Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.mft
File:                     MlPNw--1IdnV5wqcxeRxsBWGA2o.mft (raw, json)
Hash identifier:          yCLfu3Fzu6pvOv23UvWqf2O5RQJoagB6cg1P4RhOMJM=
Subject key identifier:   A8:6C:4E:19:B4:89:12:D3:66:A6:CB:14:7B:39:B6:E4:1F:06:67:48
Authority key identifier: 32:53:CD:C3:EF:B5:21:D9:D5:E7:0A:9C:C5:E4:71:B0:15:86:03:6A
Certificate issuer:       /CN=3253cdc3efb521d9d5e70a9cc5e471b01586036a
Certificate serial:       019A71B80B14D300FA271D47984F26419AFD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlPNw--1IdnV5wqcxeRxsBWGA2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.mft
Manifest number:          0A43
Signing time:             Tue 11 Nov 2025 07:01:18 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:18 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:18 +0000
Files and hashes:         1: MlPNw--1IdnV5wqcxeRxsBWGA2o.crl (hash: 91vSS0EKSsY2csg70eBBUNxIWagqF7LMaQKQhOoGOeU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MlPNw--1IdnV5wqcxeRxsBWGA2o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:0b:14:d3:00:fa:27:1d:47:98:4f:26:41:9a:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3253cdc3efb521d9d5e70a9cc5e471b01586036a
        Validity
            Not Before: Nov 11 07:01:18 2025 GMT
            Not After : Nov 12 07:01:18 2025 GMT
        Subject: CN=a86c4e19b48912d366a6cb147b39b6e41f066748
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:88:a2:08:11:2d:21:69:42:79:17:3b:ff:06:
                    fc:50:df:5f:89:90:f8:11:f6:14:b1:ec:64:6e:70:
                    6d:45:e4:6c:6e:d8:bf:79:51:df:d6:c5:a3:51:b6:
                    3b:30:f1:ab:f0:8f:ee:36:6a:fc:d6:23:e6:20:17:
                    79:a3:8d:51:10:c0:8d:81:10:eb:26:4f:cf:6f:71:
                    7e:a2:2b:65:79:93:c8:31:4f:cf:d4:de:6f:e2:3f:
                    8d:d7:2c:4a:9f:d9:35:49:f0:29:96:e2:48:6e:89:
                    ce:a3:5f:8e:a2:9e:be:b8:fd:41:62:78:a0:7f:47:
                    5e:67:bf:c1:2a:84:04:4e:5f:f3:90:5a:95:27:65:
                    df:8d:33:31:83:dc:e3:14:5d:3e:2b:2b:e8:e4:d5:
                    74:e3:5e:5f:be:a1:4a:5b:1d:4b:49:1c:25:cf:27:
                    46:7d:85:15:86:b0:90:e2:ae:bf:b1:31:2b:4d:ff:
                    dd:ca:89:1d:e9:dd:9f:f4:1e:61:d1:b3:2b:47:0a:
                    61:39:a1:ba:56:76:db:69:9c:f7:84:ae:19:05:b0:
                    b2:b8:77:41:a2:bf:26:06:e0:f1:fd:a0:bd:ac:34:
                    6f:8b:a4:d0:3d:15:53:12:aa:27:5b:f3:70:3f:e8:
                    75:db:6b:b2:f0:53:89:82:53:55:74:1e:e9:8f:95:
                    4f:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:6C:4E:19:B4:89:12:D3:66:A6:CB:14:7B:39:B6:E4:1F:06:67:48
            X509v3 Authority Key Identifier:
