Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.mft
File:                     aVHTpo9AAIrYxSB0XKDzCeqB6WU.mft (raw, json)
Hash identifier:          O0OgoPsuSRZK447aTfJFHpt4X9aHrdje4qLUlTkxe30=
Subject key identifier:   00:9F:07:FF:9C:9F:35:EE:2C:B7:A7:9E:43:BF:25:2D:45:3B:23:86
Authority key identifier: 69:51:D3:A6:8F:40:00:8A:D8:C5:20:74:5C:A0:F3:09:EA:81:E9:65
Certificate issuer:       /CN=6951d3a68f40008ad8c520745ca0f309ea81e965
Certificate serial:       019A71807E3440F948CC6F83B440E6FAF834
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aVHTpo9AAIrYxSB0XKDzCeqB6WU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.mft
Manifest number:          7E
Signing time:             Tue 11 Nov 2025 06:00:37 +0000
Manifest this update:     Tue 11 Nov 2025 06:00:37 +0000
Manifest next update:     Wed 12 Nov 2025 06:00:37 +0000
Files and hashes:         1: aVHTpo9AAIrYxSB0XKDzCeqB6WU.crl (hash: c1zqpMAQQCwwNR/+hyjUx3hRfaXhq8T2LjhLDiihJUg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aVHTpo9AAIrYxSB0XKDzCeqB6WU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 06:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:80:7e:34:40:f9:48:cc:6f:83:b4:40:e6:fa:f8:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6951d3a68f40008ad8c520745ca0f309ea81e965
        Validity
            Not Before: Nov 11 06:00:37 2025 GMT
            Not After : Nov 12 06:00:37 2025 GMT
        Subject: CN=009f07ff9c9f35ee2cb7a79e43bf252d453b2386
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f9:62:bb:e4:b2:64:83:79:55:28:16:f1:76:
                    16:3f:a7:a5:0e:f3:2e:84:61:3e:e6:ea:35:20:aa:
                    1f:e7:10:71:cd:df:11:84:a9:ac:59:ea:07:00:6f:
                    10:2b:f5:f1:3c:4b:bc:bd:04:48:35:4d:9e:00:73:
                    cd:96:24:ed:10:43:60:02:68:dd:af:23:c3:2f:76:
                    3e:98:50:df:11:e5:d1:b9:e2:bd:1f:00:3a:5d:d0:
                    68:04:a9:61:49:c3:3f:3b:a2:c1:9b:dc:fd:40:64:
                    46:23:4b:b6:c0:86:78:9d:65:da:b8:84:64:aa:fc:
                    4a:53:93:26:87:b0:fe:3e:44:45:b7:cc:4b:39:bb:
                    ea:c2:52:72:a8:9e:75:70:45:f7:60:e8:8c:b8:f2:
                    e6:87:78:b4:49:3d:76:a7:bd:cd:8f:db:2f:52:54:
                    0d:25:6e:8d:92:2e:6b:28:61:4c:e0:ba:f4:8e:a5:
                    8c:de:7d:26:df:a4:13:e9:e2:a8:d0:d9:28:02:35:
                    33:ce:4d:6a:21:dc:66:7c:da:64:d1:89:c3:4e:9a:
                    1d:05:cd:47:5e:3e:d8:7b:3d:5a:11:4f:8d:5b:c5:
                    9c:68:8a:59:f0:20:ef:d0:9b:74:b4:93:4e:b3:fc:
                    a5:cc:27:4f:54:28:b8:8b:1c:cd:2f:e7:1c:07:a9:
                    7a:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:9F:07:FF:9C:9F:35:EE:2C:B7:A7:9E:43:BF:25:2D:45:3B:23:86
            X509v3 Authority Key Identifier:
