Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          mD71bKH7QEeRnJoIoc69Kvo7Bc40iwMuRekRGEKSF1U=
Subject key identifier:   FF:E5:0D:EE:33:99:25:25:6A:7F:51:70:6A:D6:69:BC:94:55:D7:7C
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       019A72260C2B4B2B4ED625FE166A35F3E108
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          16AF
Signing time:             Tue 11 Nov 2025 09:01:27 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:27 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:27 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: 1HmG/lMYW98ib6/nA8mwChShYUJaSfX/XaUayd84/nU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:0c:2b:4b:2b:4e:d6:25:fe:16:6a:35:f3:e1:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Nov 11 09:01:27 2025 GMT
            Not After : Nov 12 09:01:27 2025 GMT
        Subject: CN=ffe50dee339925256a7f51706ad669bc9455d77c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:95:63:30:36:fc:5c:6b:c3:fc:11:ab:85:0b:
                    f7:9b:d5:f2:31:64:97:30:9e:79:f0:ef:0a:0f:3d:
                    23:d3:b0:89:b4:bc:2b:e3:00:6a:79:d7:f6:8c:06:
                    d7:77:de:65:a2:7e:f6:aa:7e:c1:5e:f2:16:09:8c:
                    79:0b:6d:28:af:37:49:bd:57:23:a3:d7:77:1c:ba:
                    21:13:c2:ca:b8:53:e4:e6:bd:76:d2:fb:38:9b:f4:
                    5f:4f:68:e7:25:33:ea:e0:8a:04:b8:2a:b1:87:90:
                    a3:1d:5e:df:fa:a3:d7:7f:43:01:62:df:31:c9:f6:
                    a6:da:d8:d1:36:46:69:da:51:76:7f:c6:41:ae:c9:
                    42:7e:73:c8:ed:c6:e7:3e:ed:0f:2b:d5:e1:26:9b:
                    24:e3:59:5e:60:f0:0d:70:88:51:f2:6c:c0:90:85:
                    1d:16:65:36:50:27:3e:38:c2:9c:61:b4:a9:9b:83:
                    7a:27:4d:d8:4e:29:70:55:8f:60:aa:ae:ac:ae:e7:
                    c3:f1:ca:a0:b0:a1:6b:a0:7d:aa:90:88:13:66:bd:
                    b3:ba:b4:07:66:1c:d8:af:90:53:c7:3a:b9:16:f8:
                    6a:2a:fb:0e:70:3c:53:d6:c5:dc:d3:cf:41:9e:6e:
                    81:f4:9a:a1:f8:00:a9:0b:8c:05:4b:ea:d8:b6:3e:
                    c6:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:E5:0D:EE:33:99:25:25:6A:7F:51:70:6A:D6:69:BC:94:55:D7:7C
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:e5:88:b5:5a:dc:52:c4:e1:97:b1:b5:58:ce:1a:5f:c5:00:
         34:2f:18:f4:fb:a9:d1:42:95:2e:c5:84:7e:6b:79:f0:9c:79:
         77:bf:aa:e4:2e:b6:74:03:be:d1:94:42:73:af:4a:d7:94:09:
         a5:e9:13:0f:cb:8d:47:9f:e2:b5:27:93:b2:5d:95:3e:89:22:
         b9:92:06:ec:32:33:b3:8c:dc:2c:1a:16:a8:cd:9d:f5:96:35:
         ab:b0:63:4e:b3:cd:97:b3:5e:4e:c9:32:82:54:96:c5:1c:67:
         e5:18:6e:e5:f1:e2:39:55:e1:c3:bf:fc:08:90:01:54:5a:51:
         8b:78:ff:b4:ec:71:ac:9b:fb:60:5c:75:52:e3:66:48:c5:8e:
         6c:8e:89:ba:3b:b5:3d:95:0a:7c:df:1e:4f:7d:54:3a:fd:ba:
         38:42:2b:41:f7:a0:c6:f9:fa:ee:2e:53:3f:0c:61:6e:26:a3:
         df:ad:6a:fa:06:69:e0:23:12:a2:ce:61:d6:80:82:24:ff:7d:
         c5:61:f2:c2:74:45:04:17:d5:88:32:3e:cf:43:4f:91:19:43:
         5f:73:d3:bb:bb:bf:e8:35:d8:2c:f7:e0:3c:97:21:24:90:27:
         b2:bf:da:eb:2b:15:87:77:fe:c1:6a:9d:24:21:44:2d:35:ed:
         18:64:fe:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgwrSytO1iX+Fmo18+EIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjUxMTExMDkwMTI3WhcNMjUxMTEyMDkwMTI3WjAzMTEwLwYDVQQD
EyhmZmU1MGRlZTMzOTkyNTI1NmE3ZjUxNzA2YWQ2NjliYzk0NTVkNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5VjMDb8XGvD/BGrhQv3m9XyMWSX
MJ558O8KDz0j07CJtLwr4wBqedf2jAbXd95lon72qn7BXvIWCYx5C20orzdJvVcj
o9d3HLohE8LKuFPk5r120vs4m/RfT2jnJTPq4IoEuCqxh5CjHV7f+qPXf0MBYt8x
yfam2tjRNkZp2lF2f8ZBrslCfnPI7cbnPu0PK9XhJpsk41leYPANcIhR8mzAkIUd
FmU2UCc+OMKcYbSpm4N6J03YTilwVY9gqq6srufD8cqgsKFroH2qkIgTZr2zurQH
ZhzYr5BTxzq5FvhqKvsOcDxT1sXc089Bnm6B9Jqh+ACpC4wFS+rYtj7GCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/lDe4zmSUlan9RcGrWabyUVdd8MB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN+WItVrc
UsThl7G1WM4aX8UANC8Y9Pup0UKVLsWEfmt58Jx5d7+q5C62dAO+0ZRCc69K15QJ
pekTD8uNR5/itSeTsl2VPokiuZIG7DIzs4zcLBoWqM2d9ZY1q7BjTrPNl7NeTsky
glSWxRxn5Rhu5fHiOVXhw7/8CJABVFpRi3j/tOxxrJv7YFx1UuNmSMWObI6Juju1
PZUKfN8eT31UOv26OEIrQfegxvn67i5TPwxhbiaj361q+gZp4CMSos5h1oCCJP99
xWHywnRFBBfViDI+z0NPkRlDX3PTu7u/6DXYLPfgPJchJJAnsr/a6ysVh3f+wWqd
JCFELTXtGGT+CA==
-----END CERTIFICATE-----