Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
File:                     uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft (raw, json)
Hash identifier:          ualVrRl1U1FiiP/bs9i2nBrksgtTn764oLK7ibTafuc=
Subject key identifier:   25:0A:11:7B:0B:6A:6B:6C:62:C3:6F:5B:93:C7:FE:2E:98:11:38:91
Authority key identifier: BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E
Certificate issuer:       /CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
Certificate serial:       019A70DBDDC0623990637F01C3E79B352DBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
Manifest number:          06A0
Signing time:             Tue 11 Nov 2025 03:00:48 +0000
Manifest this update:     Tue 11 Nov 2025 03:00:48 +0000
Manifest next update:     Wed 12 Nov 2025 03:00:48 +0000
Files and hashes:         1: uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl (hash: 2gmpi/KhoYWVShFSfKdCzhtFO8uSAsqIHzc0tod/eH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:db:dd:c0:62:39:90:63:7f:01:c3:e7:9b:35:2d:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
        Validity
            Not Before: Nov 11 03:00:48 2025 GMT
            Not After : Nov 12 03:00:48 2025 GMT
        Subject: CN=250a117b0b6a6b6c62c36f5b93c7fe2e98113891
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:4c:cb:95:e1:ea:ae:6c:2c:8d:93:a7:4e:e0:
                    fd:d1:2c:c4:da:3a:7f:3d:29:fa:fa:a3:cc:a5:5d:
                    a3:80:17:91:3e:97:0d:50:9b:0a:04:c5:61:39:d5:
                    78:b9:f4:ba:fe:75:8d:7e:99:25:30:98:8e:35:17:
                    09:1c:ad:e1:2d:28:7a:71:32:b7:a4:9a:48:f6:c8:
                    d3:f5:65:2b:e4:9e:6d:3b:95:91:f6:46:38:d2:5c:
                    c3:bf:58:11:05:42:74:4e:9c:90:73:72:21:ee:58:
                    b9:34:5c:55:8a:a2:c7:3b:13:da:c8:9a:95:63:ad:
                    c7:f2:b3:c9:8b:39:88:54:cb:49:f9:d4:24:be:69:
                    74:8a:c5:4d:88:7b:dd:c6:50:ae:d3:fc:26:13:89:
                    75:57:15:ae:49:01:f7:4d:73:96:92:7c:18:aa:87:
                    b1:35:f7:da:ec:a8:58:06:52:4b:c3:90:21:10:12:
                    7e:e0:ec:e2:eb:dd:8a:12:63:22:bd:d4:2f:73:12:
                    46:f2:16:37:c8:f2:8d:7f:c6:04:a0:c7:f7:fe:b8:
                    58:fb:93:fc:11:e3:02:fe:ea:d8:9e:7d:14:29:99:
                    bc:f4:ba:18:95:e4:f2:e1:fc:fa:35:17:6f:3c:b3:
                    f6:57:c2:b3:ed:72:d0:a5:08:1b:84:ed:9c:fe:67:
                    fd:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:0A:11:7B:0B:6A:6B:6C:62:C3:6F:5B:93:C7:FE:2E:98:11:38:91
            X509v3 Authority Key Identifier:
                keyid:BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:01:aa:4b:38:ea:26:48:ba:99:c9:33:b3:2e:21:88:ec:98:
         8a:98:20:24:ef:ec:ed:bf:e9:00:19:fa:37:40:2d:99:ce:8b:
         35:05:87:69:8f:9b:ee:49:ef:63:f8:67:7e:99:63:5f:c7:a9:
         ae:2a:55:11:4a:09:90:f4:0d:f9:45:39:b9:4e:39:8c:8c:b9:
         33:16:26:95:6b:d5:2e:07:08:6d:74:69:7f:eb:53:c3:e5:41:
         b3:1a:57:44:05:86:84:f7:1d:9a:ca:ec:5d:b5:b2:b5:59:4c:
         15:75:dc:3c:ea:a3:e2:48:a7:a8:01:a8:4a:6e:3a:d0:36:7c:
         fa:ec:11:69:bf:63:51:ed:a1:88:c1:5c:b6:26:d7:69:75:73:
         05:71:26:6d:ea:94:3a:5b:2a:82:a5:7d:76:f3:29:3c:9f:76:
         08:c7:cf:b3:7f:1e:9e:db:7c:db:4a:dc:62:7d:26:7d:86:53:
         a7:0a:24:74:f8:1c:2a:e6:f3:19:84:d6:5b:b2:cb:e2:d6:78:
         02:bc:78:92:83:04:59:93:db:26:d5:f9:cd:71:a3:54:60:59:
         7f:07:96:f3:2b:8d:18:e7:26:84:03:50:9d:23:35:40:c8:27:
         8d:1f:56:6c:78:e2:7a:90:09:5b:ad:8a:ad:8b:00:e7:9f:71:
         e3:66:72:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw293AYjmQY38Bw+ebNS27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWY2YzA4YmNhMzA4YzFjNzhiMGVlZDhlZjMwYjRhMDQ2
ODExOGUwHhcNMjUxMTExMDMwMDQ4WhcNMjUxMTEyMDMwMDQ4WjAzMTEwLwYDVQQD
EygyNTBhMTE3YjBiNmE2YjZjNjJjMzZmNWI5M2M3ZmUyZTk4MTEzODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikzLleHqrmwsjZOnTuD90SzE2jp/
PSn6+qPMpV2jgBeRPpcNUJsKBMVhOdV4ufS6/nWNfpklMJiONRcJHK3hLSh6cTK3
pJpI9sjT9WUr5J5tO5WR9kY40lzDv1gRBUJ0TpyQc3Ih7li5NFxViqLHOxPayJqV
Y63H8rPJizmIVMtJ+dQkvml0isVNiHvdxlCu0/wmE4l1VxWuSQH3TXOWknwYqoex
Nffa7KhYBlJLw5AhEBJ+4Ozi692KEmMivdQvcxJG8hY3yPKNf8YEoMf3/rhY+5P8
EeMC/urYnn0UKZm89LoYleTy4fz6NRdvPLP2V8Kz7XLQpQgbhO2c/mf92QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUKEXsLamtsYsNvW5PH/i6YETiRMB8GA1UdIwQY
MBaAFLqvbAi8owjBx4sO7Y7zC0oEaBGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTkt
YjQ5OTNiMjMyZTZjLzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTktYjQ5OTNiMjMyZTZj
LzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbQGqSzjq
Jki6mckzsy4hiOyYipggJO/s7b/pABn6N0Atmc6LNQWHaY+b7knvY/hnfpljX8ep
ripVEUoJkPQN+UU5uU45jIy5MxYmlWvVLgcIbXRpf+tTw+VBsxpXRAWGhPcdmsrs
XbWytVlMFXXcPOqj4kinqAGoSm460DZ8+uwRab9jUe2hiMFctibXaXVzBXEmbeqU
OlsqgqV9dvMpPJ92CMfPs38entt820rcYn0mfYZTpwokdPgcKubzGYTWW7LL4tZ4
Arx4koMEWZPbJtX5zXGjVGBZfweW8yuNGOcmhANQnSM1QMgnjR9WbHjiepAJW62K
rYsA559x42Zyow==
-----END CERTIFICATE-----