Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
File:                     aU0ylbrOkvvFQHllxly2WWm60Cg.mft (raw, json)
Hash identifier:          /QVDUj7mJQlS/24F6M2D650g/ZdBv+F9o4zmpvksCw8=
Subject key identifier:   5B:E7:58:35:FE:94:A2:EC:35:4B:08:92:80:81:60:7A:0C:0F:B2:F4
Authority key identifier: 69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28
Certificate issuer:       /CN=694d3295bace92fbc5407965c65cb65969bad028
Certificate serial:       0199FC21AF18D5126B5960A31AC57978128E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
Manifest number:          01E0
Signing time:             Sun 19 Oct 2025 11:01:29 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:29 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:29 +0000
Files and hashes:         1: aU0ylbrOkvvFQHllxly2WWm60Cg.crl (hash: lzRGZDSNn/7wgI2Thax0TSTcNhiKc9pplW2ii+uWi3g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:af:18:d5:12:6b:59:60:a3:1a:c5:79:78:12:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=694d3295bace92fbc5407965c65cb65969bad028
        Validity
            Not Before: Oct 19 11:01:29 2025 GMT
            Not After : Oct 20 11:01:29 2025 GMT
        Subject: CN=5be75835fe94a2ec354b08928081607a0c0fb2f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ff:ef:dc:4e:0e:1f:a0:52:15:a6:1e:45:06:
                    ad:b8:eb:c7:f7:17:92:a4:31:69:0c:b6:e5:68:4f:
                    21:7b:f4:6d:02:f1:55:7a:e2:06:f1:7e:82:38:b1:
                    01:5e:4c:42:76:92:c9:33:fa:c6:1f:f5:8a:05:ad:
                    01:4d:e0:d6:f6:27:fb:43:4e:92:11:62:ce:61:ca:
                    b7:0e:42:3d:a2:d8:d6:e1:5f:20:86:88:71:c6:d1:
                    5d:cc:23:67:79:39:5d:4c:b1:3b:72:85:fa:fa:a1:
                    5c:57:43:f5:f2:e4:65:0f:02:f1:07:81:42:ce:81:
                    6f:e1:40:5f:62:bf:3f:f7:51:62:b8:65:25:68:e9:
                    41:fd:b2:60:bc:4a:c9:34:14:f4:5e:d2:33:01:81:
                    9f:15:24:2e:ae:e5:77:63:72:b0:47:c2:f9:25:b5:
                    66:ba:26:6c:a7:e3:7d:c1:66:0c:3a:40:16:ff:0c:
                    7a:6a:a9:dd:43:58:66:eb:e5:b1:38:05:6e:d8:5a:
                    3b:2d:3e:78:27:2b:fc:e2:7f:71:59:a6:1b:c8:d5:
                    aa:d9:fc:12:1f:4e:e5:dc:c6:f4:c3:91:63:a6:e9:
                    0f:e6:e8:a1:9f:11:9e:fc:74:fb:a7:2b:0b:c9:76:
                    88:47:11:52:d9:cf:35:db:ef:c5:e4:44:21:d8:46:
                    0e:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:E7:58:35:FE:94:A2:EC:35:4B:08:92:80:81:60:7A:0C:0F:B2:F4
            X509v3 Authority Key Identifier:
                keyid:69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:97:26:fa:a9:96:dd:b0:1c:9a:42:04:30:aa:ba:15:ff:42:
         59:47:da:6c:33:16:3e:85:cd:bc:15:59:e2:c2:5e:9e:39:ed:
         cc:4e:ce:45:e9:87:8d:77:76:c5:18:9a:cf:38:4f:4c:8e:59:
         a7:11:b9:be:2f:f8:4d:ac:3a:16:3f:05:8e:6c:6f:40:93:a4:
         bb:4d:96:18:88:0a:75:55:dc:e1:05:9e:f4:59:c9:24:d6:fc:
         2b:a8:5e:51:e7:2b:2c:18:fc:28:bb:c5:d7:c9:d8:ac:ea:39:
         56:96:0b:05:b1:df:5e:ea:78:2b:66:0d:37:0c:0a:de:a2:51:
         1c:ff:0b:f4:c1:f3:28:48:7d:fe:1e:e5:51:e8:56:94:b5:b4:
         a0:68:ab:1a:dd:05:29:80:c7:99:3e:60:43:27:ed:a8:84:37:
         e5:10:7b:c8:0b:86:dc:15:6c:f0:0f:e5:ec:9e:c0:b1:3b:83:
         40:d6:e3:8c:a5:18:13:f1:66:c2:da:30:cd:5c:bc:45:92:7d:
         ed:2d:af:48:3e:b6:7f:0c:de:38:5b:9c:fe:c3:fa:f8:88:26:
         72:54:41:6b:d9:39:8c:34:3f:60:ea:ea:26:24:00:80:20:70:
         74:02:12:96:cd:8b:60:f7:15:a4:d1:fd:da:40:4c:5c:b4:e9:
         85:7a:2d:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8Ia8Y1RJrWWCjGsV5eBKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGQzMjk1YmFjZTkyZmJjNTQwNzk2NWM2NWNiNjU5Njli
YWQwMjgwHhcNMjUxMDE5MTEwMTI5WhcNMjUxMDIwMTEwMTI5WjAzMTEwLwYDVQQD
Eyg1YmU3NTgzNWZlOTRhMmVjMzU0YjA4OTI4MDgxNjA3YTBjMGZiMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu//v3E4OH6BSFaYeRQatuOvH9xeS
pDFpDLblaE8he/RtAvFVeuIG8X6COLEBXkxCdpLJM/rGH/WKBa0BTeDW9if7Q06S
EWLOYcq3DkI9otjW4V8ghohxxtFdzCNneTldTLE7coX6+qFcV0P18uRlDwLxB4FC
zoFv4UBfYr8/91FiuGUlaOlB/bJgvErJNBT0XtIzAYGfFSQuruV3Y3KwR8L5JbVm
uiZsp+N9wWYMOkAW/wx6aqndQ1hm6+WxOAVu2Fo7LT54Jyv84n9xWaYbyNWq2fwS
H07l3Mb0w5FjpukP5uihnxGe/HT7pysLyXaIRxFS2c812+/F5EQh2EYO4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvnWDX+lKLsNUsIkoCBYHoMD7L0MB8GA1UdIwQY
MBaAFGlNMpW6zpL7xUB5ZcZctllputAoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgt
MjdlOTZiOTA0N2E4LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgtMjdlOTZiOTA0N2E4
LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU5cm+qmW
3bAcmkIEMKq6Ff9CWUfabDMWPoXNvBVZ4sJenjntzE7ORemHjXd2xRiazzhPTI5Z
pxG5vi/4Taw6Fj8FjmxvQJOku02WGIgKdVXc4QWe9FnJJNb8K6heUecrLBj8KLvF
18nYrOo5VpYLBbHfXup4K2YNNwwK3qJRHP8L9MHzKEh9/h7lUehWlLW0oGirGt0F
KYDHmT5gQyftqIQ35RB7yAuG3BVs8A/l7J7AsTuDQNbjjKUYE/FmwtowzVy8RZJ9
7S2vSD62fwzeOFuc/sP6+IgmclRBa9k5jDQ/YOrqJiQAgCBwdAISls2LYPcVpNH9
2kBMXLTphXotfA==
-----END CERTIFICATE-----