Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
File:                     AZYrnNLlVrWW_HJDVlgHueLchoo.mft (raw, json)
Hash identifier:          Zcf2QH7A+iAE9B5C7ZwtSp8dDmZgCUVq3tu2jdLMeik=
Subject key identifier:   B5:07:EC:DE:4D:66:C4:A9:AF:36:4E:24:BC:18:EB:3E:01:F2:A8:DD
Authority key identifier: 01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A
Certificate issuer:       /CN=01962b9cd2e556b596fc7243565807b9e2dc868a
Certificate serial:       019A73A6E48A98EDFDC29455B451425BC3A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
Manifest number:          0829
Signing time:             Tue 11 Nov 2025 16:01:48 +0000
Manifest this update:     Tue 11 Nov 2025 16:01:48 +0000
Manifest next update:     Wed 12 Nov 2025 16:01:48 +0000
Files and hashes:         1: AZYrnNLlVrWW_HJDVlgHueLchoo.crl (hash: kJUA6f+8rCt9zsONpxqBu8v4iy7Cq7C0YSwt0y6mmnM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:e4:8a:98:ed:fd:c2:94:55:b4:51:42:5b:c3:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01962b9cd2e556b596fc7243565807b9e2dc868a
        Validity
            Not Before: Nov 11 16:01:48 2025 GMT
            Not After : Nov 12 16:01:48 2025 GMT
        Subject: CN=b507ecde4d66c4a9af364e24bc18eb3e01f2a8dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:7d:3d:07:f7:8c:04:10:ef:f1:15:95:8d:32:
                    22:1b:f9:40:77:50:54:40:d6:35:78:c1:49:d7:2f:
                    23:e6:54:25:20:fc:97:eb:03:4d:33:e7:08:08:65:
                    b8:b5:6f:0a:f1:63:29:fc:fc:7a:bd:4f:a1:9c:16:
                    7f:b4:94:96:28:4b:29:3b:20:b8:18:18:96:7a:6d:
                    c0:97:a7:9f:9b:8a:c7:65:84:b5:56:3e:c2:80:b3:
                    f1:42:5c:ca:a8:2b:b0:ef:da:a8:15:54:24:80:e2:
                    0f:ec:5d:82:db:d7:53:6d:a8:4d:32:55:61:15:65:
                    68:14:08:af:f3:a0:ab:e7:a5:51:3c:5a:c8:60:1e:
                    c5:98:af:3f:8f:6a:5c:07:e4:f0:d5:29:fe:57:07:
                    77:3b:d0:0c:59:47:16:ae:10:da:c5:8a:ae:12:93:
                    8b:b1:62:e7:9f:1b:27:c1:23:94:5e:f7:ae:9a:a4:
                    01:56:c9:96:dc:f2:8f:ba:ff:04:c5:2e:e4:76:5a:
                    0b:1f:17:17:fd:e8:18:c6:30:0f:e6:71:82:01:5b:
                    f5:09:a3:5e:21:bc:52:44:83:45:b8:60:74:28:15:
                    04:c1:28:41:48:b6:73:7c:c5:d5:6c:97:9a:65:30:
                    9d:3c:e6:d6:1f:d0:5e:32:fe:6b:51:9c:79:4d:6e:
                    b1:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:07:EC:DE:4D:66:C4:A9:AF:36:4E:24:BC:18:EB:3E:01:F2:A8:DD
            X509v3 Authority Key Identifier:
                keyid:01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:0c:29:e2:ae:d2:e8:fb:66:71:54:8c:f8:97:1e:a8:7d:1c:
         9f:5a:be:9a:30:83:65:01:43:66:34:a2:d1:92:09:c0:de:3b:
         13:18:c7:d1:05:3a:61:47:41:32:84:22:40:d8:b8:bc:62:a7:
         a2:c9:6d:e2:7b:0d:19:96:92:34:17:4c:56:a7:59:20:c2:13:
         40:5f:20:67:c2:90:9f:e0:de:08:46:dd:97:57:e0:51:f4:18:
         a6:eb:16:59:db:22:7e:71:c9:8b:d1:b4:c7:bf:dc:6f:6c:2d:
         0f:13:a6:da:d7:11:53:a6:af:44:64:20:f4:8a:17:bc:56:16:
         2a:1d:35:d6:f3:5c:d1:7d:a6:ab:41:d8:a0:28:95:92:47:4b:
         70:9c:6d:7a:5b:db:31:d5:4a:f7:76:82:4e:e8:58:13:cf:30:
         d4:bb:f7:9d:19:6a:45:2c:fd:e1:dc:96:e9:78:23:81:06:53:
         79:e3:db:17:0c:62:cb:9a:66:0c:fd:b8:58:05:81:32:ac:73:
         01:01:2f:f8:ca:7d:03:d3:17:5a:c8:57:ac:86:64:57:bb:08:
         d3:19:97:52:3f:b9:41:f4:15:ef:a5:1e:cd:21:50:38:15:4a:
         9d:7f:4d:17:e9:e8:91:f2:d2:de:bc:f6:e8:e6:51:f7:92:c1:
         70:55:88:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpuSKmO39wpRVtFFCW8OpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTYyYjljZDJlNTU2YjU5NmZjNzI0MzU2NTgwN2I5ZTJk
Yzg2OGEwHhcNMjUxMTExMTYwMTQ4WhcNMjUxMTEyMTYwMTQ4WjAzMTEwLwYDVQQD
EyhiNTA3ZWNkZTRkNjZjNGE5YWYzNjRlMjRiYzE4ZWIzZTAxZjJhOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX09B/eMBBDv8RWVjTIiG/lAd1BU
QNY1eMFJ1y8j5lQlIPyX6wNNM+cICGW4tW8K8WMp/Px6vU+hnBZ/tJSWKEspOyC4
GBiWem3Al6efm4rHZYS1Vj7CgLPxQlzKqCuw79qoFVQkgOIP7F2C29dTbahNMlVh
FWVoFAiv86Cr56VRPFrIYB7FmK8/j2pcB+Tw1Sn+Vwd3O9AMWUcWrhDaxYquEpOL
sWLnnxsnwSOUXveumqQBVsmW3PKPuv8ExS7kdloLHxcX/egYxjAP5nGCAVv1CaNe
IbxSRINFuGB0KBUEwShBSLZzfMXVbJeaZTCdPObWH9BeMv5rUZx5TW6xswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLUH7N5NZsSprzZOJLwY6z4B8qjdMB8GA1UdIwQY
MBaAFAGWK5zS5Va1lvxyQ1ZYB7ni3IaKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEt
NzAzNDJhMmU3NTMzLzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEtNzAzNDJhMmU3NTMz
LzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwwp4q7S
6PtmcVSM+JceqH0cn1q+mjCDZQFDZjSi0ZIJwN47ExjH0QU6YUdBMoQiQNi4vGKn
oslt4nsNGZaSNBdMVqdZIMITQF8gZ8KQn+DeCEbdl1fgUfQYpusWWdsifnHJi9G0
x7/cb2wtDxOm2tcRU6avRGQg9IoXvFYWKh011vNc0X2mq0HYoCiVkkdLcJxtelvb
MdVK93aCTuhYE88w1Lv3nRlqRSz94dyW6XgjgQZTeePbFwxiy5pmDP24WAWBMqxz
AQEv+Mp9A9MXWshXrIZkV7sI0xmXUj+5QfQV76UezSFQOBVKnX9NF+nokfLS3rz2
6OZR95LBcFWI0Q==
-----END CERTIFICATE-----