Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
File:                     ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft (raw, json)
Hash identifier:          GWi39VJOFVRenKD1PmsQqBTidtTyJM0Buo0qoSkLOFM=
Subject key identifier:   20:51:2A:BB:86:0A:71:A2:F8:1E:8B:71:EE:DF:D5:BA:0F:88:51:3E
Authority key identifier: 6A:10:B7:C5:4E:6F:95:B1:D9:B8:4A:AC:3D:9D:A7:42:A0:E0:2A:6C
Certificate issuer:       /CN=6a10b7c54e6f95b1d9b84aac3d9da742a0e02a6c
Certificate serial:       0199FBEB745E90199E2F0CCE0C987B1EDD01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
Manifest number:          12A1
Signing time:             Sun 19 Oct 2025 10:02:15 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:15 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:15 +0000
Files and hashes:         1: ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl (hash: gdX237QeXdkU1GC/4Ec4j9ZMWqNwVZhsJqCn2T+gTII=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:74:5e:90:19:9e:2f:0c:ce:0c:98:7b:1e:dd:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a10b7c54e6f95b1d9b84aac3d9da742a0e02a6c
        Validity
            Not Before: Oct 19 10:02:15 2025 GMT
            Not After : Oct 20 10:02:15 2025 GMT
        Subject: CN=20512abb860a71a2f81e8b71eedfd5ba0f88513e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:40:a5:de:48:81:df:fc:9f:0b:78:3d:45:2e:
                    35:6e:b8:8e:da:2c:21:eb:d8:be:a3:27:3d:ab:41:
                    8b:12:15:76:fc:a9:5b:e5:d8:4d:d0:78:c4:84:0f:
                    23:50:97:14:3e:db:98:54:11:ee:88:85:66:bd:e3:
                    27:7c:7e:a6:3c:38:77:3f:ce:5b:a6:3c:9f:1c:85:
                    60:e5:6d:33:d4:17:f4:1b:1d:d5:0f:07:04:e3:2e:
                    42:b8:a5:70:b3:a8:c3:48:bb:0c:fd:c7:be:21:43:
                    8c:74:0b:08:fb:d8:67:88:6d:ed:a6:4b:08:06:1e:
                    d4:66:c1:bb:17:cb:e3:1a:78:e7:77:e8:e7:0a:e9:
                    b0:02:79:f2:03:fc:c7:5b:9f:6f:1d:63:a2:66:75:
                    f0:8d:3e:a6:0d:0a:0e:80:75:e6:de:4d:a6:90:b5:
                    6e:97:af:4e:64:3b:f2:78:a3:4f:4d:50:54:db:af:
                    70:34:44:73:c1:c9:df:71:a6:ee:41:5c:57:f7:6c:
                    f1:d0:fc:c4:2d:51:9c:b8:02:9d:da:bd:a8:60:89:
                    3a:32:9c:f6:b2:ea:4d:4c:26:89:54:a1:b1:69:16:
                    f6:da:eb:e7:75:6a:94:6b:8c:04:12:52:e4:65:c1:
                    91:b7:9e:81:5c:80:bc:42:0a:f4:ee:17:63:ed:a0:
                    8c:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:51:2A:BB:86:0A:71:A2:F8:1E:8B:71:EE:DF:D5:BA:0F:88:51:3E
            X509v3 Authority Key Identifier:
