Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
File:                     AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft (raw, json)
Hash identifier:          QNVCpIH3Y1QM6aUmm916d/qmZEd0mZeH/0+7nj5+GHo=
Subject key identifier:   AC:C1:20:15:D6:1C:E5:99:08:8E:EE:FC:C6:D0:D5:38:B6:22:61:7E
Authority key identifier: 00:08:58:94:96:BF:86:D2:D0:F8:87:4B:76:CA:C8:43:02:5B:CD:3B
Certificate issuer:       /CN=0008589496bf86d2d0f8874b76cac843025bcd3b
Certificate serial:       0199FB0EBDB85B64B26F82077131A36C14A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
Manifest number:          0FA4
Signing time:             Sun 19 Oct 2025 06:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 06:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 06:01:11 +0000
Files and hashes:         1: AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl (hash: tcHzdg2hxlOkY9G8XfMXnfNaL71JqpRCTLDKmByg4Sk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:0e:bd:b8:5b:64:b2:6f:82:07:71:31:a3:6c:14:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0008589496bf86d2d0f8874b76cac843025bcd3b
        Validity
            Not Before: Oct 19 06:01:11 2025 GMT
            Not After : Oct 20 06:01:11 2025 GMT
        Subject: CN=acc12015d61ce599088eeefcc6d0d538b622617e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:fc:10:0e:4f:01:75:a9:7d:83:10:d7:c6:93:
                    fe:90:21:19:79:69:aa:37:f9:72:ce:74:82:c1:65:
                    10:85:93:ca:00:0d:0c:9c:ef:1f:e3:4d:e5:52:6d:
                    26:45:e0:12:71:e0:0f:6b:05:1d:6b:0c:83:ef:b8:
                    0a:76:5a:10:6c:69:8a:98:e4:be:a4:7f:1a:4a:ab:
                    37:2a:ff:bf:ab:97:04:97:64:f5:9b:3b:8b:90:b1:
                    c9:98:3b:cc:44:2a:44:bf:af:e0:be:d9:e3:45:95:
                    18:9d:98:d7:68:68:77:22:ff:0a:0a:34:90:98:93:
                    ac:aa:e6:01:34:9e:04:bb:c4:6f:41:af:5b:05:6b:
                    34:de:0d:a8:8b:05:da:b8:90:86:68:16:c0:e7:f1:
                    5a:96:47:e3:3a:53:72:55:0c:44:82:65:9c:39:7e:
                    cc:77:7d:8b:5a:b7:28:62:42:78:4c:9e:42:f1:69:
                    52:72:03:86:37:ef:32:78:3b:51:19:91:82:00:02:
                    a9:de:f4:64:91:3b:4e:10:0c:59:11:c1:ca:a3:f2:
                    ef:82:d2:a4:0f:2f:ed:de:7e:36:56:3e:a0:b8:a9:
                    5a:2e:a5:87:68:db:20:39:e0:a5:0f:a1:2b:f5:c1:
                    27:fd:c3:dc:00:fb:3f:8f:cb:15:dd:e9:4b:94:42:
                    a1:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:C1:20:15:D6:1C:E5:99:08:8E:EE:FC:C6:D0:D5:38:B6:22:61:7E
