Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
File:                     AOezY1s9V4VgNwpYMDz81c2SkQU.mft (raw, json)
Hash identifier:          qDM0jqMDQ6edz/dFvhGZ8KMz6lXnmE4EAlzVMA7apwI=
Subject key identifier:   CD:0D:89:14:19:5A:F9:38:2F:BA:EA:67:C8:45:AE:67:9D:FE:1E:A4
Authority key identifier: 00:E7:B3:63:5B:3D:57:85:60:37:0A:58:30:3C:FC:D5:CD:92:91:05
Certificate issuer:       /CN=00e7b3635b3d578560370a58303cfcd5cd929105
Certificate serial:       019A71B8F5949C94DE740C06E25728854CC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
Manifest number:          0E31
Signing time:             Tue 11 Nov 2025 07:02:18 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:18 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:18 +0000
Files and hashes:         1: AOezY1s9V4VgNwpYMDz81c2SkQU.crl (hash: cV5tdDV7+MRBrxWIREuhLD23QId6il/fZqXYWGKrWlY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:f5:94:9c:94:de:74:0c:06:e2:57:28:85:4c:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e7b3635b3d578560370a58303cfcd5cd929105
        Validity
            Not Before: Nov 11 07:02:18 2025 GMT
            Not After : Nov 12 07:02:18 2025 GMT
        Subject: CN=cd0d8914195af9382fbaea67c845ae679dfe1ea4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:db:50:cf:ec:80:63:7e:7d:9d:47:a1:a5:da:
                    8d:27:ff:dd:4d:c6:e2:b3:cf:31:55:92:be:b5:19:
                    82:07:49:21:5a:cf:ec:ef:9f:8e:9f:56:b1:a7:be:
                    94:4e:8e:bc:48:d9:82:9f:fa:f4:68:da:24:31:1d:
                    64:3f:6e:5f:48:7d:f3:dd:cd:00:b3:98:1f:f9:36:
                    8c:c1:40:69:61:8a:8a:a2:60:3d:20:af:c2:45:89:
                    76:1a:28:61:5a:d8:8e:e3:e4:e0:a6:1a:1e:55:1c:
                    70:ed:4f:05:12:c6:33:27:68:ca:47:75:f3:06:ce:
                    3c:74:c9:a2:ca:38:b3:2f:7d:09:82:86:a5:5e:32:
                    2a:f9:cb:57:49:34:c5:2e:e2:3e:76:79:33:c5:92:
                    b7:3b:7b:2d:b5:54:f3:3f:34:15:34:b7:1a:2b:92:
                    1a:59:60:fb:c6:4e:c7:6f:84:78:0c:8c:f5:50:cb:
                    b3:b2:91:e4:f7:f5:7f:35:03:7a:f6:ed:d3:b0:25:
                    e3:22:34:16:28:ad:9f:2d:bc:0e:62:54:e9:67:7f:
                    96:96:4e:7c:36:0f:19:ba:66:93:4f:24:28:1b:3c:
                    68:aa:b4:04:ad:3d:41:33:43:a1:ea:4f:d6:92:69:
                    32:7c:1e:da:00:e0:7e:40:3b:2a:ae:76:eb:3d:80:
                    bd:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:0D:89:14:19:5A:F9:38:2F:BA:EA:67:C8:45:AE:67:9D:FE:1E:A4
            X509v3 Authority Key Identifier:
