Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
File:                     aPw7CfVvin8ea-PJTw8IikKiy1s.mft (raw, json)
Hash identifier:          lvFUrxlfhYObgkchu+kBJ8dASnrjkoRSM40xwxrqPUA=
Subject key identifier:   84:08:47:32:03:F1:EA:65:B3:5B:19:4B:5E:76:2C:DC:7F:A1:13:10
Authority key identifier: 68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
Certificate issuer:       /CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Certificate serial:       019A70A4C67DC1FFB0BCEC13AFCE2BD02668
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
Manifest number:          08DC
Signing time:             Tue 11 Nov 2025 02:00:38 +0000
Manifest this update:     Tue 11 Nov 2025 02:00:38 +0000
Manifest next update:     Wed 12 Nov 2025 02:00:38 +0000
Files and hashes:         1: aPw7CfVvin8ea-PJTw8IikKiy1s.crl (hash: pJUWoBbKnAlOHmOE5v80vNpKwbBazR+QrYiO7rkHkoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a4:c6:7d:c1:ff:b0:bc:ec:13:af:ce:2b:d0:26:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
        Validity
            Not Before: Nov 11 02:00:38 2025 GMT
            Not After : Nov 12 02:00:38 2025 GMT
        Subject: CN=8408473203f1ea65b35b194b5e762cdc7fa11310
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:03:57:d7:c5:09:f8:6b:15:ed:a6:ab:ed:3a:
                    fa:5e:3b:53:e5:6f:eb:a4:1f:48:8e:00:56:ab:75:
                    13:c2:47:cb:50:81:9f:0b:8a:0b:39:02:cb:cb:da:
                    b3:05:c4:10:ba:55:c2:c1:2c:e6:57:64:2d:1d:0f:
                    9f:d4:1c:3e:30:b9:94:64:69:df:40:fd:0c:09:ed:
                    64:e9:9e:b7:91:21:24:63:19:38:38:62:95:c2:37:
                    db:b8:18:18:10:3e:8b:01:a6:0c:95:33:a9:2d:05:
                    c0:78:4c:30:a5:37:12:08:b7:bf:84:a3:3c:61:bd:
                    96:df:f5:a9:d2:c9:c9:64:7e:29:88:0e:2f:85:e3:
                    9a:6e:58:0e:5f:ff:a1:2c:ce:8a:15:bc:ca:c6:fa:
                    a2:7b:87:9b:7e:c6:f1:e1:9f:f3:7c:14:03:9c:f3:
                    e8:5e:18:39:0a:17:d7:c6:22:40:61:be:91:c4:91:
                    a3:ce:8d:71:0c:5b:a0:a6:4a:a9:45:ea:ca:96:13:
                    cc:f2:9c:13:21:ce:d9:5b:de:ff:ba:eb:9b:c3:b2:
                    90:1c:ce:4b:11:07:a2:77:f0:82:74:3e:22:19:ce:
                    45:18:ed:63:c6:06:f0:13:28:ab:62:61:a2:a9:8c:
                    46:72:93:c8:48:ef:5c:32:2b:d9:2b:86:3d:56:de:
                    71:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:08:47:32:03:F1:EA:65:B3:5B:19:4B:5E:76:2C:DC:7F:A1:13:10
            X509v3 Authority Key Identifier:
                keyid:68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:bf:2d:e1:f0:0b:46:b4:4e:17:e3:81:ec:f6:6d:10:1e:2f:
         58:d9:c0:43:43:5a:97:a7:b2:a3:45:69:57:b4:79:fb:ca:ed:
         4c:b7:c1:57:30:65:9b:81:b7:65:55:09:89:4d:40:3a:fe:ba:
         29:d3:45:45:d4:88:16:c9:8f:10:b6:15:4a:a8:b4:85:4e:be:
         3c:bd:67:ee:08:d7:35:52:87:78:be:1e:6b:52:31:ce:3c:e2:
         35:26:de:81:ad:ac:f1:ec:bc:c1:d8:0a:51:a8:4f:57:f1:bb:
         e4:31:1d:d4:3d:da:6c:73:ed:29:55:8a:eb:60:80:ff:b1:1c:
         15:c8:0e:5d:70:3e:24:c9:72:cd:fb:32:9b:a4:c3:8c:ee:a9:
         be:f9:20:42:08:83:b5:36:18:b8:ec:ee:5e:25:fc:38:08:3c:
         95:96:40:41:8f:da:46:ff:5b:9a:ce:4c:74:fd:f1:78:35:82:
         bc:d5:ef:e9:7f:4e:cb:7b:f0:40:4c:ef:c0:61:27:c8:00:11:
         30:7c:77:1b:86:98:3a:71:6a:e5:db:9c:d1:2e:33:55:7d:53:
         d0:97:c8:2a:f3:a0:64:b3:d5:8a:ab:57:f7:3c:d2:c6:b2:7a:
         56:9c:94:f5:06:52:a3:bd:0f:d3:3a:a2:7b:b6:ee:a5:28:7b:
         24:32:14:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpMZ9wf+wvOwTr84r0CZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZmMzYjA5ZjU2ZjhhN2YxZTZiZTNjOTRmMGYwODhhNDJh
MmNiNWIwHhcNMjUxMTExMDIwMDM4WhcNMjUxMTEyMDIwMDM4WjAzMTEwLwYDVQQD
Eyg4NDA4NDczMjAzZjFlYTY1YjM1YjE5NGI1ZTc2MmNkYzdmYTExMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqANX18UJ+GsV7aar7Tr6XjtT5W/r
pB9IjgBWq3UTwkfLUIGfC4oLOQLLy9qzBcQQulXCwSzmV2QtHQ+f1Bw+MLmUZGnf
QP0MCe1k6Z63kSEkYxk4OGKVwjfbuBgYED6LAaYMlTOpLQXAeEwwpTcSCLe/hKM8
Yb2W3/Wp0snJZH4piA4vheOablgOX/+hLM6KFbzKxvqie4ebfsbx4Z/zfBQDnPPo
Xhg5ChfXxiJAYb6RxJGjzo1xDFugpkqpRerKlhPM8pwTIc7ZW97/uuubw7KQHM5L
EQeid/CCdD4iGc5FGO1jxgbwEyirYmGiqYxGcpPISO9cMivZK4Y9Vt5xQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQIRzID8epls1sZS152LNx/oRMQMB8GA1UdIwQY
MBaAFGj8Own1b4p/HmvjyU8PCIpCostbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMt
Yzg1MzRhM2M5NDk4LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMtYzg1MzRhM2M5NDk4
LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlr8t4fAL
RrROF+OB7PZtEB4vWNnAQ0Nal6eyo0VpV7R5+8rtTLfBVzBlm4G3ZVUJiU1AOv66
KdNFRdSIFsmPELYVSqi0hU6+PL1n7gjXNVKHeL4ea1IxzjziNSbega2s8ey8wdgK
UahPV/G75DEd1D3abHPtKVWK62CA/7EcFcgOXXA+JMlyzfsym6TDjO6pvvkgQgiD
tTYYuOzuXiX8OAg8lZZAQY/aRv9bms5MdP3xeDWCvNXv6X9Oy3vwQEzvwGEnyAAR
MHx3G4aYOnFq5duc0S4zVX1T0JfIKvOgZLPViqtX9zzSxrJ6VpyU9QZSo70P0zqi
e7bupSh7JDIUPA==
-----END CERTIFICATE-----