Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft
File:                     aQqw79d1diHIbXtpx29gssP6w1Y.mft (raw, json)
Hash identifier:          fjMR/I7BeElxNA8IbU3sedg/C4e/VknzfDemK9fQIRA=
Subject key identifier:   7A:C5:86:39:91:C9:B3:BA:85:9F:78:00:5E:9B:97:A8:5B:CC:C3:12
Authority key identifier: 69:0A:B0:EF:D7:75:76:21:C8:6D:7B:69:C7:6F:60:B2:C3:FA:C3:56
Certificate issuer:       /CN=690ab0efd7757621c86d7b69c76f60b2c3fac356
Certificate serial:       0199FCC65E0F75EC05224C25B77642873A42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aQqw79d1diHIbXtpx29gssP6w1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft
Manifest number:          0431
Signing time:             Sun 19 Oct 2025 14:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:22 +0000
Files and hashes:         1: aQqw79d1diHIbXtpx29gssP6w1Y.crl (hash: eHSmRxMNlvCuSKuR6vUh/iApeT9u4d937QX3usdDZcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aQqw79d1diHIbXtpx29gssP6w1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:5e:0f:75:ec:05:22:4c:25:b7:76:42:87:3a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=690ab0efd7757621c86d7b69c76f60b2c3fac356
        Validity
            Not Before: Oct 19 14:01:22 2025 GMT
            Not After : Oct 20 14:01:22 2025 GMT
        Subject: CN=7ac5863991c9b3ba859f78005e9b97a85bccc312
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d5:c4:26:85:28:f7:7f:0f:c3:99:88:9f:4f:
                    f9:c0:b3:22:29:c6:a4:4b:93:7c:59:c6:b4:0e:82:
                    7c:0e:02:cd:b3:a7:5e:e2:b8:d0:55:34:e3:5b:5d:
                    2f:2f:07:40:70:ec:77:0a:3c:27:3d:a9:54:4b:f0:
                    de:84:e3:46:43:e8:18:07:b4:53:c6:94:46:32:71:
                    84:54:22:3e:6a:71:91:44:3b:ab:a4:71:e3:cf:ed:
                    9d:99:c3:ce:9f:28:e4:45:3e:94:73:bd:5c:55:57:
                    c9:a3:26:75:d4:12:cd:70:d4:25:1b:30:fb:e0:80:
                    9e:8f:20:b4:79:8f:1e:83:64:9d:eb:9a:10:67:8f:
                    d1:b6:41:2f:df:97:93:6e:20:e2:ae:dc:fb:d4:db:
                    7b:73:74:72:50:9d:7c:b1:20:54:9c:49:d3:09:78:
                    05:d8:5a:0a:ee:73:ba:93:f7:78:05:aa:5a:6d:be:
                    34:3e:99:3a:22:f1:d9:a1:7f:80:33:ce:94:a2:71:
                    15:05:93:07:02:d1:2c:21:5f:23:aa:76:b9:96:26:
                    02:ed:e2:92:95:d6:5b:f4:42:7e:82:30:a1:4b:92:
                    48:2e:dc:d1:c8:6f:5d:c7:44:c8:58:32:dd:8d:85:
                    f1:f6:71:ed:13:b7:31:26:17:f3:fa:59:a7:81:da:
                    9e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:C5:86:39:91:C9:B3:BA:85:9F:78:00:5E:9B:97:A8:5B:CC:C3:12
            X509v3 Authority Key Identifier:
