Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft
File:                     A0BZzz9bz7oJObTF2cPThs7NTOw.mft (raw, json)
Hash identifier:          TJMT/JD0hqOPGe0dHGp6dSINlMcQSt5gCTSn1qes0gE=
Subject key identifier:   1A:C0:1E:CE:23:B4:D4:26:4E:11:02:AF:5A:B1:A3:9A:CE:50:F7:37
Authority key identifier: 03:40:59:CF:3F:5B:CF:BA:09:39:B4:C5:D9:C3:D3:86:CE:CD:4C:EC
Certificate issuer:       /CN=034059cf3f5bcfba0939b4c5d9c3d386cecd4cec
Certificate serial:       0199FC216157A06EB37CE8370C214B5220E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A0BZzz9bz7oJObTF2cPThs7NTOw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft
Manifest number:          AE
Signing time:             Sun 19 Oct 2025 11:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:09 +0000
Files and hashes:         1: A0BZzz9bz7oJObTF2cPThs7NTOw.crl (hash: BSZ3oEAemtNTRXZ43KlOyRVpzgJgcgCfT3G7FgojFmo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A0BZzz9bz7oJObTF2cPThs7NTOw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:61:57:a0:6e:b3:7c:e8:37:0c:21:4b:52:20:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=034059cf3f5bcfba0939b4c5d9c3d386cecd4cec
        Validity
            Not Before: Oct 19 11:01:09 2025 GMT
            Not After : Oct 20 11:01:09 2025 GMT
        Subject: CN=1ac01ece23b4d4264e1102af5ab1a39ace50f737
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:44:df:56:ea:c8:35:b6:0f:f7:b1:5b:06:ea:
                    34:2c:4f:d4:33:16:82:16:e1:57:ba:e5:3c:b4:d5:
                    10:04:1e:99:bd:36:2c:9e:17:e2:f6:6e:ab:69:8d:
                    bc:16:48:98:8f:a8:cd:df:ce:23:e5:20:30:3c:eb:
                    3a:37:14:0b:1e:4c:c8:9c:e4:cd:b3:1c:b1:bb:e0:
                    1a:1d:66:4a:94:9e:55:ac:64:63:e2:4c:3b:8b:4c:
                    97:eb:d6:eb:20:41:b2:95:2e:f9:d2:94:48:57:1e:
                    e1:99:af:7d:1f:dd:33:8d:75:b6:b7:8e:90:cb:57:
                    48:dd:68:48:eb:f7:da:73:8f:dd:88:e5:3b:c1:cf:
                    eb:8c:27:ab:80:dc:0f:71:f9:f7:32:7c:bd:06:8e:
                    9c:e1:ef:aa:86:5d:af:0d:02:fd:81:a2:b3:62:4f:
                    0e:ae:ac:f0:5b:20:1a:37:f4:5a:74:71:a8:fd:7c:
                    0d:00:30:17:90:10:a3:e3:b3:28:d2:55:c7:16:c2:
                    20:18:af:e8:ce:5c:07:16:cb:bc:ec:0f:a4:97:41:
                    3d:82:a1:41:86:38:ca:e7:98:4a:8a:56:39:94:71:
                    f9:85:27:a1:c2:f9:de:8e:c8:78:c4:f5:39:c9:bc:
                    27:bb:bf:49:5b:15:77:da:d1:d6:ff:fa:66:8e:35:
                    ac:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:C0:1E:CE:23:B4:D4:26:4E:11:02:AF:5A:B1:A3:9A:CE:50:F7:37
            X509v3 Authority Key Identifier:
