Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.mft
File:                     aRWYIN1xgAT7FchbJweWy06EpOo.mft (raw, json)
Hash identifier:          A3QDTSWZLfJ6L7TeZI0OKdcNtpezzXsrWCu/MxjeOEw=
Subject key identifier:   5D:2D:53:2D:E2:3A:AB:C5:A6:13:34:98:AF:24:B4:01:2D:33:AE:09
Authority key identifier: 69:15:98:20:DD:71:80:04:FB:15:C8:5B:27:07:96:CB:4E:84:A4:EA
Certificate issuer:       /CN=69159820dd718004fb15c85b270796cb4e84a4ea
Certificate serial:       019A71B91EE3FBB5440EEBCD13BDE6CF91D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aRWYIN1xgAT7FchbJweWy06EpOo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.mft
Manifest number:          0246
Signing time:             Tue 11 Nov 2025 07:02:28 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:28 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:28 +0000
Files and hashes:         1: aRWYIN1xgAT7FchbJweWy06EpOo.crl (hash: 5RDFDZgO6SBCHqvpyCqt9dNuwPZiY4KvkAg2gkTdvVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aRWYIN1xgAT7FchbJweWy06EpOo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:1e:e3:fb:b5:44:0e:eb:cd:13:bd:e6:cf:91:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69159820dd718004fb15c85b270796cb4e84a4ea
        Validity
            Not Before: Nov 11 07:02:28 2025 GMT
            Not After : Nov 12 07:02:28 2025 GMT
        Subject: CN=5d2d532de23aabc5a6133498af24b4012d33ae09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:48:83:08:a4:7c:a5:4a:67:ff:ab:fb:3b:c7:
                    88:ad:42:19:66:57:32:a3:09:6c:19:d6:e5:aa:6e:
                    84:af:8d:2f:29:59:f8:95:b7:7d:3b:12:29:db:48:
                    b0:61:f4:fd:c8:ec:7d:53:66:c9:21:c8:10:e8:dc:
                    d5:d0:2f:63:b1:43:27:25:b5:8c:d3:19:d3:30:3a:
                    c2:17:76:a6:93:25:ce:bc:eb:0f:71:e3:8a:8f:ad:
                    d4:aa:bc:c0:21:81:7f:1c:94:e4:99:3d:85:f7:6d:
                    94:6c:24:d2:75:94:ed:8c:81:12:16:b2:6a:27:3d:
                    65:e5:a5:21:d6:3d:9e:40:22:f9:1b:4a:2f:ee:cf:
                    b5:2b:6a:6e:8b:f6:2c:6b:c6:fe:37:4e:1b:7d:ec:
                    c2:ef:3a:40:ea:73:dc:1d:ed:11:21:bb:48:0a:54:
                    18:e4:24:71:3e:12:23:e0:a7:01:23:52:c9:55:d5:
                    e7:d4:b4:66:b5:85:c7:f2:9a:be:bf:c2:2b:97:d7:
                    60:d4:24:89:26:5b:a9:69:8c:53:cb:24:07:ab:8c:
                    e5:8a:97:e9:5c:70:c4:e9:c5:53:b6:1d:2c:b6:68:
                    88:fe:52:29:4b:8e:f9:a0:aa:db:68:98:89:7f:c2:
                    77:b5:01:49:91:da:a3:b3:90:77:2d:92:a4:b2:da:
                    c2:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:2D:53:2D:E2:3A:AB:C5:A6:13:34:98:AF:24:B4:01:2D:33:AE:09
            X509v3 Authority Key Identifier:
