Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          VvxOwla9aTCGrFOPhjojk0ZP4OJ2u9fGmNRlIjtcf2M=
Subject key identifier:   17:D6:F3:B9:E6:16:1F:10:CD:C1:DE:03:3E:A9:B9:FF:F7:72:24:89
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       019A72939ED5D162E8A3953A11E99C8589B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0CBB
Signing time:             Tue 11 Nov 2025 11:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:08 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: K3z8jymkH7V8F86davHb4NDx64SFzLx2o2oafV9LWVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:9e:d5:d1:62:e8:a3:95:3a:11:e9:9c:85:89:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: Nov 11 11:01:08 2025 GMT
            Not After : Nov 12 11:01:08 2025 GMT
        Subject: CN=17d6f3b9e6161f10cdc1de033ea9b9fff7722489
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2c:27:cf:8f:6d:3f:d0:76:40:a4:32:45:e2:
                    81:d8:7b:75:d4:b2:3a:8e:d1:76:44:dc:4f:9b:81:
                    76:09:79:84:5f:52:b7:8c:21:83:a7:2d:54:5e:ef:
                    db:87:c6:f3:a0:9d:45:c1:ad:96:db:e5:7b:d1:93:
                    1d:4f:23:e2:73:da:f2:66:a8:d9:78:08:c5:79:10:
                    7b:3d:cd:50:89:74:1a:9f:a9:a0:fe:fe:3a:26:ba:
                    8a:a2:7d:34:e3:2f:da:16:a2:f3:da:e2:2c:88:27:
                    92:c8:7a:c0:16:2b:be:9a:05:dd:b1:8d:d9:2f:06:
                    3a:5b:07:7f:43:27:7a:e3:c1:ed:40:24:a3:d4:76:
                    2c:63:8e:87:5c:cf:a1:55:63:a3:1a:6d:81:c8:17:
                    49:6d:f0:8c:68:eb:35:de:a2:af:bb:bc:69:de:8f:
                    c5:b4:86:f6:5a:1f:d4:a1:9e:0a:64:5a:d4:c8:2f:
                    b4:e1:00:5a:bf:d2:a9:99:b2:0e:0e:b3:fc:28:09:
                    a1:c2:59:0f:6c:79:00:c1:59:86:7b:81:47:43:b8:
                    3b:ad:e1:67:bc:0f:c8:2f:de:f4:2a:13:e1:67:6d:
                    9a:75:9d:7b:d7:ba:15:88:2a:5a:c1:26:a5:97:9a:
                    84:75:81:fc:30:c1:3e:9a:e0:bd:39:0e:04:53:20:
                    5d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:D6:F3:B9:E6:16:1F:10:CD:C1:DE:03:3E:A9:B9:FF:F7:72:24:89
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:6c:78:52:e1:45:21:67:69:6a:2c:0e:e7:20:46:10:ef:08:
         b9:fe:8c:c2:62:cf:5a:71:c3:f5:17:06:8c:61:c0:c3:38:d6:
         48:9b:16:64:aa:c6:7e:ae:1d:96:df:7b:e9:c7:0a:45:a0:4f:
         05:5d:64:a3:26:56:2e:6c:e4:29:3d:28:8a:c9:ab:c3:59:38:
         c6:1a:46:b0:08:a6:e0:3a:02:1c:64:0a:52:3d:35:ab:d9:9b:
         f4:95:2d:37:9a:bf:dd:d0:a4:63:8f:6e:2c:4a:bd:54:ec:41:
         79:55:65:48:cf:12:a7:c0:83:90:90:fe:23:e2:6f:cc:4a:5d:
         ca:d9:ef:a9:2f:d7:18:76:fc:1c:fc:3a:cc:68:38:e0:4b:05:
         bd:04:28:c1:6d:94:08:b8:9a:49:2c:85:b6:80:4a:9b:65:c1:
         c7:4d:33:38:7d:91:20:53:4d:70:5a:d2:0f:7b:da:15:22:d4:
         a2:7e:02:a9:5a:31:38:a4:0e:dc:9c:63:dd:15:55:4f:03:c4:
         24:c2:b6:c9:3c:2b:cd:2d:9c:7f:29:28:b4:96:08:14:bd:d0:
         cb:97:d5:8e:d6:29:99:fb:29:aa:fd:fa:6e:ba:73:08:aa:d3:
         76:2a:92:1b:1c:4a:b9:58:b3:7a:e8:2f:b6:14:ab:1f:d8:04:
         69:6a:c6:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk57V0WLoo5U6EemchYm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjUxMTExMTEwMTA4WhcNMjUxMTEyMTEwMTA4WjAzMTEwLwYDVQQD
EygxN2Q2ZjNiOWU2MTYxZjEwY2RjMWRlMDMzZWE5YjlmZmY3NzIyNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSwnz49tP9B2QKQyReKB2Ht11LI6
jtF2RNxPm4F2CXmEX1K3jCGDpy1UXu/bh8bzoJ1Fwa2W2+V70ZMdTyPic9ryZqjZ
eAjFeRB7Pc1QiXQan6mg/v46JrqKon004y/aFqLz2uIsiCeSyHrAFiu+mgXdsY3Z
LwY6Wwd/Qyd648HtQCSj1HYsY46HXM+hVWOjGm2ByBdJbfCMaOs13qKvu7xp3o/F
tIb2Wh/UoZ4KZFrUyC+04QBav9KpmbIODrP8KAmhwlkPbHkAwVmGe4FHQ7g7reFn
vA/IL970KhPhZ22adZ1717oViCpawSall5qEdYH8MME+muC9OQ4EUyBdTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfW87nmFh8QzcHeAz6puf/3ciSJMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA02x4UuFF
IWdpaiwO5yBGEO8Iuf6MwmLPWnHD9RcGjGHAwzjWSJsWZKrGfq4dlt976ccKRaBP
BV1koyZWLmzkKT0oismrw1k4xhpGsAim4DoCHGQKUj01q9mb9JUtN5q/3dCkY49u
LEq9VOxBeVVlSM8Sp8CDkJD+I+JvzEpdytnvqS/XGHb8HPw6zGg44EsFvQQowW2U
CLiaSSyFtoBKm2XBx00zOH2RIFNNcFrSD3vaFSLUon4CqVoxOKQO3Jxj3RVVTwPE
JMK2yTwrzS2cfykotJYIFL3Qy5fVjtYpmfspqv36brpzCKrTdiqSGxxKuVizeugv
thSrH9gEaWrGSA==
-----END CERTIFICATE-----