                keyid:03:40:59:CF:3F:5B:CF:BA:09:39:B4:C5:D9:C3:D3:86:CE:CD:4C:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0BZzz9bz7oJObTF2cPThs7NTOw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:47:ec:a3:9c:fe:7f:e6:f2:69:e0:ec:6e:49:53:be:5d:87:
         ee:86:5f:e3:dd:3f:e2:48:d9:03:aa:c7:89:8e:df:16:bd:4e:
         45:04:bb:aa:92:9d:ed:0f:24:a7:81:07:f9:26:84:8c:9e:59:
         dd:99:1d:74:f3:62:6e:8b:46:d8:17:a3:b7:be:9a:36:81:d6:
         c9:2a:31:8f:66:8e:17:58:4f:6d:bc:18:5a:34:2b:e8:1b:76:
         1a:5c:af:a6:6c:a2:e2:6d:a9:3f:01:da:ca:15:9d:09:4c:fa:
         bb:c4:02:b0:11:78:7e:f2:2f:8e:e7:c6:36:f3:b7:f4:2f:a2:
         27:3e:83:d1:11:08:47:12:1b:85:fd:7c:f2:2c:7d:66:40:1d:
         e7:ff:68:86:21:16:f8:a9:dc:40:74:c7:d9:37:01:f2:55:a1:
         37:5a:64:15:13:23:7b:ea:22:1e:46:a6:cb:56:c2:81:56:0b:
         bc:98:55:39:f5:39:19:a7:17:42:eb:ed:4f:0f:61:a7:88:5a:
         11:3a:d2:33:01:74:34:d6:31:3b:42:9c:90:b7:4b:b1:1a:14:
         8c:4b:93:77:15:db:0d:55:d9:e5:ee:18:17:a4:72:eb:8c:fe:
         8e:63:92:9b:58:d8:c7:1b:83:9e:ed:75:ca:67:2f:cd:3d:5d:
         ab:ca:72:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IWFXoG6zfOg3DCFLUiDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNDA1OWNmM2Y1YmNmYmEwOTM5YjRjNWQ5YzNkMzg2Y2Vj
ZDRjZWMwHhcNMjUxMDE5MTEwMTA5WhcNMjUxMDIwMTEwMTA5WjAzMTEwLwYDVQQD
EygxYWMwMWVjZTIzYjRkNDI2NGUxMTAyYWY1YWIxYTM5YWNlNTBmNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUTfVurINbYP97FbBuo0LE/UMxaC
FuFXuuU8tNUQBB6ZvTYsnhfi9m6raY28FkiYj6jN384j5SAwPOs6NxQLHkzInOTN
sxyxu+AaHWZKlJ5VrGRj4kw7i0yX69brIEGylS750pRIVx7hma99H90zjXW2t46Q
y1dI3WhI6/fac4/diOU7wc/rjCergNwPcfn3Mny9Bo6c4e+qhl2vDQL9gaKzYk8O
rqzwWyAaN/RadHGo/XwNADAXkBCj47Mo0lXHFsIgGK/ozlwHFsu87A+kl0E9gqFB
hjjK55hKilY5lHH5hSehwvnejsh4xPU5ybwnu79JWxV32tHW//pmjjWsewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrAHs4jtNQmThECr1qxo5rOUPc3MB8GA1UdIwQY
MBaAFANAWc8/W8+6CTm0xdnD04bOzUzsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTBCWnp6OWJ6N29KT2JURjJjUFRoczdOVE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jNDUxZjYtODY2YS00MDkxLWFhODgt
ZjBhYmI5NTU4ZDQ1LzEvQTBCWnp6OWJ6N29KT2JURjJjUFRoczdOVE93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jNDUxZjYtODY2YS00MDkxLWFhODgtZjBhYmI5NTU4ZDQ1
LzEvQTBCWnp6OWJ6N29KT2JURjJjUFRoczdOVE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx0fso5z+
f+byaeDsbklTvl2H7oZf490/4kjZA6rHiY7fFr1ORQS7qpKd7Q8kp4EH+SaEjJ5Z
3ZkddPNibotG2Bejt76aNoHWySoxj2aOF1hPbbwYWjQr6Bt2Glyvpmyi4m2pPwHa
yhWdCUz6u8QCsBF4fvIvjufGNvO39C+iJz6D0REIRxIbhf188ix9ZkAd5/9ohiEW
+KncQHTH2TcB8lWhN1pkFRMje+oiHkamy1bCgVYLvJhVOfU5GacXQuvtTw9hp4ha
ETrSMwF0NNYxO0KckLdLsRoUjEuTdxXbDVXZ5e4YF6Ry64z+jmOSm1jYxxuDnu11
ymcvzT1dq8pyIg==
-----END CERTIFICATE-----