                keyid:69:15:98:20:DD:71:80:04:FB:15:C8:5B:27:07:96:CB:4E:84:A4:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRWYIN1xgAT7FchbJweWy06EpOo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:2b:dd:2f:3c:df:b8:eb:73:5d:55:dc:03:87:01:19:fb:95:
         86:c7:03:77:bf:30:c7:b8:52:d8:06:d4:45:44:79:8d:ed:97:
         41:97:41:f0:83:0c:6a:e0:06:7b:6d:40:24:74:01:54:24:c5:
         ae:0d:8e:00:59:ed:56:76:7d:08:84:4b:d1:dc:55:fa:74:fc:
         3d:8e:10:de:d3:ec:ef:6a:48:cf:ee:50:aa:8f:95:f8:17:97:
         bd:80:01:b0:cf:43:76:70:f3:5e:e8:78:96:96:44:e5:f3:33:
         dc:57:ca:c0:45:09:cc:25:ba:52:cb:48:ab:a9:c0:e2:64:49:
         f5:18:9f:8e:3a:6d:e5:a2:f8:53:32:b1:82:25:e8:aa:59:06:
         34:30:80:c4:d0:8d:98:5b:fd:aa:8b:6b:bb:f6:40:15:aa:6e:
         64:ed:a9:0c:77:4e:22:90:5c:9b:d2:d2:59:d3:9c:a8:a3:2a:
         30:7a:52:1b:26:23:8f:58:43:4b:ac:ee:84:ac:29:01:5a:9a:
         ce:8f:5b:44:83:d1:08:0e:c1:90:70:6e:36:1c:92:fb:3c:46:
         c6:a3:8b:fc:02:81:47:d7:e4:e4:78:11:d7:d3:97:31:19:24:
         4a:96:40:6d:df:65:7b:2d:e7:04:bf:37:06:d5:b8:35:7a:ce:
         9a:ea:f3:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuR7j+7VEDuvNE73mz5HVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTU5ODIwZGQ3MTgwMDRmYjE1Yzg1YjI3MDc5NmNiNGU4
NGE0ZWEwHhcNMjUxMTExMDcwMjI4WhcNMjUxMTEyMDcwMjI4WjAzMTEwLwYDVQQD
Eyg1ZDJkNTMyZGUyM2FhYmM1YTYxMzM0OThhZjI0YjQwMTJkMzNhZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0iDCKR8pUpn/6v7O8eIrUIZZlcy
owlsGdblqm6Er40vKVn4lbd9OxIp20iwYfT9yOx9U2bJIcgQ6NzV0C9jsUMnJbWM
0xnTMDrCF3amkyXOvOsPceOKj63UqrzAIYF/HJTkmT2F922UbCTSdZTtjIESFrJq
Jz1l5aUh1j2eQCL5G0ov7s+1K2pui/Ysa8b+N04bfezC7zpA6nPcHe0RIbtIClQY
5CRxPhIj4KcBI1LJVdXn1LRmtYXH8pq+v8Irl9dg1CSJJlupaYxTyyQHq4zlipfp
XHDE6cVTth0stmiI/lIpS475oKrbaJiJf8J3tQFJkdqjs5B3LZKkstrC8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0tUy3iOqvFphM0mK8ktAEtM64JMB8GA1UdIwQY
MBaAFGkVmCDdcYAE+xXIWycHlstOhKTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJXWUlOMXhnQVQ3RmNoYkp3ZVd5MDZFcE9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy83ZGRmMzAtM2M5MS00M2Y5LWIzYjEt
Yzk0OWYwNTkxZjViLzEvYVJXWUlOMXhnQVQ3RmNoYkp3ZVd5MDZFcE9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy83ZGRmMzAtM2M5MS00M2Y5LWIzYjEtYzk0OWYwNTkxZjVi
LzEvYVJXWUlOMXhnQVQ3RmNoYkp3ZVd5MDZFcE9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzyvdLzzf
uOtzXVXcA4cBGfuVhscDd78wx7hS2AbURUR5je2XQZdB8IMMauAGe21AJHQBVCTF
rg2OAFntVnZ9CIRL0dxV+nT8PY4Q3tPs72pIz+5Qqo+V+BeXvYABsM9DdnDzXuh4
lpZE5fMz3FfKwEUJzCW6UstIq6nA4mRJ9Rifjjpt5aL4UzKxgiXoqlkGNDCAxNCN
mFv9qotru/ZAFapuZO2pDHdOIpBcm9LSWdOcqKMqMHpSGyYjj1hDS6zuhKwpAVqa
zo9bRIPRCA7BkHBuNhyS+zxGxqOL/AKBR9fk5HgR19OXMRkkSpZAbd9ley3nBL83
BtW4NXrOmurz0Q==
-----END CERTIFICATE-----