Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          jaeqqQPXLu9MaHo30TqKfCd+66hSl46Gz3byHwqMDzQ=
Subject key identifier:   14:97:77:12:ED:99:5C:6D:4B:97:BD:2D:0C:D1:4D:91:C3:37:8A:52
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       019A72266FEB5B9215152AC47FD2C51B090F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0C96
Signing time:             Tue 11 Nov 2025 09:01:52 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:52 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:52 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: 78nV0KcPqr0berhGEJcIPONSKRqZJKBbRJw0FvpkPYU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:6f:eb:5b:92:15:15:2a:c4:7f:d2:c5:1b:09:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Nov 11 09:01:52 2025 GMT
            Not After : Nov 12 09:01:52 2025 GMT
        Subject: CN=14977712ed995c6d4b97bd2d0cd14d91c3378a52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:11:f1:8d:f2:27:2f:9e:7f:1a:54:ef:87:9b:
                    3c:7a:ad:30:c5:68:d0:7c:96:a8:8b:a2:20:58:45:
                    60:b7:3a:2f:48:ff:e3:25:c7:c8:51:fd:4a:54:e0:
                    79:d8:df:82:13:04:34:00:fe:27:b8:85:58:61:09:
                    5d:46:dd:c5:2c:4b:6e:7a:39:ae:66:54:38:04:bf:
                    8b:ca:82:fe:4b:ac:b3:da:51:9d:1b:ec:06:a3:41:
                    c6:a3:cc:18:40:7b:1c:31:65:af:06:7e:70:e6:4d:
                    4e:be:f7:cf:79:71:fb:c2:7a:2b:40:e5:9b:96:29:
                    53:80:db:37:fe:d8:ac:4e:de:26:a5:00:0a:75:d3:
                    9a:79:0e:cd:20:c3:29:35:05:49:8c:3b:a4:6f:a5:
                    8f:9e:c5:81:a7:ca:d1:66:6d:56:b3:9c:52:93:44:
                    b9:04:44:08:10:cb:4e:32:f1:36:4f:9e:44:6d:1a:
                    90:ca:af:11:89:37:2f:3a:7d:93:61:45:ea:24:b2:
                    f4:d9:f4:a3:4e:bf:fa:ba:25:b5:36:92:a8:98:72:
                    42:b6:3d:9b:36:c1:e7:67:32:bc:aa:a9:51:6f:5b:
                    06:98:56:8a:69:8f:09:b7:ef:ea:f2:77:22:ff:82:
                    22:9c:db:17:de:72:54:e3:ea:2e:9a:0a:91:ed:22:
                    65:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:97:77:12:ED:99:5C:6D:4B:97:BD:2D:0C:D1:4D:91:C3:37:8A:52
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:1b:74:d7:75:44:95:1e:91:f3:8c:e0:e1:54:88:14:6d:9a:
         f6:68:e5:35:69:08:b6:96:18:9e:4c:e2:6c:45:41:86:f8:77:
         d3:25:59:6d:b0:0c:f1:7c:f3:a9:45:a5:9d:d9:7e:ea:7d:4d:
         07:06:70:88:04:12:d9:75:88:11:dc:73:4a:e0:a5:b6:d7:5e:
         e6:c6:46:2e:6f:5b:18:d9:56:5b:c7:ec:7b:7f:5f:27:37:e3:
         e9:d1:00:91:86:a9:91:dc:ed:0c:0d:66:72:92:68:46:fc:ec:
         c6:36:99:8b:f6:04:ee:7a:13:ba:70:49:32:b0:17:62:4f:1f:
         c1:25:cd:e2:8e:55:97:60:f9:c9:dc:17:d9:ef:2d:a2:1e:fa:
         5e:6a:e6:f9:9f:71:d0:42:49:0b:21:29:f0:3d:d5:e9:00:7e:
         f9:7f:48:f3:6e:f4:f6:d4:13:cc:18:ac:73:e3:31:07:63:3b:
         b1:c7:c3:4b:5f:d4:3a:49:14:fb:8d:e0:0a:08:c7:99:74:44:
         b6:e9:93:3b:9b:3e:95:47:3c:80:cd:93:e1:30:38:e3:d8:38:
         6a:1c:6d:01:c2:37:f0:d9:26:07:6f:94:c2:d1:6c:7b:11:61:
         c0:ca:7a:69:f6:64:01:1c:45:fc:39:6b:a2:07:e2:a6:ac:1f:
         af:ea:df:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJm/rW5IVFSrEf9LFGwkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUxMTExMDkwMTUyWhcNMjUxMTEyMDkwMTUyWjAzMTEwLwYDVQQD
EygxNDk3NzcxMmVkOTk1YzZkNGI5N2JkMmQwY2QxNGQ5MWMzMzc4YTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRHxjfInL55/GlTvh5s8eq0wxWjQ
fJaoi6IgWEVgtzovSP/jJcfIUf1KVOB52N+CEwQ0AP4nuIVYYQldRt3FLEtuejmu
ZlQ4BL+LyoL+S6yz2lGdG+wGo0HGo8wYQHscMWWvBn5w5k1OvvfPeXH7wnorQOWb
lilTgNs3/tisTt4mpQAKddOaeQ7NIMMpNQVJjDukb6WPnsWBp8rRZm1Ws5xSk0S5
BEQIEMtOMvE2T55EbRqQyq8RiTcvOn2TYUXqJLL02fSjTr/6uiW1NpKomHJCtj2b
NsHnZzK8qqlRb1sGmFaKaY8Jt+/q8nci/4IinNsX3nJU4+oumgqR7SJlQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSXdxLtmVxtS5e9LQzRTZHDN4pSMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlxt013VE
lR6R84zg4VSIFG2a9mjlNWkItpYYnkzibEVBhvh30yVZbbAM8XzzqUWlndl+6n1N
BwZwiAQS2XWIEdxzSuClttde5sZGLm9bGNlWW8fse39fJzfj6dEAkYapkdztDA1m
cpJoRvzsxjaZi/YE7noTunBJMrAXYk8fwSXN4o5Vl2D5ydwX2e8toh76Xmrm+Z9x
0EJJCyEp8D3V6QB++X9I82709tQTzBisc+MxB2M7scfDS1/UOkkU+43gCgjHmXRE
tumTO5s+lUc8gM2T4TA449g4ahxtAcI38NkmB2+UwtFsexFhwMp6afZkARxF/Dlr
ogfipqwfr+rf2g==
-----END CERTIFICATE-----