                keyid:00:E7:B3:63:5B:3D:57:85:60:37:0A:58:30:3C:FC:D5:CD:92:91:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOezY1s9V4VgNwpYMDz81c2SkQU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46238a-a19a-4915-8a47-a0cd141513cb/1/AOezY1s9V4VgNwpYMDz81c2SkQU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:a0:c7:ec:75:61:77:bd:4c:23:a9:09:72:1b:13:50:3c:f1:
         fc:3a:c2:e5:18:38:e5:e0:47:30:d4:8c:8a:40:7c:60:8f:b4:
         70:bc:ea:92:25:16:ee:27:35:85:b9:19:48:2d:8f:06:e9:63:
         b2:28:d4:fa:25:38:26:57:62:cd:82:aa:78:e7:f2:57:65:f5:
         d9:4b:c2:97:ac:66:c3:de:cd:a2:de:d5:f8:0a:3f:de:8f:d5:
         1b:9f:d5:da:a8:45:2d:f3:d7:2e:b9:64:74:25:7f:a9:41:19:
         ed:34:e2:4e:37:a6:bb:71:69:e8:c6:11:4c:c5:38:d3:d8:b3:
         fd:a0:1b:c7:2b:b8:df:a9:3a:ba:e0:25:c6:b3:57:01:33:64:
         f0:8d:19:46:f2:01:d4:c2:95:ec:64:e2:ea:87:6a:01:32:55:
         03:10:12:52:0c:3d:21:35:99:f7:18:db:f2:c1:41:31:a8:c8:
         c5:e5:86:d0:ce:e0:d7:c6:77:96:2a:db:d6:dd:68:cd:0c:cd:
         7c:ee:57:a8:ca:3e:59:4f:24:2b:9b:f1:0f:2e:ae:0a:eb:dd:
         25:1d:3f:78:3c:b7:60:83:f8:82:cf:32:50:7c:9f:c1:43:19:
         47:90:7a:f5:a2:34:d5:2d:a3:cf:17:a2:39:3d:6a:b4:07:fa:
         bd:35:59:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPWUnJTedAwG4lcohUzCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTdiMzYzNWIzZDU3ODU2MDM3MGE1ODMwM2NmY2Q1Y2Q5
MjkxMDUwHhcNMjUxMTExMDcwMjE4WhcNMjUxMTEyMDcwMjE4WjAzMTEwLwYDVQQD
EyhjZDBkODkxNDE5NWFmOTM4MmZiYWVhNjdjODQ1YWU2NzlkZmUxZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNtQz+yAY359nUehpdqNJ//dTcbi
s88xVZK+tRmCB0khWs/s75+On1axp76UTo68SNmCn/r0aNokMR1kP25fSH3z3c0A
s5gf+TaMwUBpYYqKomA9IK/CRYl2GihhWtiO4+TgphoeVRxw7U8FEsYzJ2jKR3Xz
Bs48dMmiyjizL30JgoalXjIq+ctXSTTFLuI+dnkzxZK3O3sttVTzPzQVNLcaK5Ia
WWD7xk7Hb4R4DIz1UMuzspHk9/V/NQN69u3TsCXjIjQWKK2fLbwOYlTpZ3+Wlk58
Ng8ZumaTTyQoGzxoqrQErT1BM0Oh6k/WkmkyfB7aAOB+QDsqrnbrPYC9GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0NiRQZWvk4L7rqZ8hFrmed/h6kMB8GA1UdIwQY
MBaAFADns2NbPVeFYDcKWDA8/NXNkpEFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NjIzOGEtYTE5YS00OTE1LThhNDct
YTBjZDE0MTUxM2NiLzEvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NjIzOGEtYTE5YS00OTE1LThhNDctYTBjZDE0MTUxM2Ni
LzEvQU9lelkxczlWNFZnTndwWU1EejgxYzJTa1FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKaDH7HVh
d71MI6kJchsTUDzx/DrC5Rg45eBHMNSMikB8YI+0cLzqkiUW7ic1hbkZSC2PBulj
sijU+iU4JldizYKqeOfyV2X12UvCl6xmw97Not7V+Ao/3o/VG5/V2qhFLfPXLrlk
dCV/qUEZ7TTiTjemu3Fp6MYRTMU409iz/aAbxyu436k6uuAlxrNXATNk8I0ZRvIB
1MKV7GTi6odqATJVAxASUgw9ITWZ9xjb8sFBMajIxeWG0M7g18Z3lirb1t1ozQzN
fO5XqMo+WU8kK5vxDy6uCuvdJR0/eDy3YIP4gs8yUHyfwUMZR5B69aI01S2jzxei
OT1qtAf6vTVZkA==
-----END CERTIFICATE-----