Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
File:                     aiElvfZalVLVuOF6s2FaoQuAWXY.mft (raw, json)
Hash identifier:          aHhu41ulmQF4sdfbT0+PNIJ2IMK0Cjzri0E2Dqtbj80=
Subject key identifier:   3B:84:52:50:01:3F:D7:C1:50:0F:C9:A8:4B:38:1B:12:D5:26:AD:46
Authority key identifier: 6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76
Certificate issuer:       /CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
Certificate serial:       019A70DC1A7C325CC1D2B203E4F25626AA02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
Manifest number:          0320
Signing time:             Tue 11 Nov 2025 03:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:04 +0000
Files and hashes:         1: aiElvfZalVLVuOF6s2FaoQuAWXY.crl (hash: EF9C4qIphauZIhOYPAV+EMiB0JnbdKmZxIOqWNiJuf0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:1a:7c:32:5c:c1:d2:b2:03:e4:f2:56:26:aa:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
        Validity
            Not Before: Nov 11 03:01:04 2025 GMT
            Not After : Nov 12 03:01:04 2025 GMT
        Subject: CN=3b845250013fd7c1500fc9a84b381b12d526ad46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:1d:e5:40:9c:f4:25:d0:90:ff:28:94:b9:44:
                    ac:b9:53:a6:e0:81:dc:1e:ad:c3:64:13:99:6a:81:
                    b8:2a:d9:49:3d:3b:4f:67:cd:5f:14:49:6f:c8:ac:
                    45:d0:b7:f6:46:21:78:58:7f:84:d6:3d:fd:7d:87:
                    0b:13:4a:96:f6:c0:95:fc:6e:fb:ae:29:61:b3:99:
                    d3:a8:75:ac:88:3d:9f:16:46:1a:ab:ae:52:28:ab:
                    0a:0f:34:05:ad:6a:a5:de:bd:6a:f8:70:cd:d1:57:
                    df:46:26:44:cb:31:89:a5:8e:b2:24:6e:38:6c:7a:
                    5f:1b:08:9c:7a:72:5e:dd:86:31:e9:1b:9c:79:f9:
                    08:79:23:d5:32:49:ae:ac:4e:ff:19:b7:ef:db:45:
                    b5:f6:5b:52:f7:1a:e1:d5:e0:88:d1:88:1e:22:3d:
                    69:c3:85:20:a3:86:c7:dd:8d:ef:f4:aa:aa:62:6a:
                    bf:02:40:ca:10:db:4a:81:3e:de:b0:49:82:2d:89:
                    81:7d:7d:f2:02:20:5d:4e:d7:2c:4e:1d:65:49:50:
                    4b:a4:b9:87:87:46:91:63:d3:e1:4a:d9:a7:c4:d5:
                    f5:e2:fc:69:1d:fc:9d:74:60:02:2b:c1:76:d8:6b:
                    07:94:37:f6:a9:8d:ae:4d:ac:bf:a9:89:8e:d7:73:
                    79:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:84:52:50:01:3F:D7:C1:50:0F:C9:A8:4B:38:1B:12:D5:26:AD:46
            X509v3 Authority Key Identifier:
                keyid:6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:79:ef:d3:59:49:8d:7d:d3:fb:25:24:7c:98:04:a2:c7:5b:
         15:9e:91:e9:5b:62:e0:be:4c:c7:33:70:a1:05:fd:c4:65:b7:
         9d:04:89:39:95:d7:f4:c4:23:50:28:4c:fd:b6:c0:81:54:ed:
         54:8a:49:f5:d6:ac:d6:fa:76:96:13:99:8c:4e:3a:d3:9a:ca:
         2e:7f:f5:ea:e2:54:47:b5:99:ca:29:f1:87:79:df:1b:ca:02:
         3f:b3:88:31:86:c3:03:c2:01:3d:68:9d:f7:0c:1a:c6:27:d2:
         b7:f9:89:88:73:d7:61:30:12:91:44:89:5e:e2:f0:4a:38:6a:
         32:16:4a:53:a4:79:10:9f:08:a5:18:1f:c4:7a:6a:87:36:e4:
         86:b7:b4:51:0f:00:f2:93:92:15:d7:60:88:d8:a5:cd:b5:9e:
         af:ce:7e:7c:51:05:9f:8c:c7:71:79:6b:c1:49:37:5f:13:61:
         2f:41:30:af:00:22:6e:8c:ed:49:d9:d9:ae:6b:b2:6b:7c:90:
         16:56:e6:d4:18:e0:a7:e8:48:2d:57:ef:95:92:7d:e0:12:93:
         92:db:88:37:c3:fa:63:9f:80:c0:88:be:24:f8:8f:bc:d0:22:
         4f:be:27:07:97:54:7e:30:6a:7c:de:16:9b:88:c9:c1:97:3d:
         53:85:98:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3Bp8MlzB0rID5PJWJqoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMjEyNWJkZjY1YTk1NTJkNWI4ZTE3YWIzNjE1YWExMGI4
MDU5NzYwHhcNMjUxMTExMDMwMTA0WhcNMjUxMTEyMDMwMTA0WjAzMTEwLwYDVQQD
EygzYjg0NTI1MDAxM2ZkN2MxNTAwZmM5YTg0YjM4MWIxMmQ1MjZhZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR3lQJz0JdCQ/yiUuUSsuVOm4IHc
Hq3DZBOZaoG4KtlJPTtPZ81fFElvyKxF0Lf2RiF4WH+E1j39fYcLE0qW9sCV/G77
rilhs5nTqHWsiD2fFkYaq65SKKsKDzQFrWql3r1q+HDN0VffRiZEyzGJpY6yJG44
bHpfGwicenJe3YYx6RucefkIeSPVMkmurE7/Gbfv20W19ltS9xrh1eCI0YgeIj1p
w4Ugo4bH3Y3v9KqqYmq/AkDKENtKgT7esEmCLYmBfX3yAiBdTtcsTh1lSVBLpLmH
h0aRY9PhStmnxNX14vxpHfyddGACK8F22GsHlDf2qY2uTay/qYmO13N5BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDuEUlABP9fBUA/JqEs4GxLVJq1GMB8GA1UdIwQY
MBaAFGohJb32WpVS1bjherNhWqELgFl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQt
NjNlZDIyY2FiYzkyLzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQtNjNlZDIyY2FiYzky
LzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbnnv01lJ
jX3T+yUkfJgEosdbFZ6R6Vti4L5MxzNwoQX9xGW3nQSJOZXX9MQjUChM/bbAgVTt
VIpJ9das1vp2lhOZjE4605rKLn/16uJUR7WZyinxh3nfG8oCP7OIMYbDA8IBPWid
9wwaxifSt/mJiHPXYTASkUSJXuLwSjhqMhZKU6R5EJ8IpRgfxHpqhzbkhre0UQ8A
8pOSFddgiNilzbWer85+fFEFn4zHcXlrwUk3XxNhL0EwrwAiboztSdnZrmuya3yQ
Flbm1Bjgp+hILVfvlZJ94BKTktuIN8P6Y5+AwIi+JPiPvNAiT74nB5dUfjBqfN4W
m4jJwZc9U4WYwg==
-----END CERTIFICATE-----