Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft
File:                     aPQ7W7zEligG6pMi7Ckum2bdzMU.mft (raw, json)
Hash identifier:          OUKh3wSxzqFn0/Gqq3kZc+iF8P8/yYrA7jXJtg4rhNc=
Subject key identifier:   3A:2F:77:95:56:E5:17:4C:25:51:34:3B:45:2A:F4:A0:96:65:4A:D2
Authority key identifier: 68:F4:3B:5B:BC:C4:96:28:06:EA:93:22:EC:29:2E:9B:66:DD:CC:C5
Certificate issuer:       /CN=68f43b5bbcc4962806ea9322ec292e9b66ddccc5
Certificate serial:       0199FEB4C040DBAB5565079B39E4893225E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft
Manifest number:          0115
Signing time:             Sun 19 Oct 2025 23:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:22 +0000
Files and hashes:         1: aPQ7W7zEligG6pMi7Ckum2bdzMU.crl (hash: bcqD+5EtXhd+7lYCVoi9/jn3NLiY/zVCjsI7dF80/PQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 23:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b4:c0:40:db:ab:55:65:07:9b:39:e4:89:32:25:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68f43b5bbcc4962806ea9322ec292e9b66ddccc5
        Validity
            Not Before: Oct 19 23:01:22 2025 GMT
            Not After : Oct 20 23:01:22 2025 GMT
        Subject: CN=3a2f779556e5174c2551343b452af4a096654ad2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:39:7e:16:89:97:27:39:a6:24:c0:42:4b:07:
                    d6:45:db:01:32:d2:91:14:1f:23:a7:9e:88:e9:c5:
                    9a:65:2d:42:7d:1b:a9:ac:1a:b1:fc:58:09:15:b4:
                    41:e1:44:c7:7f:23:e7:34:ad:40:f2:db:0b:f4:f7:
                    8b:a3:d3:88:c1:90:0e:6f:66:62:77:4c:f5:7d:a7:
                    ac:43:d3:c3:a9:a2:56:dd:f2:77:c9:b1:04:69:a4:
                    3b:f8:62:2a:33:08:ce:12:d6:24:d8:05:27:5d:9d:
                    5b:86:c7:c2:00:db:53:52:ee:dc:6a:32:a5:14:43:
                    1b:eb:00:0f:e6:a0:37:4f:d6:48:d4:95:d5:98:85:
                    d9:80:d2:69:39:c1:d7:00:22:1b:54:a0:7f:95:27:
                    6f:de:d0:2a:d0:c7:51:2e:15:a1:be:23:35:ff:27:
                    b5:05:91:13:1c:85:e8:66:1d:cb:84:68:fb:f0:bb:
                    61:e8:5e:9e:da:f0:dc:8e:6f:58:f6:47:4b:3e:2d:
                    6c:57:e2:61:e1:30:29:10:29:78:92:25:33:4c:47:
                    92:0d:74:ef:3d:80:3c:57:9a:5c:9c:a5:57:59:3b:
                    03:ef:f6:d4:e0:18:35:94:6e:b8:ca:ac:69:ef:92:
                    e4:e6:fd:63:13:26:29:fb:0a:9f:cb:ac:38:c5:30:
                    df:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:2F:77:95:56:E5:17:4C:25:51:34:3B:45:2A:F4:A0:96:65:4A:D2
            X509v3 Authority Key Identifier:
