Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
File:                     AguJY5thIAOqgSvktlIbVnhFao4.mft (raw, json)
Hash identifier:          m0FG5gHPpo24oTtcUChtEsVkoX9rERwhONvuD/jjJeY=
Subject key identifier:   94:91:B1:CD:64:65:1B:D3:F4:AE:E6:20:71:6A:17:18:A6:E1:19:9E
Authority key identifier: 02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E
Certificate issuer:       /CN=020b89639b612003aa812be4b6521b5678456a8e
Certificate serial:       019A73386E5CFB0937D7AC51046165F60488
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
Manifest number:          0481
Signing time:             Tue 11 Nov 2025 14:01:09 +0000
Manifest this update:     Tue 11 Nov 2025 14:01:09 +0000
Manifest next update:     Wed 12 Nov 2025 14:01:09 +0000
Files and hashes:         1: AguJY5thIAOqgSvktlIbVnhFao4.crl (hash: O0h8vtslYi7hkyKNXr8QqPCj2Cv6YB5a513FJPi6ZKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:38:6e:5c:fb:09:37:d7:ac:51:04:61:65:f6:04:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=020b89639b612003aa812be4b6521b5678456a8e
        Validity
            Not Before: Nov 11 14:01:09 2025 GMT
            Not After : Nov 12 14:01:09 2025 GMT
        Subject: CN=9491b1cd64651bd3f4aee620716a1718a6e1199e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:6a:dc:4b:0f:dd:fb:37:0b:73:8f:53:15:3d:
                    3e:b5:d5:5c:ec:65:88:65:05:c7:05:48:b6:b3:3e:
                    52:8c:9e:93:49:4c:a0:14:c5:b9:fb:9d:d6:98:de:
                    ba:b4:be:67:46:56:cc:51:ac:b1:a6:54:34:2c:20:
                    5b:5c:d8:cf:ce:41:21:c8:de:64:bc:e7:0c:76:a7:
                    72:df:21:61:3e:8a:fd:b0:44:b3:e4:8f:ff:1c:b5:
                    80:f4:fd:26:c2:5d:a8:2b:a7:f2:f2:7e:9d:51:08:
                    f7:09:8f:66:f4:77:b6:b6:9c:22:1e:ba:37:60:d7:
                    07:36:73:f4:b0:c7:2b:41:60:da:f3:d8:a9:25:e1:
                    cd:0b:77:e4:d6:ba:5f:ef:e9:25:dd:8b:f2:44:2d:
                    c0:ea:30:06:ff:87:ee:bd:80:39:b4:e1:7c:9a:27:
                    cb:e0:1a:c5:a5:f6:31:47:9b:7c:54:80:2f:ed:0b:
                    25:f5:58:43:05:94:c2:ab:7a:a9:f7:09:6a:4f:d6:
                    b2:26:12:f9:96:bd:0f:a9:78:bc:0b:67:c1:d1:d5:
                    40:94:4b:90:bb:86:e6:80:b9:27:bb:af:53:09:61:
                    8e:ce:5c:46:7a:ea:25:80:55:68:bd:19:8d:94:a8:
                    60:36:13:34:05:e3:5d:ef:84:d0:dc:df:da:e5:0e:
                    15:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:91:B1:CD:64:65:1B:D3:F4:AE:E6:20:71:6A:17:18:A6:E1:19:9E
            X509v3 Authority Key Identifier:
                keyid:02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:00:d3:16:9c:9f:ad:9a:2c:44:b1:6d:20:b6:7d:74:9e:ef:
         67:01:60:c1:95:84:fd:6f:df:dc:ed:ed:1e:5e:6e:d9:3c:ee:
         f9:4c:a5:10:69:08:3c:d4:97:d4:5a:5a:52:1c:c0:45:3b:88:
         fc:14:ec:7c:17:00:5c:8b:10:f3:75:f4:2b:5c:69:8d:eb:92:
         65:cb:33:fe:db:9f:36:4f:f8:96:1c:c7:0c:9b:b6:03:ec:2f:
         5b:8a:9a:02:91:5a:35:66:16:45:6f:59:f5:5e:86:9a:8d:b0:
         de:8c:2a:40:7c:c8:df:88:86:a7:91:af:28:28:d5:7b:d6:6a:
         16:8d:b9:3a:12:c6:39:8d:13:82:47:02:17:6d:59:1b:bd:ed:
         24:99:0b:53:b1:d9:ac:8c:50:45:ea:b2:89:7c:e4:7d:78:65:
         01:64:31:de:18:30:8b:e2:1e:c1:e6:1d:db:98:cc:8b:09:59:
         60:40:c0:68:23:3a:96:00:04:c9:31:94:4e:de:48:29:b8:bf:
         36:95:67:ab:c1:6f:6a:f7:6b:65:57:98:05:7a:ec:bd:04:fa:
         68:d0:d0:3e:5e:ab:02:de:af:2f:57:a1:e6:2a:41:ea:4d:02:
         48:c6:fc:e4:86:14:5f:c7:ec:f0:d7:9d:89:bf:57:60:69:9b:
         91:30:b1:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOG5c+wk316xRBGFl9gSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMGI4OTYzOWI2MTIwMDNhYTgxMmJlNGI2NTIxYjU2Nzg0
NTZhOGUwHhcNMjUxMTExMTQwMTA5WhcNMjUxMTEyMTQwMTA5WjAzMTEwLwYDVQQD
Eyg5NDkxYjFjZDY0NjUxYmQzZjRhZWU2MjA3MTZhMTcxOGE2ZTExOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02rcSw/d+zcLc49TFT0+tdVc7GWI
ZQXHBUi2sz5SjJ6TSUygFMW5+53WmN66tL5nRlbMUayxplQ0LCBbXNjPzkEhyN5k
vOcMdqdy3yFhPor9sESz5I//HLWA9P0mwl2oK6fy8n6dUQj3CY9m9He2tpwiHro3
YNcHNnP0sMcrQWDa89ipJeHNC3fk1rpf7+kl3YvyRC3A6jAG/4fuvYA5tOF8mifL
4BrFpfYxR5t8VIAv7Qsl9VhDBZTCq3qp9wlqT9ayJhL5lr0PqXi8C2fB0dVAlEuQ
u4bmgLknu69TCWGOzlxGeuolgFVovRmNlKhgNhM0BeNd74TQ3N/a5Q4V+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSRsc1kZRvT9K7mIHFqFxim4RmeMB8GA1UdIwQY
MBaAFAILiWObYSADqoEr5LZSG1Z4RWqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDIt
ZWJmMzI5ZTk2ODQ2LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDItZWJmMzI5ZTk2ODQ2
LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJADTFpyf
rZosRLFtILZ9dJ7vZwFgwZWE/W/f3O3tHl5u2Tzu+UylEGkIPNSX1FpaUhzARTuI
/BTsfBcAXIsQ83X0K1xpjeuSZcsz/tufNk/4lhzHDJu2A+wvW4qaApFaNWYWRW9Z
9V6Gmo2w3owqQHzI34iGp5GvKCjVe9ZqFo25OhLGOY0TgkcCF21ZG73tJJkLU7HZ
rIxQReqyiXzkfXhlAWQx3hgwi+IeweYd25jMiwlZYEDAaCM6lgAEyTGUTt5IKbi/
NpVnq8FvavdrZVeYBXrsvQT6aNDQPl6rAt6vL1eh5ipB6k0CSMb85IYUX8fs8Ned
ib9XYGmbkTCxmQ==
-----END CERTIFICATE-----