Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          fJf1A/u94ibvNIXNElOWvSaOBUeYNotXENQrGH+IOko=
Subject key identifier:   6A:1D:06:62:9E:1B:3C:02:77:7D:CF:AF:7A:69:0C:78:59:EC:94:91
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       019A00357CB7861C24B11093A3986F04F0A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0C5B
Signing time:             Mon 20 Oct 2025 06:01:36 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:36 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:36 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: J3Ov+LtBP74PJrZfSujlUtb1vL54DUiHB+QEr9RADAg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:7c:b7:86:1c:24:b1:10:93:a3:98:6f:04:f0:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Oct 20 06:01:36 2025 GMT
            Not After : Oct 21 06:01:36 2025 GMT
        Subject: CN=6a1d06629e1b3c02777dcfaf7a690c7859ec9491
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:aa:4c:b9:a4:5b:36:39:ab:1d:71:f8:94:3f:
                    00:c5:84:97:1b:65:86:af:d6:c4:d7:39:8a:99:0a:
                    73:60:48:b9:1b:ab:3e:1e:be:97:e8:8c:ed:bc:a0:
                    83:63:60:31:ed:1b:8a:0b:50:eb:3a:12:6b:f9:d6:
                    30:26:4c:e2:18:f4:b4:33:d5:35:c5:b9:4c:dd:96:
                    ec:d6:9c:06:9f:4c:4c:66:b9:85:19:66:7c:a8:bb:
                    e6:fa:8d:92:5d:d4:b7:38:56:0a:af:cd:fc:6c:54:
                    e1:5c:8d:07:53:31:8f:1c:74:f1:3c:00:d7:99:bb:
                    75:59:a4:d9:af:99:1f:23:fc:e4:f8:0f:62:49:c3:
                    40:c7:44:74:31:a8:eb:8d:ab:58:08:30:09:10:06:
                    ad:a7:aa:69:53:2c:2f:d7:a2:03:9a:46:86:ab:45:
                    87:63:85:8f:49:61:6e:3b:c8:29:d9:08:dd:f9:11:
                    80:79:49:1e:65:5c:72:30:11:56:6f:4d:f4:89:2c:
                    5e:87:9a:16:71:ec:7b:82:eb:58:df:ab:cd:54:3c:
                    ee:de:c2:e6:b2:a2:8f:fd:cf:5e:1a:93:59:71:3a:
                    04:92:ba:39:4b:43:e4:f6:9a:4e:3c:5d:cd:1b:d0:
                    85:86:e7:38:69:04:9c:ca:fd:b6:1d:6e:62:71:51:
                    30:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:1D:06:62:9E:1B:3C:02:77:7D:CF:AF:7A:69:0C:78:59:EC:94:91
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:bc:e4:ed:52:2a:20:34:3e:16:c7:4d:ea:57:38:7e:da:44:
         b1:d0:60:bb:29:43:d2:0c:cd:af:6e:76:77:76:5e:5b:88:18:
         63:bf:3a:09:01:fe:b5:1f:31:09:c3:e1:8d:1b:b3:71:a3:d0:
         7b:87:96:c1:e5:88:b7:a7:38:20:c2:c9:ce:89:44:9b:d3:4f:
         09:2a:bf:28:d5:f2:e4:37:e9:f2:cc:9f:e5:42:1c:7d:ed:18:
         b3:7f:c3:95:6b:7e:bc:9e:eb:e5:f5:e5:f2:d9:58:f2:0b:31:
         b4:d9:9e:3f:58:75:61:14:26:e3:77:55:cd:2f:ba:b5:21:72:
         2d:fb:51:2b:74:60:a5:c3:4d:91:54:4b:a9:15:09:b3:01:72:
         5c:58:17:ca:4d:09:2b:0b:3f:9c:2e:6c:c5:ca:66:03:ca:e5:
         3a:b6:00:6c:1c:83:e5:5c:da:82:53:f5:44:f2:a3:53:81:d1:
         85:e3:39:50:cf:69:a4:ad:c0:da:85:f8:10:92:14:29:1c:99:
         65:fe:de:b1:93:9c:65:d9:52:6a:b2:fb:2f:d9:35:65:67:2e:
         0b:65:8c:0e:7e:b4:2c:12:6d:ca:ee:b1:1d:d2:8d:65:a3:82:
         dd:5d:50:a3:3a:a4:c4:78:5d:c0:1a:11:bf:dc:95:0f:81:ef:
         c7:35:2c:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANXy3hhwksRCTo5hvBPCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUxMDIwMDYwMTM2WhcNMjUxMDIxMDYwMTM2WjAzMTEwLwYDVQQD
Eyg2YTFkMDY2MjllMWIzYzAyNzc3ZGNmYWY3YTY5MGM3ODU5ZWM5NDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqpMuaRbNjmrHXH4lD8AxYSXG2WG
r9bE1zmKmQpzYEi5G6s+Hr6X6IztvKCDY2Ax7RuKC1DrOhJr+dYwJkziGPS0M9U1
xblM3Zbs1pwGn0xMZrmFGWZ8qLvm+o2SXdS3OFYKr838bFThXI0HUzGPHHTxPADX
mbt1WaTZr5kfI/zk+A9iScNAx0R0MajrjatYCDAJEAatp6ppUywv16IDmkaGq0WH
Y4WPSWFuO8gp2Qjd+RGAeUkeZVxyMBFWb030iSxeh5oWcex7gutY36vNVDzu3sLm
sqKP/c9eGpNZcToEkro5S0Pk9ppOPF3NG9CFhuc4aQScyv22HW5icVEwBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGodBmKeGzwCd33Pr3ppDHhZ7JSRMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW7zk7VIq
IDQ+FsdN6lc4ftpEsdBguylD0gzNr252d3ZeW4gYY786CQH+tR8xCcPhjRuzcaPQ
e4eWweWIt6c4IMLJzolEm9NPCSq/KNXy5Dfp8syf5UIcfe0Ys3/DlWt+vJ7r5fXl
8tlY8gsxtNmeP1h1YRQm43dVzS+6tSFyLftRK3RgpcNNkVRLqRUJswFyXFgXyk0J
Kws/nC5sxcpmA8rlOrYAbByD5VzaglP1RPKjU4HRheM5UM9ppK3A2oX4EJIUKRyZ
Zf7esZOcZdlSarL7L9k1ZWcuC2WMDn60LBJtyu6xHdKNZaOC3V1QozqkxHhdwBoR
v9yVD4HvxzUsvA==
-----END CERTIFICATE-----