                keyid:32:53:CD:C3:EF:B5:21:D9:D5:E7:0A:9C:C5:E4:71:B0:15:86:03:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlPNw--1IdnV5wqcxeRxsBWGA2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/51a115-de86-4407-a963-1c5c20d13ef8/1/MlPNw--1IdnV5wqcxeRxsBWGA2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:05:4e:97:f9:04:38:b0:a8:7b:b4:2c:56:e1:dc:5e:fc:a9:
         31:0f:e2:fc:cb:cf:2f:d7:db:8c:d8:37:9b:30:a6:9e:da:56:
         03:27:e2:17:50:fb:3d:2a:7b:35:d6:f2:be:f3:d4:7f:80:83:
         81:3f:1a:e5:a8:c8:c0:66:f3:e8:4d:6f:74:bf:68:66:a2:4e:
         76:0e:c3:b3:59:5d:97:2f:2d:c6:dc:d2:1d:bc:68:a5:34:a3:
         36:7b:46:73:a3:bb:e1:e1:39:0b:5c:6b:09:60:8f:57:ce:21:
         81:b6:b1:0b:bb:83:bb:91:f4:76:32:f3:92:87:6c:7e:c9:c3:
         0c:9b:c8:f9:ab:9b:4b:85:2e:0d:08:28:c4:b9:cd:91:4e:8d:
         ca:19:25:f9:5a:3d:14:9b:7b:9b:c0:24:b3:40:3f:fe:12:e3:
         1a:a1:89:f8:c6:88:be:c9:1c:77:ac:1d:bb:fe:be:df:9b:57:
         37:bb:64:c3:b7:2c:7e:5d:d8:c1:3d:17:69:0c:61:bf:f6:5d:
         e6:f0:80:1b:3b:51:4c:6e:c4:85:b5:a7:2f:03:16:86:c7:ce:
         87:b1:6b:eb:50:a1:3b:56:02:7f:ac:36:dc:80:09:2b:e2:70:
         43:98:f9:86:7e:ca:9e:6e:28:85:9a:fd:23:75:98:c6:78:0f:
         2f:06:90:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAsU0wD6Jx1HmE8mQZr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTNjZGMzZWZiNTIxZDlkNWU3MGE5Y2M1ZTQ3MWIwMTU4
NjAzNmEwHhcNMjUxMTExMDcwMTE4WhcNMjUxMTEyMDcwMTE4WjAzMTEwLwYDVQQD
EyhhODZjNGUxOWI0ODkxMmQzNjZhNmNiMTQ3YjM5YjZlNDFmMDY2NzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYiiCBEtIWlCeRc7/wb8UN9fiZD4
EfYUsexkbnBtReRsbti/eVHf1sWjUbY7MPGr8I/uNmr81iPmIBd5o41REMCNgRDr
Jk/Pb3F+oitleZPIMU/P1N5v4j+N1yxKn9k1SfApluJIbonOo1+Oop6+uP1BYnig
f0deZ7/BKoQETl/zkFqVJ2XfjTMxg9zjFF0+Kyvo5NV0415fvqFKWx1LSRwlzydG
fYUVhrCQ4q6/sTErTf/dyokd6d2f9B5h0bMrRwphOaG6VnbbaZz3hK4ZBbCyuHdB
or8mBuDx/aC9rDRvi6TQPRVTEqonW/NwP+h122uy8FOJglNVdB7pj5VPiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKhsThm0iRLTZqbLFHs5tuQfBmdIMB8GA1UdIwQY
MBaAFDJTzcPvtSHZ1ecKnMXkcbAVhgNqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxQTnctLTFJZG5WNXdxY3hlUnhzQldHQTJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MWExMTUtZGU4Ni00NDA3LWE5NjMt
MWM1YzIwZDEzZWY4LzEvTWxQTnctLTFJZG5WNXdxY3hlUnhzQldHQTJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MWExMTUtZGU4Ni00NDA3LWE5NjMtMWM1YzIwZDEzZWY4
LzEvTWxQTnctLTFJZG5WNXdxY3hlUnhzQldHQTJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMwVOl/kE
OLCoe7QsVuHcXvypMQ/i/MvPL9fbjNg3mzCmntpWAyfiF1D7PSp7NdbyvvPUf4CD
gT8a5ajIwGbz6E1vdL9oZqJOdg7Ds1ldly8txtzSHbxopTSjNntGc6O74eE5C1xr
CWCPV84hgbaxC7uDu5H0djLzkodsfsnDDJvI+aubS4UuDQgoxLnNkU6Nyhkl+Vo9
FJt7m8Aks0A//hLjGqGJ+MaIvskcd6wdu/6+35tXN7tkw7csfl3YwT0XaQxhv/Zd
5vCAGztRTG7EhbWnLwMWhsfOh7Fr61ChO1YCf6w23IAJK+JwQ5j5hn7Knm4ohZr9
I3WYxngPLwaQSw==
-----END CERTIFICATE-----