                keyid:69:51:D3:A6:8F:40:00:8A:D8:C5:20:74:5C:A0:F3:09:EA:81:E9:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVHTpo9AAIrYxSB0XKDzCeqB6WU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7eaf05-6a03-40b1-97bb-a2521114a72e/1/aVHTpo9AAIrYxSB0XKDzCeqB6WU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:68:55:a2:a3:b3:22:fc:57:52:c4:79:2d:86:2b:cd:fa:f8:
         05:28:ff:1f:35:00:73:46:9e:30:d8:2d:b5:c4:f7:bd:02:20:
         e0:0b:bd:60:d9:3e:ef:92:bb:66:b2:ca:6b:a9:69:aa:d8:84:
         45:fe:c3:44:41:0b:f0:33:17:fa:fb:0a:61:cc:00:27:58:42:
         61:13:6f:3d:7a:9b:4d:92:f5:b8:e0:23:a8:6a:2d:0e:73:db:
         6c:35:b8:61:52:78:73:0c:2a:16:1f:af:49:95:08:6d:49:f2:
         2f:e5:0d:53:55:54:af:6e:84:30:c4:9c:4a:f3:92:29:7e:04:
         1e:a8:0d:8c:e5:17:01:31:5c:58:8b:69:da:06:bf:57:e6:ec:
         21:93:67:55:5a:5a:a1:bb:ba:7d:3a:ad:0b:51:22:e0:4f:67:
         77:3f:00:97:33:63:1f:3c:90:13:f4:bd:1a:d1:e1:4d:01:78:
         08:d7:d3:61:24:f7:91:a8:e1:d7:0d:28:c0:bc:73:79:65:74:
         75:cd:41:8d:94:1f:93:4d:43:6b:96:ed:55:a7:e7:5c:7d:a9:
         f3:75:b7:e5:61:d9:d8:36:f8:33:e1:50:13:81:e5:e5:1c:d5:
         6e:42:de:f5:e6:e5:e3:ea:72:55:3b:f9:49:3b:67:05:6e:77:
         a1:f1:47:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgH40QPlIzG+DtEDm+vg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTFkM2E2OGY0MDAwOGFkOGM1MjA3NDVjYTBmMzA5ZWE4
MWU5NjUwHhcNMjUxMTExMDYwMDM3WhcNMjUxMTEyMDYwMDM3WjAzMTEwLwYDVQQD
EygwMDlmMDdmZjljOWYzNWVlMmNiN2E3OWU0M2JmMjUyZDQ1M2IyMzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovliu+SyZIN5VSgW8XYWP6elDvMu
hGE+5uo1IKof5xBxzd8RhKmsWeoHAG8QK/XxPEu8vQRINU2eAHPNliTtEENgAmjd
ryPDL3Y+mFDfEeXRueK9HwA6XdBoBKlhScM/O6LBm9z9QGRGI0u2wIZ4nWXauIRk
qvxKU5Mmh7D+PkRFt8xLObvqwlJyqJ51cEX3YOiMuPLmh3i0ST12p73Nj9svUlQN
JW6Nki5rKGFM4Lr0jqWM3n0m36QT6eKo0NkoAjUzzk1qIdxmfNpk0YnDTpodBc1H
Xj7Yez1aEU+NW8WcaIpZ8CDv0Jt0tJNOs/ylzCdPVCi4ixzNL+ccB6l68wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFACfB/+cnzXuLLennkO/JS1FOyOGMB8GA1UdIwQY
MBaAFGlR06aPQACK2MUgdFyg8wnqgellMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZIVHBvOUFBSXJZeFNCMFhLRHpDZXFCNldVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83ZWFmMDUtNmEwMy00MGIxLTk3YmIt
YTI1MjExMTRhNzJlLzEvYVZIVHBvOUFBSXJZeFNCMFhLRHpDZXFCNldVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83ZWFmMDUtNmEwMy00MGIxLTk3YmItYTI1MjExMTRhNzJl
LzEvYVZIVHBvOUFBSXJZeFNCMFhLRHpDZXFCNldVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiGhVoqOz
IvxXUsR5LYYrzfr4BSj/HzUAc0aeMNgttcT3vQIg4Au9YNk+75K7ZrLKa6lpqtiE
Rf7DREEL8DMX+vsKYcwAJ1hCYRNvPXqbTZL1uOAjqGotDnPbbDW4YVJ4cwwqFh+v
SZUIbUnyL+UNU1VUr26EMMScSvOSKX4EHqgNjOUXATFcWItp2ga/V+bsIZNnVVpa
obu6fTqtC1Ei4E9ndz8AlzNjHzyQE/S9GtHhTQF4CNfTYST3kajh1w0owLxzeWV0
dc1BjZQfk01Da5btVafnXH2p83W35WHZ2Db4M+FQE4Hl5RzVbkLe9ebl4+pyVTv5
STtnBW53ofFHIg==
-----END CERTIFICATE-----