Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
File:                     aKUCPY4CESaZfXkmpHcBYIqs48c.mft (raw, json)
Hash identifier:          8JN7MCq+sHkzM9fEqq9gGyTa0g/PhtXjkgNaZW+Zmx8=
Subject key identifier:   BD:19:AA:51:AF:41:40:5F:DC:A4:44:55:04:6A:3D:AF:4F:F1:3D:FD
Authority key identifier: 68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7
Certificate issuer:       /CN=68a5023d8e021126997d7926a47701608aace3c7
Certificate serial:       019A7225B280CFB905167A1C70B3ECF7E113
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
Manifest number:          0890
Signing time:             Tue 11 Nov 2025 09:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:04 +0000
Files and hashes:         1: aKUCPY4CESaZfXkmpHcBYIqs48c.crl (hash: KM9oAwRqftfipTEa7URVNuc733D/sFd5TH4VtV+9GMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:b2:80:cf:b9:05:16:7a:1c:70:b3:ec:f7:e1:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a5023d8e021126997d7926a47701608aace3c7
        Validity
            Not Before: Nov 11 09:01:04 2025 GMT
            Not After : Nov 12 09:01:04 2025 GMT
        Subject: CN=bd19aa51af41405fdca44455046a3daf4ff13dfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ab:35:5a:39:dc:2d:7a:e5:51:eb:09:d0:6b:
                    8e:02:bd:12:a7:52:81:9d:0b:3e:8b:4e:43:89:c9:
                    45:3c:e5:51:dc:b8:db:55:8f:64:7b:f0:13:99:7b:
                    c1:50:79:1d:4b:fc:ac:c9:0a:49:eb:55:76:f2:ba:
                    8b:25:8a:12:56:78:9a:05:4a:b0:fa:54:f7:7b:66:
                    00:83:72:cf:35:0f:04:6c:9d:02:3e:18:76:8b:41:
                    fc:60:56:92:d3:21:14:0d:3f:86:7a:e8:4b:21:af:
                    5d:76:59:08:07:ce:08:88:82:93:50:07:a3:fb:83:
                    e4:f0:e6:86:1f:35:a1:e5:a2:47:ef:42:87:f1:1a:
                    90:4e:6b:4f:7a:f2:79:3f:45:31:51:54:c3:a6:eb:
                    72:70:af:c7:83:2b:d3:f3:b7:ac:3a:b3:9c:5a:b8:
                    6e:a7:a3:f7:e3:5d:23:b5:b9:17:c9:f8:17:16:24:
                    ad:fe:77:91:19:8a:74:a7:b1:fd:54:d5:f3:01:e6:
                    60:f6:2d:48:4d:68:d5:a8:fb:98:77:0b:c9:78:27:
                    ff:bf:3f:79:d0:cb:8c:fe:33:86:2f:c5:29:c1:68:
                    f6:46:46:78:c9:36:e9:7f:9a:54:10:00:9f:2f:e5:
                    dd:2c:bd:13:11:d9:15:29:ce:b7:e0:a3:59:6c:4b:
                    9a:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:19:AA:51:AF:41:40:5F:DC:A4:44:55:04:6A:3D:AF:4F:F1:3D:FD
            X509v3 Authority Key Identifier:
                keyid:68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:fe:09:d0:d3:67:88:90:43:4a:00:e0:dc:ea:c6:45:e4:aa:
         b6:7f:49:f9:ec:f0:0b:15:36:21:14:01:4b:f4:01:ce:af:d8:
         6e:3f:2b:fe:2f:50:7c:0c:93:be:c1:a3:4a:ea:4a:f9:09:05:
         92:a9:b0:60:a4:ee:cb:c3:3f:61:f3:47:5e:65:56:bb:67:bc:
         28:70:8a:18:2c:de:83:2f:6c:82:86:d1:89:1a:be:9c:3f:ab:
         1b:a3:13:6f:77:c4:02:1a:9f:c9:da:70:ab:34:5d:79:f0:48:
         13:cf:37:bb:5e:21:e2:27:e2:e7:5c:93:00:fe:8f:37:c2:89:
         41:52:08:84:b0:dc:af:46:35:16:56:58:a3:ef:3e:c8:fc:86:
         92:cd:53:fe:2a:9d:e4:d6:ba:56:44:ca:60:27:d3:9b:7e:06:
         88:6d:a1:8d:9f:5f:fa:73:0e:24:a5:25:c1:35:8e:49:be:bb:
         73:ca:a7:47:dc:af:18:b6:56:07:0b:db:f6:d3:b8:08:cd:22:
         64:e0:db:36:5b:19:7a:5f:57:a8:5e:89:8d:a9:6c:c0:a1:ee:
         42:64:62:26:16:73:82:8e:eb:f4:37:07:96:87:2a:91:c9:78:
         b0:6e:87:56:59:83:9e:b0:58:1d:4c:a0:62:67:40:e5:19:45:
         c5:a0:e8:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJbKAz7kFFnoccLPs9+ETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTUwMjNkOGUwMjExMjY5OTdkNzkyNmE0NzcwMTYwOGFh
Y2UzYzcwHhcNMjUxMTExMDkwMTA0WhcNMjUxMTEyMDkwMTA0WjAzMTEwLwYDVQQD
EyhiZDE5YWE1MWFmNDE0MDVmZGNhNDQ0NTUwNDZhM2RhZjRmZjEzZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvas1WjncLXrlUesJ0GuOAr0Sp1KB
nQs+i05DiclFPOVR3LjbVY9ke/ATmXvBUHkdS/ysyQpJ61V28rqLJYoSVniaBUqw
+lT3e2YAg3LPNQ8EbJ0CPhh2i0H8YFaS0yEUDT+GeuhLIa9ddlkIB84IiIKTUAej
+4Pk8OaGHzWh5aJH70KH8RqQTmtPevJ5P0UxUVTDputycK/HgyvT87esOrOcWrhu
p6P3410jtbkXyfgXFiSt/neRGYp0p7H9VNXzAeZg9i1ITWjVqPuYdwvJeCf/vz95
0MuM/jOGL8UpwWj2RkZ4yTbpf5pUEACfL+XdLL0TEdkVKc634KNZbEuaUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0ZqlGvQUBf3KREVQRqPa9P8T39MB8GA1UdIwQY
MBaAFGilAj2OAhEmmX15JqR3AWCKrOPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUt
ODQ4MWU2YzMzZTNjLzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUtODQ4MWU2YzMzZTNj
LzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACf4J0NNn
iJBDSgDg3OrGReSqtn9J+ezwCxU2IRQBS/QBzq/Ybj8r/i9QfAyTvsGjSupK+QkF
kqmwYKTuy8M/YfNHXmVWu2e8KHCKGCzegy9sgobRiRq+nD+rG6MTb3fEAhqfydpw
qzRdefBIE883u14h4ifi51yTAP6PN8KJQVIIhLDcr0Y1FlZYo+8+yPyGks1T/iqd
5Na6VkTKYCfTm34GiG2hjZ9f+nMOJKUlwTWOSb67c8qnR9yvGLZWBwvb9tO4CM0i
ZODbNlsZel9XqF6JjalswKHuQmRiJhZzgo7r9DcHlocqkcl4sG6HVlmDnrBYHUyg
YmdA5RlFxaDoRQ==
-----END CERTIFICATE-----