                keyid:6A:10:B7:C5:4E:6F:95:B1:D9:B8:4A:AC:3D:9D:A7:42:A0:E0:2A:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8a2e85-9480-41a2-a255-2dcad6ee71fb/1/ahC3xU5vlbHZuEqsPZ2nQqDgKmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:7a:05:9d:bf:dc:7e:31:e6:94:32:49:65:c9:c9:c0:3d:8b:
         74:2b:55:49:4a:cf:76:b4:86:0a:eb:27:38:64:9e:4e:41:eb:
         39:58:f5:81:1f:e6:24:a7:1a:c8:54:8c:1d:97:2f:8b:15:75:
         d2:35:1f:74:5f:c0:78:1b:07:46:96:1a:4f:ec:37:61:2d:07:
         93:29:c6:3a:f7:1c:c6:44:51:41:d7:54:10:93:24:74:70:1d:
         94:bc:e7:b5:ac:40:08:d3:2a:47:aa:64:a7:d3:36:44:19:f7:
         34:47:37:60:7e:a0:00:0c:4d:70:1c:37:0f:39:fe:6b:ba:d8:
         69:0a:16:92:d9:d6:d8:9f:52:bb:bb:80:67:88:5d:9f:47:a8:
         cd:fa:96:5c:f3:b9:b6:6a:50:ff:c3:74:68:0d:3a:b0:e9:6a:
         ad:bc:fd:e1:67:85:3c:5a:1e:80:3a:56:23:b6:8c:c9:28:50:
         da:f3:e2:ed:77:bd:09:ab:72:bc:22:25:c9:5e:c0:6b:f6:5d:
         88:a4:e0:34:71:18:6b:3b:0e:8c:56:5d:41:5e:d8:03:f7:e5:
         8c:5d:f8:d4:1c:df:55:23:4f:e2:5d:d9:42:f5:57:58:81:2e:
         a3:83:9b:7d:e5:e0:7a:77:c8:ea:29:d4:31:d7:e5:ad:b1:68:
         f8:86:be:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn763RekBmeLwzODJh7Ht0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMTBiN2M1NGU2Zjk1YjFkOWI4NGFhYzNkOWRhNzQyYTBl
MDJhNmMwHhcNMjUxMDE5MTAwMjE1WhcNMjUxMDIwMTAwMjE1WjAzMTEwLwYDVQQD
EygyMDUxMmFiYjg2MGE3MWEyZjgxZThiNzFlZWRmZDViYTBmODg1MTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUCl3kiB3/yfC3g9RS41briO2iwh
69i+oyc9q0GLEhV2/Klb5dhN0HjEhA8jUJcUPtuYVBHuiIVmveMnfH6mPDh3P85b
pjyfHIVg5W0z1Bf0Gx3VDwcE4y5CuKVws6jDSLsM/ce+IUOMdAsI+9hniG3tpksI
Bh7UZsG7F8vjGnjnd+jnCumwAnnyA/zHW59vHWOiZnXwjT6mDQoOgHXm3k2mkLVu
l69OZDvyeKNPTVBU269wNERzwcnfcabuQVxX92zx0PzELVGcuAKd2r2oYIk6Mpz2
supNTCaJVKGxaRb22uvndWqUa4wEElLkZcGRt56BXIC8Qgr07hdj7aCMyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCBRKruGCnGi+B6Lce7f1boPiFE+MB8GA1UdIwQY
MBaAFGoQt8VOb5Wx2bhKrD2dp0Kg4CpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84YTJlODUtOTQ4MC00MWEyLWEyNTUt
MmRjYWQ2ZWU3MWZiLzEvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84YTJlODUtOTQ4MC00MWEyLWEyNTUtMmRjYWQ2ZWU3MWZi
LzEvYWhDM3hVNXZsYkhadUVxc1BaMm5RcURnS213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkHoFnb/c
fjHmlDJJZcnJwD2LdCtVSUrPdrSGCusnOGSeTkHrOVj1gR/mJKcayFSMHZcvixV1
0jUfdF/AeBsHRpYaT+w3YS0HkynGOvccxkRRQddUEJMkdHAdlLzntaxACNMqR6pk
p9M2RBn3NEc3YH6gAAxNcBw3Dzn+a7rYaQoWktnW2J9Su7uAZ4hdn0eozfqWXPO5
tmpQ/8N0aA06sOlqrbz94WeFPFoegDpWI7aMyShQ2vPi7Xe9CatyvCIlyV7Aa/Zd
iKTgNHEYazsOjFZdQV7YA/fljF341BzfVSNP4l3ZQvVXWIEuo4ObfeXgenfI6inU
MdflrbFo+Ia+Ig==
-----END CERTIFICATE-----