Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          BW7WWBfXySoMKq64Um5fmu9Quv0MtAgcLXUWQg6gmv4=
Subject key identifier:   CC:3E:C5:76:36:69:17:D9:5F:25:B9:4A:B4:B3:90:65:E6:B4:C3:75
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       019A7293A5E5C3720AF5B345FE947E7B86E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          131E
Signing time:             Tue 11 Nov 2025 11:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:10 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: YwxKefloKrPNpx923gjA38Q2cuD0GJpwM6ZDj+lCbGQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:a5:e5:c3:72:0a:f5:b3:45:fe:94:7e:7b:86:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Nov 11 11:01:10 2025 GMT
            Not After : Nov 12 11:01:10 2025 GMT
        Subject: CN=cc3ec576366917d95f25b94ab4b39065e6b4c375
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:c3:2a:0f:f7:45:ed:a3:67:ff:02:c2:39:f3:
                    f1:2a:40:04:e7:82:15:22:0f:62:d2:ec:9d:1d:54:
                    0e:08:73:8e:5b:7e:81:7c:9c:20:b1:3f:a8:e1:78:
                    70:2d:ef:39:f4:21:36:9c:3f:c2:68:26:7b:9f:ef:
                    a7:24:b3:62:df:57:2c:95:89:37:05:a2:c5:9b:b3:
                    b9:0f:6a:ab:23:03:e4:d4:66:9c:8e:20:ad:29:a0:
                    55:f6:af:e5:ba:44:08:c6:e5:0c:93:9e:f2:82:47:
                    13:8f:60:a5:24:a5:5c:d3:02:45:d5:c9:d1:a8:d2:
                    b8:c3:12:90:03:a9:e3:8b:28:76:f7:47:55:1a:bb:
                    e6:d2:47:1d:f6:76:ff:09:4f:64:5b:51:af:5e:55:
                    f0:a9:98:6e:cd:0d:e4:fb:06:9d:1f:63:2d:21:11:
                    8d:3e:e1:f5:3b:cb:ea:50:84:e8:7a:2c:92:c2:38:
                    81:86:29:e7:ec:08:2a:c1:47:6d:84:92:f9:02:85:
                    1f:ef:93:34:53:06:e9:ba:34:36:85:e6:f7:c8:6b:
                    1f:13:6b:71:83:b3:37:02:ca:d6:86:83:3c:00:58:
                    4c:27:22:4b:9c:6f:fd:56:31:7f:4c:b3:d0:79:69:
                    32:b5:3a:06:2b:6f:6b:a4:33:3a:4a:cd:02:af:9f:
                    ec:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:3E:C5:76:36:69:17:D9:5F:25:B9:4A:B4:B3:90:65:E6:B4:C3:75
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:e7:f4:e9:b3:52:22:c7:55:b3:39:76:98:cf:e7:46:21:89:
         fe:61:d1:14:a2:0a:ca:26:7e:1c:84:5f:de:17:14:ee:70:fb:
         f5:78:8c:36:8b:d0:8b:ac:8a:b8:06:f6:87:ae:b0:8a:1f:26:
         53:33:46:1e:a3:ec:7d:e1:fa:16:12:44:33:29:d1:d0:92:d8:
         e6:20:f5:09:ad:21:a9:2f:c4:70:35:fe:0b:89:92:8d:ab:be:
         18:3c:ae:f1:71:a8:20:1b:37:31:06:76:d6:af:52:95:96:78:
         6c:a0:8e:66:45:94:d3:84:4a:2b:c0:e4:6f:53:ba:77:89:50:
         46:84:18:ce:06:5a:50:8b:ad:19:fe:5d:cc:90:f3:cb:d4:f3:
         13:e0:ff:af:f6:25:8b:2d:3d:f1:d8:10:ee:bf:0b:85:8c:15:
         27:83:f9:82:39:71:be:b5:c4:b6:ba:c2:a2:5a:50:bc:89:33:
         f0:42:69:a9:af:c0:5a:1e:06:62:b0:58:58:9c:32:d7:ab:f7:
         78:6a:37:57:f9:62:a9:15:c8:53:d1:05:a0:83:08:71:eb:98:
         c4:18:5e:87:0b:e4:ba:4c:41:ea:b3:ee:cd:b8:77:87:27:dc:
         38:40:b5:aa:7b:7d:47:97:e2:13:41:1e:84:e0:19:8a:87:1a:
         64:b7:a4:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk6Xlw3IK9bNF/pR+e4bjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjUxMTExMTEwMTEwWhcNMjUxMTEyMTEwMTEwWjAzMTEwLwYDVQQD
EyhjYzNlYzU3NjM2NjkxN2Q5NWYyNWI5NGFiNGIzOTA2NWU2YjRjMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38MqD/dF7aNn/wLCOfPxKkAE54IV
Ig9i0uydHVQOCHOOW36BfJwgsT+o4XhwLe859CE2nD/CaCZ7n++nJLNi31cslYk3
BaLFm7O5D2qrIwPk1GacjiCtKaBV9q/lukQIxuUMk57ygkcTj2ClJKVc0wJF1cnR
qNK4wxKQA6njiyh290dVGrvm0kcd9nb/CU9kW1GvXlXwqZhuzQ3k+wadH2MtIRGN
PuH1O8vqUIToeiySwjiBhinn7AgqwUdthJL5AoUf75M0UwbpujQ2heb3yGsfE2tx
g7M3AsrWhoM8AFhMJyJLnG/9VjF/TLPQeWkytToGK29rpDM6Ss0Cr5/svwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMw+xXY2aRfZXyW5SrSzkGXmtMN1MB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS+f06bNS
IsdVszl2mM/nRiGJ/mHRFKIKyiZ+HIRf3hcU7nD79XiMNovQi6yKuAb2h66wih8m
UzNGHqPsfeH6FhJEMynR0JLY5iD1Ca0hqS/EcDX+C4mSjau+GDyu8XGoIBs3MQZ2
1q9SlZZ4bKCOZkWU04RKK8Dkb1O6d4lQRoQYzgZaUIutGf5dzJDzy9TzE+D/r/Yl
iy098dgQ7r8LhYwVJ4P5gjlxvrXEtrrColpQvIkz8EJpqa/AWh4GYrBYWJwy16v3
eGo3V/liqRXIU9EFoIMIceuYxBhehwvkukxB6rPuzbh3hyfcOEC1qnt9R5fiE0Ee
hOAZiocaZLekcw==
-----END CERTIFICATE-----