Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
File:                     aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json)
Hash identifier:          cB3oCB6+Ls+dFDm+iCk3rRvn2Y1rIkWewlikLoPssu4=
Subject key identifier:   CA:D4:3E:ED:F9:42:B7:8A:AB:5C:4E:80:E6:23:0C:58:5C:22:C9:50
Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52
Certificate issuer:       /CN=680928a91f8f7e6397e6c65d0e0b66291796d352
Certificate serial:       0199FB45AC5330A5BC14339BB8523DCDAE05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
Manifest number:          12A5
Signing time:             Sun 19 Oct 2025 07:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:11 +0000
Files and hashes:         1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: LqophCzXtU485M02IMgxxhOARqn20YekCI6h9izzYLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:ac:53:30:a5:bc:14:33:9b:b8:52:3d:cd:ae:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352
        Validity
            Not Before: Oct 19 07:01:11 2025 GMT
            Not After : Oct 20 07:01:11 2025 GMT
        Subject: CN=cad43eedf942b78aab5c4e80e6230c585c22c950
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:04:8d:6a:ca:e5:ed:76:1a:0d:9f:d0:91:e3:
                    05:82:37:ac:46:d4:13:34:25:b7:d2:c0:17:5b:7a:
                    4b:15:ed:9b:8e:fe:de:f7:82:4a:46:98:97:b0:17:
                    54:df:75:5b:6c:1d:b2:af:a4:db:17:c0:9b:de:94:
                    3f:41:76:ac:be:54:7d:ad:3a:4a:2f:99:69:70:df:
                    6c:9c:10:4f:e4:09:29:d7:20:2c:b6:06:35:3f:b0:
                    92:12:fb:e6:cf:fa:44:0a:59:53:0e:30:68:60:30:
                    1e:36:28:33:cb:2d:72:74:29:32:0c:5b:84:a9:1c:
                    ee:ee:e6:99:f5:6e:b5:d0:7b:3c:fa:7c:3a:5d:26:
                    47:cc:46:70:13:06:a3:74:20:91:e9:94:21:b0:94:
                    c6:da:22:f3:7f:64:16:86:7d:4c:a7:b7:f2:c3:50:
                    63:39:ee:56:fb:6b:f9:38:c3:60:02:e1:5b:7a:b2:
                    09:bb:8c:f1:cd:b3:0e:da:be:b7:f3:1a:44:d4:7f:
                    f3:76:ae:c5:11:72:c6:cb:e6:f4:65:a3:26:da:1b:
                    07:aa:32:ed:0d:48:c0:2e:17:28:35:71:8c:de:dc:
                    62:d7:bf:cd:c6:81:b5:6e:24:4c:67:1d:33:2a:25:
                    fc:d7:83:de:72:f3:1c:a6:0b:32:33:e6:a5:90:44:
                    2c:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:D4:3E:ED:F9:42:B7:8A:AB:5C:4E:80:E6:23:0C:58:5C:22:C9:50
            X509v3 Authority Key Identifier:
                keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:fe:40:62:e4:58:45:37:1e:6b:a1:26:4e:6c:94:aa:c1:e9:
         aa:d5:f5:bd:6a:a8:a7:57:03:aa:29:97:af:4f:45:0f:cb:7b:
         ec:d0:89:4b:39:4c:72:09:7d:59:e9:aa:7b:8a:7e:bf:da:7f:
         41:24:2a:13:2e:9d:fd:6f:4c:61:04:f1:73:2c:33:c6:b8:7d:
         1e:cc:f7:9e:19:82:15:01:ec:b9:8d:43:7f:0e:51:f6:4f:3f:
         15:df:c7:85:5e:bf:f2:a0:40:e6:ed:42:89:e5:d7:2b:c1:da:
         29:30:29:df:44:8b:c0:14:f0:2b:43:1a:73:00:51:f9:6d:41:
         df:a6:90:1a:cb:92:e4:fc:62:20:36:75:72:34:0d:52:5c:8c:
         22:5c:33:e0:47:79:14:90:38:12:ef:8e:01:1f:94:46:4f:1e:
         f9:84:e6:77:55:fd:61:79:cd:2e:4c:60:68:c8:68:65:ac:56:
         73:ea:d4:62:83:bb:a1:f4:aa:b2:88:7f:84:3f:a0:e3:8b:72:
         02:c4:4c:85:d6:9c:97:fd:1c:8a:66:b9:dc:a0:10:a9:85:5a:
         46:4c:29:54:b0:b1:15:59:b9:28:1d:f5:3b:36:29:fc:1f:68:
         dc:40:c1:8c:01:44:02:98:6c:38:17:cd:35:31:81:a1:7b:b4:
         a2:b5:95:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RaxTMKW8FDObuFI9za4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5
NmQzNTIwHhcNMjUxMDE5MDcwMTExWhcNMjUxMDIwMDcwMTExWjAzMTEwLwYDVQQD
EyhjYWQ0M2VlZGY5NDJiNzhhYWI1YzRlODBlNjIzMGM1ODVjMjJjOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgSNasrl7XYaDZ/QkeMFgjesRtQT
NCW30sAXW3pLFe2bjv7e94JKRpiXsBdU33VbbB2yr6TbF8Cb3pQ/QXasvlR9rTpK
L5lpcN9snBBP5Akp1yAstgY1P7CSEvvmz/pECllTDjBoYDAeNigzyy1ydCkyDFuE
qRzu7uaZ9W610Hs8+nw6XSZHzEZwEwajdCCR6ZQhsJTG2iLzf2QWhn1Mp7fyw1Bj
Oe5W+2v5OMNgAuFberIJu4zxzbMO2r638xpE1H/zdq7FEXLGy+b0ZaMm2hsHqjLt
DUjALhcoNXGM3txi17/NxoG1biRMZx0zKiX814PecvMcpgsyM+alkEQs4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrUPu35QreKq1xOgOYjDFhcIslQMB8GA1UdIwQY
MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt
OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5
LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAov5AYuRY
RTcea6EmTmyUqsHpqtX1vWqop1cDqimXr09FD8t77NCJSzlMcgl9Wemqe4p+v9p/
QSQqEy6d/W9MYQTxcywzxrh9Hsz3nhmCFQHsuY1Dfw5R9k8/Fd/HhV6/8qBA5u1C
ieXXK8HaKTAp30SLwBTwK0MacwBR+W1B36aQGsuS5PxiIDZ1cjQNUlyMIlwz4Ed5
FJA4Eu+OAR+URk8e+YTmd1X9YXnNLkxgaMhoZaxWc+rUYoO7ofSqsoh/hD+g44ty
AsRMhdacl/0cima53KAQqYVaRkwpVLCxFVm5KB31OzYp/B9o3EDBjAFEAphsOBfN
NTGBoXu0orWV9g==
-----END CERTIFICATE-----