                keyid:69:0A:B0:EF:D7:75:76:21:C8:6D:7B:69:C7:6F:60:B2:C3:FA:C3:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQqw79d1diHIbXtpx29gssP6w1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:34:7d:f2:99:3d:e7:32:e6:e9:80:76:b4:ec:b5:bf:42:a7:
         c1:97:b9:21:2d:d5:40:32:00:6a:c3:63:0d:4c:7c:9f:98:b8:
         78:aa:03:86:a4:47:22:af:30:d4:59:f8:0c:bd:63:17:1f:2c:
         83:22:aa:6f:f9:35:bc:e6:90:f5:8a:c3:9f:41:d9:26:4d:41:
         c7:c2:94:0c:93:7b:e2:9a:c6:ae:72:ec:3b:fe:3a:84:58:54:
         04:5a:74:37:bd:8f:c2:83:f4:0a:00:24:6c:4b:f4:61:c7:1f:
         ce:c6:60:6f:c4:a7:30:15:c0:5f:f5:b6:5d:66:57:56:2e:6b:
         71:02:de:87:ae:35:07:6c:5a:fb:4a:b4:de:de:50:6c:76:0e:
         f2:cc:fe:ca:f2:65:fd:43:8d:99:e9:75:d3:e6:31:3e:36:a9:
         b4:6a:7e:c3:5b:cf:ff:45:66:30:77:a0:ad:7e:30:60:67:f5:
         e9:c3:3f:24:26:3b:b5:0b:c1:01:67:1f:7b:23:dc:34:ea:42:
         4c:7a:3a:4e:a9:99:47:8b:1e:5c:dd:13:46:22:8f:aa:5f:9e:
         15:69:7d:d2:63:7d:af:61:56:ef:83:4b:b9:0f:ca:5f:dd:04:
         5f:eb:0b:f7:68:63:b0:92:80:72:bd:10:70:db:03:66:83:5f:
         62:19:dd:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xl4PdewFIkwlt3ZChzpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MGFiMGVmZDc3NTc2MjFjODZkN2I2OWM3NmY2MGIyYzNm
YWMzNTYwHhcNMjUxMDE5MTQwMTIyWhcNMjUxMDIwMTQwMTIyWjAzMTEwLwYDVQQD
Eyg3YWM1ODYzOTkxYzliM2JhODU5Zjc4MDA1ZTliOTdhODViY2NjMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtXEJoUo938Pw5mIn0/5wLMiKcak
S5N8Wca0DoJ8DgLNs6de4rjQVTTjW10vLwdAcOx3CjwnPalUS/DehONGQ+gYB7RT
xpRGMnGEVCI+anGRRDurpHHjz+2dmcPOnyjkRT6Uc71cVVfJoyZ11BLNcNQlGzD7
4ICejyC0eY8eg2Sd65oQZ4/RtkEv35eTbiDirtz71Nt7c3RyUJ18sSBUnEnTCXgF
2FoK7nO6k/d4Bapabb40Ppk6IvHZoX+AM86UonEVBZMHAtEsIV8jqna5liYC7eKS
ldZb9EJ+gjChS5JILtzRyG9dx0TIWDLdjYXx9nHtE7cxJhfz+lmngdqeMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrFhjmRybO6hZ94AF6bl6hbzMMSMB8GA1UdIwQY
MBaAFGkKsO/XdXYhyG17acdvYLLD+sNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFxdzc5ZDFkaUhJYlh0cHgyOWdzc1A2dzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80NWIyMjUtNjRlMy00ZDM0LTgwZDkt
MjFjODE1YTZlYjllLzEvYVFxdzc5ZDFkaUhJYlh0cHgyOWdzc1A2dzFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80NWIyMjUtNjRlMy00ZDM0LTgwZDktMjFjODE1YTZlYjll
LzEvYVFxdzc5ZDFkaUhJYlh0cHgyOWdzc1A2dzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATzR98pk9
5zLm6YB2tOy1v0KnwZe5IS3VQDIAasNjDUx8n5i4eKoDhqRHIq8w1Fn4DL1jFx8s
gyKqb/k1vOaQ9YrDn0HZJk1Bx8KUDJN74prGrnLsO/46hFhUBFp0N72PwoP0CgAk
bEv0YccfzsZgb8SnMBXAX/W2XWZXVi5rcQLeh641B2xa+0q03t5QbHYO8sz+yvJl
/UONmel10+YxPjaptGp+w1vP/0VmMHegrX4wYGf16cM/JCY7tQvBAWcfeyPcNOpC
THo6TqmZR4seXN0TRiKPql+eFWl90mN9r2FW74NLuQ/KX90EX+sL92hjsJKAcr0Q
cNsDZoNfYhndaQ==
-----END CERTIFICATE-----