Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
File:                     Ay1SsyOaHOPN00MxNIzngN3xZMA.mft (raw, json)
Hash identifier:          uiBBvakexLCJRGhVDTRQkKss8v8WpsTm/VTlFwZGu4Y=
Subject key identifier:   2A:01:CA:48:8C:30:23:72:93:B9:01:89:2A:73:30:D2:1C:50:A5:06
Authority key identifier: 03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0
Certificate issuer:       /CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
Certificate serial:       019A71B85923B32B88A1FD4F6D388D55236B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
Manifest number:          07D0
Signing time:             Tue 11 Nov 2025 07:01:38 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:38 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:38 +0000
Files and hashes:         1: Ay1SsyOaHOPN00MxNIzngN3xZMA.crl (hash: bqVFyMNxlASXUcefaT7KbRlJG4kr9ZnmDM1n3EJzuU0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:59:23:b3:2b:88:a1:fd:4f:6d:38:8d:55:23:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
        Validity
            Not Before: Nov 11 07:01:38 2025 GMT
            Not After : Nov 12 07:01:38 2025 GMT
        Subject: CN=2a01ca488c30237293b901892a7330d21c50a506
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:96:74:df:61:97:b3:47:91:56:c8:5d:e0:b2:
                    05:f4:4d:a9:b6:6b:62:be:4b:27:8f:46:80:7a:01:
                    28:bc:53:c4:48:75:96:5f:1e:47:a2:f9:fc:7d:62:
                    ef:e5:54:7b:ac:7f:fa:4d:76:97:1a:81:ab:4c:bc:
                    ea:12:b3:28:21:a8:b9:1f:f9:7e:bb:02:3e:ce:9f:
                    67:12:e4:84:07:19:7a:aa:67:9c:e0:af:9c:5f:63:
                    aa:8b:00:5e:19:fc:24:a9:b9:0d:b1:35:f5:6d:3a:
                    fe:f6:c9:07:6f:d1:28:53:52:b5:9d:5a:c3:31:da:
                    82:0f:fd:51:e6:22:ba:26:7f:8a:db:f0:7f:f9:e4:
                    09:09:c3:50:70:14:fa:93:0f:3b:f3:69:c9:73:1e:
                    f1:90:65:a3:f8:1d:f9:2b:d6:37:e5:bd:16:4a:02:
                    2a:a8:79:52:8d:47:c7:31:be:f7:19:f9:1b:bf:11:
                    fe:10:e5:cd:d7:fa:7e:b0:1c:47:7f:f3:d6:ce:c2:
                    11:0b:ca:20:6e:66:48:26:3e:5e:06:15:a6:b8:83:
                    1e:5a:b8:9f:26:bb:ef:68:f0:34:a1:4a:e2:eb:e9:
                    c2:40:7c:68:57:08:80:9b:f5:f7:73:83:32:e6:71:
                    c4:e4:90:04:07:09:35:b6:bd:ae:41:a5:47:eb:a2:
                    dc:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:01:CA:48:8C:30:23:72:93:B9:01:89:2A:73:30:D2:1C:50:A5:06
            X509v3 Authority Key Identifier:
                keyid:03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:f0:76:a4:5b:62:27:f6:e3:db:fd:47:65:8d:90:b6:91:3b:
         37:46:43:e1:62:2a:13:33:e9:5e:44:3d:5d:5b:bb:38:0e:3a:
         3d:2a:f9:b4:7f:58:6b:b7:61:cf:16:3d:f6:1d:4f:5e:8f:13:
         30:1c:a4:76:36:45:61:99:fa:a5:84:46:ef:b9:46:15:1c:f0:
         22:ea:a3:56:e2:f1:d7:0c:6e:2a:d8:49:d4:71:e4:48:0f:74:
         ec:01:ba:51:81:bf:af:2f:0e:cf:77:9c:41:ed:98:98:d3:dd:
         5a:07:c5:cc:09:ed:a2:d4:c9:91:56:78:13:e6:64:f6:8d:08:
         1e:f4:a7:9c:ef:be:5f:12:08:ef:e2:1e:e2:2f:4f:46:78:ad:
         a6:69:b6:d9:f1:30:c1:f5:da:d5:01:9d:ff:5c:52:d4:7b:a7:
         f7:32:1a:5e:ca:b0:8f:92:63:13:38:6c:f4:dd:1e:f3:9f:6d:
         80:9d:ee:07:ed:e1:fa:40:a2:7c:95:6b:c9:ad:de:a2:3a:61:
         2b:bd:1c:f9:52:8d:ae:20:c6:8f:6e:bd:55:9f:42:6d:f7:57:
         98:b8:d0:66:a3:6e:8e:0f:40:1e:37:d1:bf:06:4c:9f:09:c8:
         42:66:39:e7:a4:30:06:b0:0a:3a:91:d2:80:37:1b:22:cc:b9:
         f7:34:80:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuFkjsyuIof1PbTiNVSNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQ1MmIzMjM5YTFjZTNjZGQzNDMzMTM0OGNlNzgwZGRm
MTY0YzAwHhcNMjUxMTExMDcwMTM4WhcNMjUxMTEyMDcwMTM4WjAzMTEwLwYDVQQD
EygyYTAxY2E0ODhjMzAyMzcyOTNiOTAxODkyYTczMzBkMjFjNTBhNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JZ032GXs0eRVshd4LIF9E2ptmti
vksnj0aAegEovFPESHWWXx5Hovn8fWLv5VR7rH/6TXaXGoGrTLzqErMoIai5H/l+
uwI+zp9nEuSEBxl6qmec4K+cX2OqiwBeGfwkqbkNsTX1bTr+9skHb9EoU1K1nVrD
MdqCD/1R5iK6Jn+K2/B/+eQJCcNQcBT6kw8782nJcx7xkGWj+B35K9Y35b0WSgIq
qHlSjUfHMb73GfkbvxH+EOXN1/p+sBxHf/PWzsIRC8ogbmZIJj5eBhWmuIMeWrif
JrvvaPA0oUri6+nCQHxoVwiAm/X3c4My5nHE5JAEBwk1tr2uQaVH66LcqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoBykiMMCNyk7kBiSpzMNIcUKUGMB8GA1UdIwQY
MBaAFAMtUrMjmhzjzdNDMTSM54Dd8WTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQt
ZTdhZDczYmJjYzg5LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQtZTdhZDczYmJjYzg5
LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB/B2pFti
J/bj2/1HZY2QtpE7N0ZD4WIqEzPpXkQ9XVu7OA46PSr5tH9Ya7dhzxY99h1PXo8T
MBykdjZFYZn6pYRG77lGFRzwIuqjVuLx1wxuKthJ1HHkSA907AG6UYG/ry8Oz3ec
Qe2YmNPdWgfFzAntotTJkVZ4E+Zk9o0IHvSnnO++XxII7+Ie4i9PRnitpmm22fEw
wfXa1QGd/1xS1Hun9zIaXsqwj5JjEzhs9N0e859tgJ3uB+3h+kCifJVrya3eojph
K70c+VKNriDGj269VZ9CbfdXmLjQZqNujg9AHjfRvwZMnwnIQmY556QwBrAKOpHS
gDcbIsy59zSAbw==
-----END CERTIFICATE-----