            X509v3 Authority Key Identifier:
                keyid:00:08:58:94:96:BF:86:D2:D0:F8:87:4B:76:CA:C8:43:02:5B:CD:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:78:9d:b2:8c:dc:4b:15:f9:dc:06:c5:c0:70:f9:3e:e3:25:
         f6:3e:ea:45:b0:1a:c9:da:9d:95:a2:93:3e:09:ba:14:e3:25:
         fa:f8:4e:64:11:0d:22:12:88:d7:b6:89:30:12:0c:cb:cc:3a:
         bc:0b:9f:7c:4f:04:fb:c7:d3:e3:e7:0c:dd:d2:0a:5d:33:8b:
         3e:f7:1e:cb:a6:d3:9c:61:72:88:af:63:d3:95:75:c6:4e:f4:
         71:0b:03:3a:28:4b:de:b1:6a:2f:0a:40:fc:f8:01:15:69:0c:
         2b:b0:57:98:69:bd:a1:e4:bf:32:9e:60:4a:0d:ca:f1:95:63:
         e8:38:c9:af:f4:83:32:1d:3a:cf:16:6d:2d:ba:97:9e:b2:5d:
         7c:6c:4e:db:8e:ab:b6:9c:5f:d2:7b:c0:06:c5:a0:a6:05:82:
         99:ea:02:04:48:70:fb:82:07:38:9d:9a:39:04:e1:50:da:93:
         40:cc:d6:cd:52:70:c9:f0:9b:42:43:94:ab:16:d7:c4:ff:59:
         d9:6d:88:08:1c:55:de:73:ff:97:76:83:d4:28:93:85:90:91:
         c6:68:63:71:2d:1f:10:cb:6a:2a:8f:0f:17:dc:3b:ae:60:6f:
         5b:97:7f:da:cc:e4:6c:87:9b:e7:4c:55:99:ef:e7:f8:e1:50:
         2c:3e:34:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Dr24W2Syb4IHcTGjbBSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMDg1ODk0OTZiZjg2ZDJkMGY4ODc0Yjc2Y2FjODQzMDI1
YmNkM2IwHhcNMjUxMDE5MDYwMTExWhcNMjUxMDIwMDYwMTExWjAzMTEwLwYDVQQD
EyhhY2MxMjAxNWQ2MWNlNTk5MDg4ZWVlZmNjNmQwZDUzOGI2MjI2MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/wQDk8Bdal9gxDXxpP+kCEZeWmq
N/lyznSCwWUQhZPKAA0MnO8f403lUm0mReASceAPawUdawyD77gKdloQbGmKmOS+
pH8aSqs3Kv+/q5cEl2T1mzuLkLHJmDvMRCpEv6/gvtnjRZUYnZjXaGh3Iv8KCjSQ
mJOsquYBNJ4Eu8RvQa9bBWs03g2oiwXauJCGaBbA5/FalkfjOlNyVQxEgmWcOX7M
d32LWrcoYkJ4TJ5C8WlScgOGN+8yeDtRGZGCAAKp3vRkkTtOEAxZEcHKo/LvgtKk
Dy/t3n42Vj6guKlaLqWHaNsgOeClD6Er9cEn/cPcAPs/j8sV3elLlEKhpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzBIBXWHOWZCI7u/MbQ1Ti2ImF+MB8GA1UdIwQY
MBaAFAAIWJSWv4bS0PiHS3bKyEMCW807MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9kMWMwNmEtZGZhNS00Yzc4LTk4MGEt
NmJlMmY0ZDI0Yzk2LzEvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9kMWMwNmEtZGZhNS00Yzc4LTk4MGEtNmJlMmY0ZDI0Yzk2
LzEvQUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcnidsozc
SxX53AbFwHD5PuMl9j7qRbAaydqdlaKTPgm6FOMl+vhOZBENIhKI17aJMBIMy8w6
vAuffE8E+8fT4+cM3dIKXTOLPvcey6bTnGFyiK9j05V1xk70cQsDOihL3rFqLwpA
/PgBFWkMK7BXmGm9oeS/Mp5gSg3K8ZVj6DjJr/SDMh06zxZtLbqXnrJdfGxO246r
tpxf0nvABsWgpgWCmeoCBEhw+4IHOJ2aOQThUNqTQMzWzVJwyfCbQkOUqxbXxP9Z
2W2ICBxV3nP/l3aD1CiThZCRxmhjcS0fEMtqKo8PF9w7rmBvW5d/2szkbIeb50xV
me/n+OFQLD40jw==
-----END CERTIFICATE-----