Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft
File:                     AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft (raw, json)
Hash identifier:          QxSiU4C8K/2qeNfBoW4kz1zzEsHObRoJ5yPJ5/Z+aoA=
Subject key identifier:   1A:F9:49:C3:67:15:C4:D0:CE:15:34:25:25:EA:B1:2B:09:1E:36:20
Authority key identifier: 01:0D:68:A8:76:CF:57:93:FD:00:87:62:54:25:3D:38:27:79:02:7B
Certificate issuer:       /CN=010d68a876cf5793fd00876254253d382779027b
Certificate serial:       019A02FE56426C404AAD3D0372CEC1F789A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft
Manifest number:          044C
Signing time:             Mon 20 Oct 2025 19:00:13 +0000
Manifest this update:     Mon 20 Oct 2025 19:00:13 +0000
Manifest next update:     Tue 21 Oct 2025 19:00:13 +0000
Files and hashes:         1: AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl (hash: 4SNQbKjsE1dmuuJt6d30DZHkldBfbF0StTbUzrDW4yc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 19:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:fe:56:42:6c:40:4a:ad:3d:03:72:ce:c1:f7:89:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=010d68a876cf5793fd00876254253d382779027b
        Validity
            Not Before: Oct 20 19:00:13 2025 GMT
            Not After : Oct 21 19:00:13 2025 GMT
        Subject: CN=1af949c36715c4d0ce15342525eab12b091e3620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:52:5c:d6:88:0f:54:c4:d5:e5:b4:b5:b8:97:
                    a4:b4:9b:60:f1:98:35:16:b8:75:f3:a3:9f:53:47:
                    bf:cf:bb:2e:d5:bb:09:57:86:7c:3f:fa:a2:43:88:
                    fc:15:2f:c1:38:47:88:2d:6a:fc:45:f9:10:cc:a0:
                    d0:df:28:83:7e:a2:0f:17:48:7f:e5:fe:b6:98:4f:
                    85:4e:e3:aa:4f:db:18:81:c5:88:d8:85:6a:d3:dd:
                    25:ea:da:c6:92:7c:42:85:d7:d8:29:c5:db:f3:32:
                    80:ea:7c:35:89:10:d7:41:2a:90:58:f9:ac:16:f7:
                    b4:ab:96:ce:18:f2:6a:e6:ea:1a:57:37:eb:f3:8c:
                    56:d3:94:70:8a:0e:66:04:82:68:91:24:8e:65:f4:
                    34:f1:d7:f1:66:08:55:5d:91:20:b6:f8:73:75:5b:
                    25:93:07:34:29:94:60:25:ed:91:1d:9c:98:40:16:
                    f9:bf:1c:82:4d:af:d7:a3:16:f8:09:ec:18:3f:c1:
                    d9:2f:40:ce:a3:89:0d:7d:3f:3c:a0:c9:c1:d6:4a:
                    14:52:9c:4d:0b:2c:06:0c:43:05:15:ab:b8:e2:d3:
                    db:6a:78:99:f3:a5:24:56:6f:d9:38:c2:db:26:d8:
                    a3:44:d5:97:ec:c9:15:d1:12:82:3f:f2:01:76:de:
                    c6:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:F9:49:C3:67:15:C4:D0:CE:15:34:25:25:EA:B1:2B:09:1E:36:20
