0e:c3:ad:59:7c:aa:e2:97:e2:82:
         90:0e:b5:9f:02:e5:d1:fe:26:2d:4a:bb:8b:32:98:8a:68:8c:
         dc:1c:a3:d4:cd:e9:e0:b9:fe:84:13:f6:85:5c:13:8e:51:f1:
         51:28:07:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+8HADAKE6xVUnmTsSBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMWI2OGMxOWNkNTVkNmJhNWY4NjVmYjBkZDBkNmY4Yzlk
OWUzZGEwHhcNMjUxMTExMDcwMTEwWhcNMjUxMTEyMDcwMTEwWjAzMTEwLwYDVQQD
Eyg4ZTU5YmYzMWNkZjA5MDU1OGM1NzRkNDVhOWMxMjU0OTlmMzVmNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IOVTUSgEwcelJFGuMT/mca65/Tt
TZcykl6VjwJrJhe6GG0u9gA6I9A8I6CxbiEcdOZnPBE081QBfXCzkEfd1Kd4SURJ
J8VMpaO+74eVox33PQe4bG/TJV4jm1HGPmqFvNM4jrNI0SK3IzOsFewAbN+BNte3
JKus6d8R70hGXMPjg9znzvJq3ITCE/eAFWATXpDNZtOw9JIs7lnnqa4DhgiuLgnQ
EvCZ+V3jUV8PHqFs+RafoEmmNauJQ3ln2wuWXdMC9mkVXbARpp6F+UBLWU/i37m4
lOccbH9KM9hB9HtIhbnoBZulUuTyBCzO69lpI3h5Buz6JzWxAmiU31GpAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5ZvzHN8JBVjFdNRanBJUmfNfaSMB8GA1UdIwQY
MBaAFAIbaMGc1V1rpfhl+w3Q1vjJ2ePaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWh0b3daelZYV3VsLUdYN0RkRFctTW5aNDlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85YzYxNjctZmY5ZC00NTFiLTg0ZWIt
Nzc3MGU3OTA3MjBmLzEvQWh0b3daelZYV3VsLUdYN0RkRFctTW5aNDlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85YzYxNjctZmY5ZC00NTFiLTg0ZWItNzc3MGU3OTA3MjBm
LzEvQWh0b3daelZYV3VsLUdYN0RkRFctTW5aNDlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfEdN2yq9
1iymtJQ5Da7FiOc3ZVtFucva2FX5Cda+spOINnVNBOWdxYunXbFfqd7OUtKfnDxh
YpyiFY4tXlYjJlGe6kJsPayeEeCbKK+bjQ8VyOYAJ601P5GDsRluUBNDaBsS+Gh1
Dd6vq2oyZf/r/hG9y4Tw1lF7RV0+mSOu+JGWrwMtNc5cun7IS4iU4Zs8WlXYbRRI
CSP/yeX3PlPnZjeoUMHaV2nKZN2tyknYhKTApm1Mpow7ulzTt1eqLvJDlh7Rb/YN
ERt60lqT36wOw61ZfKril+KCkA61nwLl0f4mLUq7izKYimiM3Byj1M3p4Ln+hBP2
hVwTjlHxUSgHxQ==
-----END CERTIFICATE-----