Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
File:                     AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json)
Hash identifier:          l/Fe9BI9vwtNSn9hAqhwyaE1x1WeCIUBiz/nZghRZMk=
Subject key identifier:   61:31:3B:B2:38:1E:1C:E9:90:55:3A:58:D8:9B:FA:10:71:1F:83:76
Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C
Certificate issuer:       /CN=0248417c7fe9ccec5b9daacc08fce799d673088c
Certificate serial:       0199FDD96E6F22B4F5D59A346689AA4C328B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
Manifest number:          0F19
Signing time:             Sun 19 Oct 2025 19:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:49 +0000
Files and hashes:         1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: YXIRnOI3XtSKd0ilHg1LMXTe5Vm5QlCitP0F/5AqA1k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:6e:6f:22:b4:f5:d5:9a:34:66:89:aa:4c:32:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c
        Validity
            Not Before: Oct 19 19:01:49 2025 GMT
            Not After : Oct 20 19:01:49 2025 GMT
        Subject: CN=61313bb2381e1ce990553a58d89bfa10711f8376
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a0:d0:00:79:86:fe:18:37:ef:4f:73:95:e6:
                    5e:8a:9b:1e:0d:4a:fe:9a:ae:d0:58:98:37:99:8f:
                    52:73:77:97:2c:42:87:e5:d1:c0:1c:29:15:d8:e7:
                    85:3c:11:1e:15:95:3d:4a:6b:a7:68:a5:47:d8:6b:
                    29:3d:90:6b:87:e6:2b:d5:1d:0b:21:d2:7a:6b:fc:
                    17:5d:5d:f3:99:51:15:37:c5:bf:1e:6a:58:0a:87:
                    c2:59:e7:c4:05:f0:e7:00:3e:8d:26:e1:b0:c8:8e:
                    fc:ce:b8:10:1c:58:cc:20:31:32:68:b6:ce:00:5e:
                    2c:f4:fe:b0:63:74:1d:6c:2d:07:9f:01:ae:e1:99:
                    b0:44:dd:f6:4f:81:c7:59:48:1a:d8:49:ec:cc:6b:
                    9d:aa:22:22:a4:0e:06:72:a3:e9:37:28:ff:4b:94:
                    0c:dc:64:5d:f1:2b:7f:d6:d3:db:5e:88:08:af:41:
                    50:28:ad:f0:82:aa:d4:1d:36:ab:8d:35:7e:e1:24:
                    fe:01:de:11:ca:0f:63:ae:79:c5:01:25:f0:4c:75:
                    c2:76:72:7c:1e:62:d9:3a:4a:f1:53:60:f4:9f:0b:
                    1a:63:e4:2b:37:36:a3:82:cd:da:a1:9c:53:2e:62:
                    f9:3c:74:6c:46:3f:86:5d:af:9d:9e:22:11:27:3b:
                    ac:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:31:3B:B2:38:1E:1C:E9:90:55:3A:58:D8:9B:FA:10:71:1F:83:76
            X509v3 Authority Key Identifier:
                keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:67:1a:bb:73:1e:d0:73:fc:e0:04:60:d7:72:70:6d:e4:f5:
         64:33:3d:50:7c:0a:6c:23:e1:db:bd:30:23:b9:cf:61:d5:91:
         d5:18:6c:e2:af:a2:01:e7:40:51:a3:fd:34:78:86:cb:02:c8:
         25:52:4d:41:28:e2:25:6d:ca:4b:6f:12:4a:e3:61:e9:31:b3:
         54:97:fb:55:50:45:36:55:dd:85:72:4a:0d:d9:8a:05:f4:7c:
         b8:c5:22:21:e7:16:49:81:65:9e:b7:aa:ce:30:f7:7c:14:46:
         8f:bc:df:58:ae:f0:45:24:5d:d6:1c:6d:23:63:78:79:ea:d2:
         45:9a:02:c5:d2:93:77:80:8f:67:f2:d5:00:d9:72:05:2d:b5:
         a0:2a:a2:8d:6b:21:60:36:5b:fd:b1:bc:a2:96:37:69:c4:92:
         11:cc:67:fc:65:24:28:5b:f4:20:b9:e6:f6:a7:e4:9a:e5:49:
         78:82:60:87:80:e0:6f:bc:92:12:f3:dc:17:59:ac:66:e5:47:
         95:d6:4d:ad:28:09:cf:63:d6:d8:38:e0:e4:49:01:38:a7:f8:
         f9:b5:45:12:6c:8f:d9:c9:94:d7:ea:c4:df:2f:7c:b6:f8:1e:
         c9:6c:7b:78:3d:c9:c1:31:0d:19:20:3c:44:75:ed:e1:1b:7d:
         2e:32:4f:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92W5vIrT11Zo0ZomqTDKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3
MzA4OGMwHhcNMjUxMDE5MTkwMTQ5WhcNMjUxMDIwMTkwMTQ5WjAzMTEwLwYDVQQD
Eyg2MTMxM2JiMjM4MWUxY2U5OTA1NTNhNThkODliZmExMDcxMWY4Mzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6DQAHmG/hg3709zleZeipseDUr+
mq7QWJg3mY9Sc3eXLEKH5dHAHCkV2OeFPBEeFZU9SmunaKVH2GspPZBrh+Yr1R0L
IdJ6a/wXXV3zmVEVN8W/HmpYCofCWefEBfDnAD6NJuGwyI78zrgQHFjMIDEyaLbO
AF4s9P6wY3QdbC0HnwGu4ZmwRN32T4HHWUga2EnszGudqiIipA4GcqPpNyj/S5QM
3GRd8St/1tPbXogIr0FQKK3wgqrUHTarjTV+4ST+Ad4Ryg9jrnnFASXwTHXCdnJ8
HmLZOkrxU2D0nwsaY+QrNzajgs3aoZxTLmL5PHRsRj+GXa+dniIRJzusMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGExO7I4HhzpkFU6WNib+hBxH4N2MB8GA1UdIwQY
MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt
NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2
LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGcau3Me
0HP84ARg13JwbeT1ZDM9UHwKbCPh270wI7nPYdWR1Rhs4q+iAedAUaP9NHiGywLI
JVJNQSjiJW3KS28SSuNh6TGzVJf7VVBFNlXdhXJKDdmKBfR8uMUiIecWSYFlnreq
zjD3fBRGj7zfWK7wRSRd1hxtI2N4eerSRZoCxdKTd4CPZ/LVANlyBS21oCqijWsh
YDZb/bG8opY3acSSEcxn/GUkKFv0ILnm9qfkmuVJeIJgh4Dgb7ySEvPcF1msZuVH
ldZNrSgJz2PW2Djg5EkBOKf4+bVFEmyP2cmU1+rE3y98tvgeyWx7eD3JwTENGSA8
RHXt4Rt9LjJPvA==
-----END CERTIFICATE-----