                keyid:68:F4:3B:5B:BC:C4:96:28:06:EA:93:22:EC:29:2E:9B:66:DD:CC:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPQ7W7zEligG6pMi7Ckum2bdzMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/046ffe-05eb-4c8c-8545-02483e6482cb/1/aPQ7W7zEligG6pMi7Ckum2bdzMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:6f:97:96:2f:48:1c:ae:06:86:02:76:7e:3b:e7:33:cd:11:
         86:15:08:aa:cf:ed:86:1e:46:2c:25:6c:5b:a5:66:33:d5:c2:
         ed:6a:c7:f2:20:a1:4a:e1:97:98:81:f0:be:ff:6f:08:59:32:
         e4:c5:da:68:39:a1:3f:10:eb:cc:39:b4:75:51:48:5b:cd:ce:
         bb:41:14:9a:67:42:a3:f5:cd:c1:7c:a4:4f:9b:2e:fc:9b:4f:
         87:97:3b:52:8a:ea:ab:ed:27:d7:bf:1f:d1:79:ee:cc:c9:ac:
         1e:40:36:f2:34:b8:10:d2:f5:de:14:7f:5b:b3:07:b9:91:72:
         de:ff:a7:f4:b4:df:70:0e:19:fd:33:7d:c8:87:8d:ad:75:cd:
         2d:63:0f:bd:ad:2b:db:58:e6:56:ca:12:35:ad:c6:4c:48:2e:
         c8:4f:0c:55:4d:dd:57:76:e4:f7:9d:46:aa:c7:73:01:bc:c2:
         5c:d2:06:d3:96:93:24:4b:a1:d1:4a:ec:26:83:d7:08:d4:21:
         97:33:37:25:30:4e:7d:54:30:60:ba:8c:6f:f4:4f:b1:57:5d:
         92:83:cd:d8:c1:23:9c:90:73:c4:fa:cd:66:e4:73:67:76:20:
         fe:55:41:b5:f1:34:33:d2:db:44:bc:31:5a:4e:e6:48:5b:b4:
         c0:74:d4:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tMBA26tVZQebOeSJMiXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjQzYjViYmNjNDk2MjgwNmVhOTMyMmVjMjkyZTliNjZk
ZGNjYzUwHhcNMjUxMDE5MjMwMTIyWhcNMjUxMDIwMjMwMTIyWjAzMTEwLwYDVQQD
EygzYTJmNzc5NTU2ZTUxNzRjMjU1MTM0M2I0NTJhZjRhMDk2NjU0YWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzl+FomXJzmmJMBCSwfWRdsBMtKR
FB8jp56I6cWaZS1CfRuprBqx/FgJFbRB4UTHfyPnNK1A8tsL9PeLo9OIwZAOb2Zi
d0z1faesQ9PDqaJW3fJ3ybEEaaQ7+GIqMwjOEtYk2AUnXZ1bhsfCANtTUu7cajKl
FEMb6wAP5qA3T9ZI1JXVmIXZgNJpOcHXACIbVKB/lSdv3tAq0MdRLhWhviM1/ye1
BZETHIXoZh3LhGj78Lth6F6e2vDcjm9Y9kdLPi1sV+Jh4TApECl4kiUzTEeSDXTv
PYA8V5pcnKVXWTsD7/bU4Bg1lG64yqxp75Lk5v1jEyYp+wqfy6w4xTDfEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDovd5VW5RdMJVE0O0Uq9KCWZUrSMB8GA1UdIwQY
MBaAFGj0O1u8xJYoBuqTIuwpLptm3czFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wNDZmZmUtMDVlYi00YzhjLTg1NDUt
MDI0ODNlNjQ4MmNiLzEvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wNDZmZmUtMDVlYi00YzhjLTg1NDUtMDI0ODNlNjQ4MmNi
LzEvYVBRN1c3ekVsaWdHNnBNaTdDa3VtMmJkek1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcW+Xli9I
HK4GhgJ2fjvnM80RhhUIqs/thh5GLCVsW6VmM9XC7WrH8iChSuGXmIHwvv9vCFky
5MXaaDmhPxDrzDm0dVFIW83Ou0EUmmdCo/XNwXykT5su/JtPh5c7Uorqq+0n178f
0XnuzMmsHkA28jS4ENL13hR/W7MHuZFy3v+n9LTfcA4Z/TN9yIeNrXXNLWMPva0r
21jmVsoSNa3GTEguyE8MVU3dV3bk951GqsdzAbzCXNIG05aTJEuh0UrsJoPXCNQh
lzM3JTBOfVQwYLqMb/RPsVddkoPN2MEjnJBzxPrNZuRzZ3Yg/lVBtfE0M9LbRLwx
Wk7mSFu0wHTUuA==
-----END CERTIFICATE-----