Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
File:                     AFA0jPYGQvVOyQck3niqoD3NOOE.mft (raw, json)
Hash identifier:          8p7rpr2zGjK+AqTbSxzGvnfKxC1tTVSihfgjzzj7ANY=
Subject key identifier:   55:B2:48:FC:AD:50:97:EB:8D:8D:CF:7E:96:A4:18:07:51:3D:75:A2
Authority key identifier: 00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1
Certificate issuer:       /CN=0050348cf60642f54ec90724de78aaa03dcd38e1
Certificate serial:       019A71B80BD3DEB8C943A26B72AD4DA466F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
Manifest number:          0ECA
Signing time:             Tue 11 Nov 2025 07:01:18 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:18 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:18 +0000
Files and hashes:         1: AFA0jPYGQvVOyQck3niqoD3NOOE.crl (hash: Exo51oyPFzmor926IVwxKlm6aT3XJwBJ+D2UJGUJoPA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:0b:d3:de:b8:c9:43:a2:6b:72:ad:4d:a4:66:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0050348cf60642f54ec90724de78aaa03dcd38e1
        Validity
            Not Before: Nov 11 07:01:18 2025 GMT
            Not After : Nov 12 07:01:18 2025 GMT
        Subject: CN=55b248fcad5097eb8d8dcf7e96a41807513d75a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:fe:e6:31:83:34:68:e4:1f:bb:b8:f2:21:d5:
                    43:d9:94:43:39:c0:22:f5:d6:74:1f:55:13:e5:bf:
                    dd:38:0b:33:c8:e7:81:f7:d8:8c:58:df:95:e0:b6:
                    6e:5c:4f:86:5c:28:68:c2:95:5c:2f:1c:ec:89:87:
                    45:ad:96:2a:a7:58:c5:f8:4e:13:25:50:69:7d:fe:
                    6e:ba:a2:e2:27:47:45:24:d8:bd:b5:b1:91:d7:e3:
                    6d:e3:11:13:92:78:80:3b:ed:f6:4d:43:37:2f:af:
                    85:43:52:db:c6:23:a2:d5:da:56:a0:c0:96:b3:85:
                    28:3e:f4:c1:63:99:c2:6d:e8:a5:5f:04:e0:d6:14:
                    b9:d6:76:94:6c:b2:82:b8:ed:c5:b4:43:9f:3f:c1:
                    9d:96:71:4a:df:d8:e4:ed:b2:fb:36:da:3e:15:5d:
                    09:1e:f2:e1:2c:37:43:d1:33:b7:e6:6f:01:c5:9f:
                    4e:5e:ce:0c:29:b1:ef:b6:11:11:89:36:e6:e2:c9:
                    c8:8b:5a:59:af:0c:f2:fb:a4:85:58:fc:c2:0b:17:
                    50:a0:4f:a5:ab:e3:e4:21:77:32:5d:cc:a6:9a:c6:
                    7c:d3:12:3c:ae:07:ff:a6:3f:7b:a5:4a:29:32:86:
                    75:89:cd:43:10:b3:95:56:a0:3b:a8:0b:0c:c0:a0:
                    0e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:B2:48:FC:AD:50:97:EB:8D:8D:CF:7E:96:A4:18:07:51:3D:75:A2
            X509v3 Authority Key Identifier:
                keyid:00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:74:2f:82:04:dc:d7:8a:ea:f0:57:9a:e4:24:6f:4e:1e:f9:
         a7:4b:14:9c:45:5f:83:43:a2:e3:78:ca:e2:d1:27:c8:54:ca:
         61:c2:8a:f0:d0:5d:c0:3b:be:dd:17:4d:1b:43:25:21:74:8f:
         23:2d:22:5c:b1:43:4f:30:93:7e:c6:bf:17:55:5e:a6:36:5d:
         0c:92:a7:0d:8a:aa:a7:a4:f9:39:11:78:c1:0e:b6:dc:a7:77:
         53:60:46:d0:76:17:e9:91:54:1d:46:d9:81:46:c0:28:a8:0d:
         af:53:43:2d:60:18:ab:79:e5:cb:84:8d:ac:2c:44:2f:c8:f7:
         40:d4:5f:78:de:a3:5f:f8:5b:77:e3:52:21:5d:8b:3f:a0:52:
         e5:57:02:eb:06:76:a8:e1:f8:be:9c:bd:98:96:7d:0f:49:e3:
         19:7b:05:79:fa:04:e5:96:74:29:6f:cc:68:d1:e8:e0:f4:b7:
         71:9d:15:99:24:41:f4:a1:5b:3d:b2:63:6b:84:90:44:26:3a:
         13:7b:d7:6b:69:23:dc:3e:31:df:cd:06:09:a1:d6:39:c1:fe:
         d2:31:41:0c:50:06:e1:55:04:3a:ae:0a:29:92:e4:c7:b1:87:
         95:99:75:3b:4d:34:6e:6e:6c:8a:ac:c0:f6:8d:0a:d5:5f:30:
         59:37:c3:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAvT3rjJQ6Jrcq1NpGb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTAzNDhjZjYwNjQyZjU0ZWM5MDcyNGRlNzhhYWEwM2Rj
ZDM4ZTEwHhcNMjUxMTExMDcwMTE4WhcNMjUxMTEyMDcwMTE4WjAzMTEwLwYDVQQD
Eyg1NWIyNDhmY2FkNTA5N2ViOGQ4ZGNmN2U5NmE0MTgwNzUxM2Q3NWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP7mMYM0aOQfu7jyIdVD2ZRDOcAi
9dZ0H1UT5b/dOAszyOeB99iMWN+V4LZuXE+GXChowpVcLxzsiYdFrZYqp1jF+E4T
JVBpff5uuqLiJ0dFJNi9tbGR1+Nt4xETkniAO+32TUM3L6+FQ1LbxiOi1dpWoMCW
s4UoPvTBY5nCbeilXwTg1hS51naUbLKCuO3FtEOfP8GdlnFK39jk7bL7Nto+FV0J
HvLhLDdD0TO35m8BxZ9OXs4MKbHvthERiTbm4snIi1pZrwzy+6SFWPzCCxdQoE+l
q+PkIXcyXcymmsZ80xI8rgf/pj97pUopMoZ1ic1DELOVVqA7qAsMwKAO/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWySPytUJfrjY3PfpakGAdRPXWiMB8GA1UdIwQY
MBaAFABQNIz2BkL1TskHJN54qqA9zTjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2Et
ZTU0YjA2YTkzNTI2LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2EtZTU0YjA2YTkzNTI2
LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnQvggTc
14rq8Fea5CRvTh75p0sUnEVfg0Oi43jK4tEnyFTKYcKK8NBdwDu+3RdNG0MlIXSP
Iy0iXLFDTzCTfsa/F1VepjZdDJKnDYqqp6T5ORF4wQ623Kd3U2BG0HYX6ZFUHUbZ
gUbAKKgNr1NDLWAYq3nly4SNrCxEL8j3QNRfeN6jX/hbd+NSIV2LP6BS5VcC6wZ2
qOH4vpy9mJZ9D0njGXsFefoE5ZZ0KW/MaNHo4PS3cZ0VmSRB9KFbPbJja4SQRCY6
E3vXa2kj3D4x380GCaHWOcH+0jFBDFAG4VUEOq4KKZLkx7GHlZl1O000bm5siqzA
9o0K1V8wWTfD6A==
-----END CERTIFICATE-----