Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
File:                     ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft (raw, json)
Hash identifier:          yKZ8JjJ57HnTidp4YujfjirLSPcZxb2tW2diL+lZKHk=
Subject key identifier:   E5:CB:11:8F:6C:E8:75:3E:A2:5D:9A:F4:A3:DB:3E:B7:C7:39:6D:DE
Authority key identifier: 6A:10:B7:C5:4E:6F:95:B1:D9:B8:4A:AC:3D:9D:A7:42:A0:E0:2A:6C
Certificate issuer:       /CN=6a10b7c54e6f95b1d9b84aac3d9da742a0e02a6c
Certificate serial:       019A71B8727B6BE05B232ABCB134C0B3AE28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
Manifest number:          12DE
Signing time:             Tue 11 Nov 2025 07:01:44 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:44 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:44 +0000
Files and hashes:         1: ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl (hash: 8xXkK3xRX1nnUQuhO0mNqAsaMmsIuJffjsQQRrPlzaQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:72:7b:6b:e0:5b:23:2a:bc:b1:34:c0:b3:ae:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a10b7c54e6f95b1d9b84aac3d9da742a0e02a6c
        Validity
            Not Before: Nov 11 07:01:44 2025 GMT
            Not After : Nov 12 07:01:44 2025 GMT
        Subject: CN=e5cb118f6ce8753ea25d9af4a3db3eb7c7396dde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:58:71:2e:ad:dc:92:65:52:b1:19:0a:df:66:
                    e1:c1:0f:c7:05:e1:6c:59:ab:1e:8f:f8:61:01:25:
                    6f:f1:4b:c7:54:a7:a2:92:30:54:a2:12:51:f5:d5:
                    5a:ff:9a:5e:b3:31:b0:10:b3:67:da:4a:4d:71:c2:
                    38:4e:98:66:87:7d:68:f7:57:4c:b9:19:a6:ca:8f:
                    47:fd:40:11:f3:92:37:cc:43:e9:25:c2:84:1a:28:
                    fe:57:bb:d7:51:db:37:4e:97:36:4d:26:5d:32:04:
                    0b:a9:fe:d4:07:51:0b:5b:ce:43:5e:88:a0:82:62:
                    25:57:92:f5:f1:c2:ee:f9:bb:65:a0:4d:70:f4:2a:
                    a0:2b:87:ea:bd:e4:d2:7e:25:c8:74:0e:7f:5e:53:
                    1e:11:5f:93:6e:d5:89:ab:6c:ab:68:05:fb:74:19:
                    73:d7:34:09:1f:7e:f9:d7:ec:a8:f6:26:6c:0b:90:
                    57:a2:ee:51:c2:f9:15:39:1e:48:01:ad:cb:ca:11:
                    18:f8:75:4f:bf:8c:ee:1c:2b:23:98:75:ba:c9:58:
                    f1:0f:09:e4:1d:0c:ec:45:8c:a3:aa:8f:1b:f8:47:
                    9a:a8:24:42:3e:87:de:ec:ae:97:e7:9c:ee:21:77:
                    63:65:c2:69:30:0e:80:3e:b1:84:d9:0d:10:6d:42:
                    38:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:CB:11:8F:6C:E8:75:3E:A2:5D:9A:F4:A3:DB:3E:B7:C7:39:6D:DE
