Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
File:                     AaVsQu18uWPyhVA87AYG1g0Ks4c.mft (raw, json)
Hash identifier:          qynCQ5rA+khYxEbRaE10wksMpDsM0FzjAAZUnUQl0XY=
Subject key identifier:   3A:41:20:12:44:A9:04:D2:A2:95:FB:6D:0B:BB:26:41:3F:F3:E4:D5
Authority key identifier: 01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87
Certificate issuer:       /CN=01a56c42ed7cb963f285503cec0606d60d0ab387
Certificate serial:       0199FFC795CF41EE6BD2415F4B48D3F3DED2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
Manifest number:          0FA5
Signing time:             Mon 20 Oct 2025 04:01:34 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:34 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:34 +0000
Files and hashes:         1: AaVsQu18uWPyhVA87AYG1g0Ks4c.crl (hash: KOHRYNKsxBhilCuNq01NCkrtOnzkB8Yp+r1owSUywS4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:95:cf:41:ee:6b:d2:41:5f:4b:48:d3:f3:de:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01a56c42ed7cb963f285503cec0606d60d0ab387
        Validity
            Not Before: Oct 20 04:01:34 2025 GMT
            Not After : Oct 21 04:01:34 2025 GMT
        Subject: CN=3a41201244a904d2a295fb6d0bbb26413ff3e4d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f4:53:3e:52:bb:a2:81:8d:eb:b8:d7:a1:cc:
                    9a:9e:9f:28:eb:b6:06:a5:7d:5b:89:99:ee:f3:ee:
                    ff:bd:34:46:b1:04:ec:95:8e:54:5a:2e:f5:36:fe:
                    53:d7:01:7a:f6:2c:8b:9f:6c:bb:48:7e:6d:23:7a:
                    53:3c:0f:c3:6b:cf:0e:1f:68:07:4e:51:a0:b1:77:
                    ca:64:02:f3:7d:58:ef:f2:9b:e0:85:5a:a6:87:b0:
                    eb:af:28:38:62:d6:c6:4a:54:bd:06:3c:90:5b:7d:
                    15:40:03:c9:db:45:bc:ec:65:a5:8b:8c:35:b2:b5:
                    5f:37:1e:2a:52:36:a9:6c:d8:dc:ce:74:7f:eb:5b:
                    cf:ea:b5:89:2d:a5:46:fa:37:2c:37:d5:e4:64:c5:
                    6d:92:7a:be:33:d7:59:78:fa:0b:3b:9b:9d:82:2c:
                    cb:0e:7b:ef:4d:64:d0:04:35:4d:68:f6:f2:00:40:
                    0e:6e:5f:d3:48:2e:b9:c8:46:3e:48:a5:89:3d:d5:
                    d4:3d:a4:53:b1:ad:e9:a1:3f:0a:4f:24:f2:8a:61:
                    7e:cf:90:3b:64:0c:9f:c6:5b:c9:bd:1f:a0:62:12:
                    1b:0e:fb:e2:d1:da:42:10:51:55:95:d4:81:df:b9:
                    3c:00:0b:6a:06:7a:ba:35:72:48:2d:6d:95:c2:e8:
                    4f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:41:20:12:44:A9:04:D2:A2:95:FB:6D:0B:BB:26:41:3F:F3:E4:D5
            X509v3 Authority Key Identifier:
                keyid:01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:0f:6b:e9:4a:ac:4a:24:dd:e0:3a:0c:b9:10:33:09:fc:9f:
         01:63:16:3f:e2:0a:ec:f5:26:ab:0b:31:4d:22:16:c1:7d:31:
         e3:7c:71:12:22:43:5c:3d:9b:99:2d:03:db:d8:22:1a:19:d6:
         3b:f8:e2:98:02:67:43:ce:d7:01:44:c3:29:b5:d2:17:ac:88:
         49:e3:42:4d:42:30:2b:4e:31:98:1f:84:d1:ca:22:d4:e9:03:
         44:e7:37:43:8d:46:2e:cc:f4:b1:45:7c:11:db:52:76:3a:05:
         d9:7f:06:45:e7:4c:c7:c0:dc:ef:88:63:ac:80:34:23:02:6c:
         62:13:3f:8e:21:c6:6a:01:2e:3a:7e:ba:b2:b9:3b:93:ce:d8:
         7c:ef:ed:72:7d:17:55:9e:fc:05:b9:fe:c9:73:43:03:01:3f:
         63:d2:a0:51:25:df:18:92:82:82:a9:5b:08:76:5f:47:39:a1:
         5a:b3:ae:f9:66:17:06:84:1b:70:8c:3b:29:69:10:08:4e:04:
         f4:c8:63:ec:50:fb:48:90:45:e9:1e:5a:f7:fd:b9:4a:35:a1:
         d6:b2:b8:e7:79:9b:c7:4e:cd:43:ff:3a:dd:51:c7:17:4b:f2:
         fc:be:99:31:57:2a:d3:41:66:88:df:54:ff:69:77:37:a4:59:
         8d:29:d4:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x5XPQe5r0kFfS0jT897SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYTU2YzQyZWQ3Y2I5NjNmMjg1NTAzY2VjMDYwNmQ2MGQw
YWIzODcwHhcNMjUxMDIwMDQwMTM0WhcNMjUxMDIxMDQwMTM0WjAzMTEwLwYDVQQD
EygzYTQxMjAxMjQ0YTkwNGQyYTI5NWZiNmQwYmJiMjY0MTNmZjNlNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/RTPlK7ooGN67jXocyanp8o67YG
pX1biZnu8+7/vTRGsQTslY5UWi71Nv5T1wF69iyLn2y7SH5tI3pTPA/Da88OH2gH
TlGgsXfKZALzfVjv8pvghVqmh7Drryg4YtbGSlS9BjyQW30VQAPJ20W87GWli4w1
srVfNx4qUjapbNjcznR/61vP6rWJLaVG+jcsN9XkZMVtknq+M9dZePoLO5udgizL
DnvvTWTQBDVNaPbyAEAObl/TSC65yEY+SKWJPdXUPaRTsa3poT8KTyTyimF+z5A7
ZAyfxlvJvR+gYhIbDvvi0dpCEFFVldSB37k8AAtqBnq6NXJILW2VwuhPfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpBIBJEqQTSopX7bQu7JkE/8+TVMB8GA1UdIwQY
MBaAFAGlbELtfLlj8oVQPOwGBtYNCrOHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMt
ZWQwN2Y1Y2FkNmQ3LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMtZWQwN2Y1Y2FkNmQ3
LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdg9r6Uqs
SiTd4DoMuRAzCfyfAWMWP+IK7PUmqwsxTSIWwX0x43xxEiJDXD2bmS0D29giGhnW
O/jimAJnQ87XAUTDKbXSF6yISeNCTUIwK04xmB+E0coi1OkDROc3Q41GLsz0sUV8
EdtSdjoF2X8GRedMx8Dc74hjrIA0IwJsYhM/jiHGagEuOn66srk7k87YfO/tcn0X
VZ78Bbn+yXNDAwE/Y9KgUSXfGJKCgqlbCHZfRzmhWrOu+WYXBoQbcIw7KWkQCE4E
9Mhj7FD7SJBF6R5a9/25SjWh1rK453mbx07NQ/863VHHF0vy/L6ZMVcq00FmiN9U
/2l3N6RZjSnUww==
-----END CERTIFICATE-----