            X509v3 Authority Key Identifier:
                keyid:01:0D:68:A8:76:CF:57:93:FD:00:87:62:54:25:3D:38:27:79:02:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:66:91:d0:09:12:db:47:45:7a:74:80:d7:a4:21:d1:b6:fc:
         34:9b:5b:9a:fd:b3:67:9e:b1:2a:5c:c0:15:b6:31:a2:be:9c:
         ad:11:1d:f3:60:e5:3d:45:ac:bf:a6:70:ee:b3:56:32:7f:34:
         b7:10:0b:2b:38:d0:a2:f8:5a:34:fd:dc:f4:af:52:ca:2b:e3:
         2b:68:31:ad:2e:b4:15:bf:26:c7:7a:b3:75:10:3f:f9:35:a8:
         6a:58:13:58:4f:39:fd:7b:b2:51:5a:cc:4b:42:87:fe:02:3e:
         88:ad:64:4d:49:45:53:4d:ae:0c:04:66:be:ce:7d:91:d1:6f:
         9b:29:e5:a1:06:69:bd:00:f5:23:2e:88:62:05:ce:06:15:f6:
         df:16:8a:99:aa:9e:f5:fa:77:d1:d6:bc:eb:7d:52:59:dc:05:
         fc:ad:6e:9f:81:c1:35:f5:cc:11:94:74:32:37:7d:2d:93:b0:
         19:cf:f2:ff:32:39:e0:cc:74:db:1f:05:49:70:5e:48:30:f9:
         bf:b7:91:07:e2:45:f8:18:be:c3:71:62:37:cc:46:38:a4:ed:
         c3:6b:c4:c4:74:00:62:77:44:57:1a:51:b4:c9:2d:e4:35:fe:
         54:95:67:da:dc:95:f8:d0:df:fa:98:69:61:aa:f0:e2:12:db:
         8c:ef:c5:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoC/lZCbEBKrT0Dcs7B94mkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMGQ2OGE4NzZjZjU3OTNmZDAwODc2MjU0MjUzZDM4Mjc3
OTAyN2IwHhcNMjUxMDIwMTkwMDEzWhcNMjUxMDIxMTkwMDEzWjAzMTEwLwYDVQQD
EygxYWY5NDljMzY3MTVjNGQwY2UxNTM0MjUyNWVhYjEyYjA5MWUzNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVJc1ogPVMTV5bS1uJektJtg8Zg1
Frh186OfU0e/z7su1bsJV4Z8P/qiQ4j8FS/BOEeILWr8RfkQzKDQ3yiDfqIPF0h/
5f62mE+FTuOqT9sYgcWI2IVq090l6trGknxChdfYKcXb8zKA6nw1iRDXQSqQWPms
Fve0q5bOGPJq5uoaVzfr84xW05Rwig5mBIJokSSOZfQ08dfxZghVXZEgtvhzdVsl
kwc0KZRgJe2RHZyYQBb5vxyCTa/Xoxb4CewYP8HZL0DOo4kNfT88oMnB1koUUpxN
CywGDEMFFau44tPbaniZ86UkVm/ZOMLbJtijRNWX7MkV0RKCP/IBdt7GEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBr5ScNnFcTQzhU0JSXqsSsJHjYgMB8GA1UdIwQY
MBaAFAENaKh2z1eT/QCHYlQlPTgneQJ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9jNDlkN2QtMWM1ZC00OGZiLWIwNzAt
ZDY1NzI5YmIyZGFjLzEvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9jNDlkN2QtMWM1ZC00OGZiLWIwNzAtZDY1NzI5YmIyZGFj
LzEvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXWaR0AkS
20dFenSA16Qh0bb8NJtbmv2zZ56xKlzAFbYxor6crREd82DlPUWsv6Zw7rNWMn80
txALKzjQovhaNP3c9K9SyivjK2gxrS60Fb8mx3qzdRA/+TWoalgTWE85/XuyUVrM
S0KH/gI+iK1kTUlFU02uDARmvs59kdFvmynloQZpvQD1Iy6IYgXOBhX23xaKmaqe
9fp30da8631SWdwF/K1un4HBNfXMEZR0Mjd9LZOwGc/y/zI54Mx02x8FSXBeSDD5
v7eRB+JF+Bi+w3FiN8xGOKTtw2vExHQAYndEVxpRtMkt5DX+VJVn2tyV+NDf+php
Yarw4hLbjO/F/w==
-----END CERTIFICATE-----