            X509v3 Authority Key Identifier:
                keyid:6A:10:B7:C5:4E:6F:95:B1:D9:B8:4A:AC:3D:9D:A7:42:A0:E0:2A:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:45:3f:fa:d2:0b:37:96:93:0c:a4:ea:7d:c3:03:f7:82:8b:
         c2:85:b7:2b:87:b9:91:18:88:8e:d6:8b:2b:79:b7:b3:d6:06:
         a3:3b:4d:fa:2f:69:2c:da:0f:11:0f:32:66:43:24:c1:60:be:
         30:12:02:c5:34:50:56:ed:97:96:d2:b2:d5:48:83:2e:60:3c:
         51:44:30:9e:43:e4:e6:34:8f:35:a5:00:f8:a6:48:8a:c9:eb:
         51:d3:e2:96:ed:95:df:1d:0f:e1:42:7a:9d:07:8a:87:c3:31:
         1c:ec:3f:49:04:fd:b0:a6:e3:44:6f:68:b0:b5:df:11:24:2d:
         16:b3:9b:90:19:3b:ea:ef:8c:96:8c:87:99:f5:54:5a:12:52:
         2b:8b:8e:f6:e6:79:85:d7:21:05:45:0f:ee:ff:dc:ad:71:b6:
         fa:d1:3b:55:98:11:2c:77:b7:20:f3:f4:9e:65:3a:db:79:e0:
         ac:70:c1:24:24:ce:fa:11:5e:e5:75:15:ea:a9:ff:e8:ab:17:
         8e:c4:fb:55:9f:84:ce:4c:5c:66:86:d2:e7:22:b5:41:42:12:
         26:6e:8a:1a:ef:e2:ce:d7:19:d0:d5:f0:48:17:91:04:96:98:
         d2:01:be:62:e8:77:b8:0c:ab:ed:9d:8a:a2:43:15:5f:70:c1:
         17:cd:52:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHJ7a+BbIyq8sTTAs64oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMTBiN2M1NGU2Zjk1YjFkOWI4NGFhYzNkOWRhNzQyYTBl
MDJhNmMwHhcNMjUxMTExMDcwMTQ0WhcNMjUxMTEyMDcwMTQ0WjAzMTEwLwYDVQQD
EyhlNWNiMTE4ZjZjZTg3NTNlYTI1ZDlhZjRhM2RiM2ViN2M3Mzk2ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1hxLq3ckmVSsRkK32bhwQ/HBeFs
Wasej/hhASVv8UvHVKeikjBUohJR9dVa/5peszGwELNn2kpNccI4Tphmh31o91dM
uRmmyo9H/UAR85I3zEPpJcKEGij+V7vXUds3Tpc2TSZdMgQLqf7UB1ELW85DXoig
gmIlV5L18cLu+btloE1w9CqgK4fqveTSfiXIdA5/XlMeEV+TbtWJq2yraAX7dBlz
1zQJH3751+yo9iZsC5BXou5RwvkVOR5IAa3LyhEY+HVPv4zuHCsjmHW6yVjxDwnk
HQzsRYyjqo8b+EeaqCRCPofe7K6X55zuIXdjZcJpMA6APrGE2Q0QbUI4aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXLEY9s6HU+ol2a9KPbPrfHOW3eMB8GA1UdIwQY
MBaAFGoQt8VOb5Wx2bhKrD2dp0Kg4CpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84YTJlODUtOTQ4MC00MWEyLWEyNTUt
MmRjYWQ2ZWU3MWZiLzEvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84YTJlODUtOTQ4MC00MWEyLWEyNTUtMmRjYWQ2ZWU3MWZi
LzEvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ0U/+tIL
N5aTDKTqfcMD94KLwoW3K4e5kRiIjtaLK3m3s9YGoztN+i9pLNoPEQ8yZkMkwWC+
MBICxTRQVu2XltKy1UiDLmA8UUQwnkPk5jSPNaUA+KZIisnrUdPilu2V3x0P4UJ6
nQeKh8MxHOw/SQT9sKbjRG9osLXfESQtFrObkBk76u+MloyHmfVUWhJSK4uO9uZ5
hdchBUUP7v/crXG2+tE7VZgRLHe3IPP0nmU623ngrHDBJCTO+hFe5XUV6qn/6KsX
jsT7VZ+EzkxcZobS5yK1QUISJm6KGu/iztcZ0NXwSBeRBJaY0gG+Yuh3uAyr7Z2K
okMVX3DBF81Syw==
-----END CERTIFICATE-----