Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          b+R+HV37Y+JYNUGRWvKI4eqa0SPmbe2iY+gyIBafnJw=
Subject key identifier:   07:A6:27:21:C4:E8:98:E5:80:C2:5D:10:3C:E8:C6:1B:60:94:F7:76
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       019A706E6CFE3A34E09D6B48C44A792F3FEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          07C7
Signing time:             Tue 11 Nov 2025 01:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 01:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 01:01:16 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: e78RUN9F6wjmZpU3st5/6DDVRORN18gdDua1p118Tn4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:6c:fe:3a:34:e0:9d:6b:48:c4:4a:79:2f:3f:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Nov 11 01:01:16 2025 GMT
            Not After : Nov 12 01:01:16 2025 GMT
        Subject: CN=07a62721c4e898e580c25d103ce8c61b6094f776
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:3c:6b:84:3c:58:88:b2:26:f2:54:ce:df:a5:
                    c0:67:14:97:99:5f:07:47:fc:67:f5:b0:4d:89:94:
                    79:21:6f:bb:e9:f9:b9:65:3a:eb:03:3c:11:e8:64:
                    e3:14:4b:a0:e3:6b:fd:0b:52:a6:69:ae:f6:99:11:
                    55:04:cc:9e:e0:be:88:86:4f:07:18:00:2b:44:45:
                    c0:40:18:60:d9:7e:7f:73:56:66:b1:a1:0d:f2:f8:
                    84:94:30:71:3b:c9:b1:94:56:fd:a6:d5:14:d8:1b:
                    fe:92:09:c5:49:1e:f5:25:fb:e4:80:41:f3:65:18:
                    45:7a:9f:8c:72:9f:2c:9f:23:85:d9:2e:06:0b:f5:
                    bf:f4:a2:c7:87:ed:23:c7:4c:06:9b:4d:f1:63:17:
                    23:dd:d7:62:58:d0:f9:96:f0:44:86:09:9b:05:89:
                    12:62:09:4e:0c:2d:4c:b2:19:95:48:7b:1c:fa:1b:
                    69:08:f6:4c:44:e9:e2:d5:5c:a9:37:7d:2d:6a:68:
                    f4:e7:38:a3:47:7c:43:f2:98:94:84:92:00:7d:60:
                    c6:42:14:67:69:dd:2a:95:10:44:0f:5a:e1:76:75:
                    0c:1d:b4:06:83:5d:91:d4:e0:78:29:59:29:6f:46:
                    22:05:68:e7:2f:25:5e:41:b0:07:16:c8:94:dc:f2:
                    8a:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:A6:27:21:C4:E8:98:E5:80:C2:5D:10:3C:E8:C6:1B:60:94:F7:76
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:2a:0c:93:3f:c0:c1:00:9d:ba:a8:19:f2:ab:cf:4f:d2:63:
         97:d6:17:54:6c:b8:7f:ea:1c:6c:12:9b:ee:f5:65:aa:52:80:
         30:be:27:33:66:72:b3:b2:62:04:ca:1f:e8:ea:db:10:d3:58:
         bb:41:2c:f1:0a:5a:ae:25:2e:a0:3a:a7:1e:14:41:8d:02:a0:
         7a:e1:d1:21:b7:43:bd:f6:d0:e6:64:69:7b:ea:c6:72:eb:0b:
         92:ec:f0:ba:e3:b0:9e:32:1c:8f:1d:c9:50:d4:f7:0d:a0:fd:
         ed:50:51:54:4f:15:da:ea:af:b1:3a:d7:9a:7a:da:5c:89:98:
         e9:fb:6c:a5:d8:d1:00:ae:36:aa:01:6b:d8:b1:7e:9c:b1:cc:
         f9:37:47:8c:bf:4c:22:40:0d:10:6f:8d:9c:d0:95:ed:63:ea:
         c0:e8:e4:bc:7e:4d:03:5f:e9:63:cd:0a:b0:7e:5f:27:ef:87:
         5c:1e:30:1c:33:7d:f6:a4:1f:f9:4c:41:7a:06:6b:a1:b0:9d:
         c7:0c:dd:18:59:2f:89:09:bb:a5:04:5b:a1:40:4f:d2:8c:05:
         14:8f:d0:f0:81:f7:21:a5:49:64:9e:77:17:b0:5d:dd:d6:cd:
         f2:ad:54:2f:e9:5e:5b:53:95:3c:a0:dd:cc:a1:98:a4:61:2a:
         71:cd:5e:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbmz+OjTgnWtIxEp5Lz/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjUxMTExMDEwMTE2WhcNMjUxMTEyMDEwMTE2WjAzMTEwLwYDVQQD
EygwN2E2MjcyMWM0ZTg5OGU1ODBjMjVkMTAzY2U4YzYxYjYwOTRmNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzxrhDxYiLIm8lTO36XAZxSXmV8H
R/xn9bBNiZR5IW+76fm5ZTrrAzwR6GTjFEug42v9C1Kmaa72mRFVBMye4L6Ihk8H
GAArREXAQBhg2X5/c1ZmsaEN8viElDBxO8mxlFb9ptUU2Bv+kgnFSR71JfvkgEHz
ZRhFep+Mcp8snyOF2S4GC/W/9KLHh+0jx0wGm03xYxcj3ddiWND5lvBEhgmbBYkS
YglODC1MshmVSHsc+htpCPZMROni1VypN30tamj05zijR3xD8piUhJIAfWDGQhRn
ad0qlRBED1rhdnUMHbQGg12R1OB4KVkpb0YiBWjnLyVeQbAHFsiU3PKKsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAemJyHE6JjlgMJdEDzoxhtglPd2MB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUCoMkz/A
wQCduqgZ8qvPT9Jjl9YXVGy4f+ocbBKb7vVlqlKAML4nM2Zys7JiBMof6OrbENNY
u0Es8QpariUuoDqnHhRBjQKgeuHRIbdDvfbQ5mRpe+rGcusLkuzwuuOwnjIcjx3J
UNT3DaD97VBRVE8V2uqvsTrXmnraXImY6ftspdjRAK42qgFr2LF+nLHM+TdHjL9M
IkANEG+NnNCV7WPqwOjkvH5NA1/pY80KsH5fJ++HXB4wHDN99qQf+UxBegZrobCd
xwzdGFkviQm7pQRboUBP0owFFI/Q8IH3IaVJZJ53F7Bd3dbN8q1UL+leW1OVPKDd
zKGYpGEqcc1eeA==
-----END CERTIFICATE-----