Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft
File:                     AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft (raw, json)
Hash identifier:          0DFcmGi7stQLhjNRulVhkUqn5GtLUTqL3G9Ov2Tjkfg=
Subject key identifier:   43:57:A9:D1:52:0B:95:87:F1:48:FF:2B:93:0F:3D:F3:20:E2:D5:42
Authority key identifier: 01:0D:68:A8:76:CF:57:93:FD:00:87:62:54:25:3D:38:27:79:02:7B
Certificate issuer:       /CN=010d68a876cf5793fd00876254253d382779027b
Certificate serial:       0198D7A90F2FE7211A5D62C94E6437BF799D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft
Manifest number:          03B1
Signing time:             Sat 23 Aug 2025 16:00:37 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:37 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:37 +0000
Files and hashes:         1: AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl (hash: 6gctvhJPZV0D6kLAI20bySkOw65fKnargI/Znr0C7bE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a9:0f:2f:e7:21:1a:5d:62:c9:4e:64:37:bf:79:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=010d68a876cf5793fd00876254253d382779027b
        Validity
            Not Before: Aug 23 16:00:37 2025 GMT
            Not After : Aug 24 16:00:37 2025 GMT
        Subject: CN=4357a9d1520b9587f148ff2b930f3df320e2d542
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:f5:39:45:06:74:99:71:9b:2a:00:5e:1d:b7:
                    3f:bc:b4:58:54:64:7c:b2:9a:38:30:41:95:74:a6:
                    92:ec:01:31:5b:ef:e9:05:90:31:a1:98:7a:ff:d1:
                    6f:0c:18:3c:54:7e:be:3d:ea:dd:85:4d:83:2d:82:
                    f9:d0:a1:f8:17:f2:e6:04:6f:96:47:c7:82:12:c6:
                    ac:a6:56:5d:77:b1:52:7a:d1:59:0f:75:58:d0:57:
                    99:fa:f6:06:03:c9:ea:5d:5c:9f:02:11:0e:a0:0e:
                    e8:8f:45:67:a8:f9:29:4b:72:07:bb:a2:a1:88:a6:
                    94:01:fb:82:f2:e6:8e:ee:a5:22:12:85:54:30:44:
                    51:1f:14:12:52:4b:d9:b7:c8:6c:68:b3:dc:48:66:
                    c3:09:d8:8d:86:a9:4d:ff:4d:a4:64:d8:06:68:28:
                    43:38:fb:81:48:9c:07:e8:bc:92:cc:b1:5e:a2:f7:
                    87:c1:a3:b5:36:fc:3b:89:f3:51:1a:8e:40:cc:c9:
                    15:fd:3b:a1:0c:d6:e7:02:4e:eb:cd:7c:7e:67:16:
                    1d:7f:dd:3f:1b:02:64:7e:9a:c2:14:a6:fc:af:19:
                    1b:10:a6:56:bf:40:c7:63:12:8d:6c:ac:d6:73:39:
                    6a:59:e1:10:40:19:81:4e:61:27:c8:85:62:e3:52:
                    17:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:57:A9:D1:52:0B:95:87:F1:48:FF:2B:93:0F:3D:F3:20:E2:D5:42
            X509v3 Authority Key Identifier:
                keyid:01:0D:68:A8:76:CF:57:93:FD:00:87:62:54:25:3D:38:27:79:02:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:f2:9e:69:d6:df:6b:f8:c3:4d:10:f9:aa:36:63:e2:9e:fe:
         f6:9a:05:48:7e:da:25:09:5d:ca:af:3f:97:6b:91:44:0d:c8:
         84:2b:01:30:18:29:af:7c:87:30:9d:dc:37:00:b8:19:a2:88:
         1d:f2:94:0b:32:11:f9:d9:e8:f2:7d:fc:a1:b0:ba:7f:a3:db:
         d8:bf:aa:e7:b3:4c:b7:1c:e5:b7:a3:12:67:2f:3f:f5:26:e8:
         94:c5:e2:5f:d1:17:66:b3:c4:cc:13:98:9f:74:c9:4d:3a:2c:
         b3:08:0e:71:be:17:c7:a0:4d:82:ef:2d:5e:aa:1a:16:d0:e9:
         d9:9b:42:32:d3:c1:b1:8b:a1:e3:54:02:6c:97:2b:28:03:07:
         ea:e5:a5:07:f8:cf:fc:a9:64:29:13:f6:66:36:2d:a3:cb:55:
         d4:ce:9e:ad:a0:bc:b5:29:05:60:48:a9:69:76:d2:c5:2d:87:
         05:e1:70:a0:45:95:d6:81:85:6b:0e:e5:af:44:98:4f:26:60:
         59:de:d9:dd:af:6b:da:dd:4c:36:68:07:42:77:5e:aa:8b:28:
         30:d7:29:72:e4:6a:29:7c:70:89:b4:ab:31:28:01:a6:4d:35:
         e6:dc:43:e2:28:db:be:60:36:82:4e:9d:a4:68:8b:47:55:78:
         e3:6e:b0:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqQ8v5yEaXWLJTmQ3v3mdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMGQ2OGE4NzZjZjU3OTNmZDAwODc2MjU0MjUzZDM4Mjc3
OTAyN2IwHhcNMjUwODIzMTYwMDM3WhcNMjUwODI0MTYwMDM3WjAzMTEwLwYDVQQD
Eyg0MzU3YTlkMTUyMGI5NTg3ZjE0OGZmMmI5MzBmM2RmMzIwZTJkNTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fU5RQZ0mXGbKgBeHbc/vLRYVGR8
spo4MEGVdKaS7AExW+/pBZAxoZh6/9FvDBg8VH6+PerdhU2DLYL50KH4F/LmBG+W
R8eCEsasplZdd7FSetFZD3VY0FeZ+vYGA8nqXVyfAhEOoA7oj0VnqPkpS3IHu6Kh
iKaUAfuC8uaO7qUiEoVUMERRHxQSUkvZt8hsaLPcSGbDCdiNhqlN/02kZNgGaChD
OPuBSJwH6LySzLFeoveHwaO1Nvw7ifNRGo5AzMkV/TuhDNbnAk7rzXx+ZxYdf90/
GwJkfprCFKb8rxkbEKZWv0DHYxKNbKzWczlqWeEQQBmBTmEnyIVi41IXywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENXqdFSC5WH8Uj/K5MPPfMg4tVCMB8GA1UdIwQY
MBaAFAENaKh2z1eT/QCHYlQlPTgneQJ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9jNDlkN2QtMWM1ZC00OGZiLWIwNzAt
ZDY1NzI5YmIyZGFjLzEvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9jNDlkN2QtMWM1ZC00OGZiLWIwNzAtZDY1NzI5YmIyZGFj
LzEvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj/Keadbf
a/jDTRD5qjZj4p7+9poFSH7aJQldyq8/l2uRRA3IhCsBMBgpr3yHMJ3cNwC4GaKI
HfKUCzIR+dno8n38obC6f6Pb2L+q57NMtxzlt6MSZy8/9SbolMXiX9EXZrPEzBOY
n3TJTTosswgOcb4Xx6BNgu8tXqoaFtDp2ZtCMtPBsYuh41QCbJcrKAMH6uWlB/jP
/KlkKRP2ZjYto8tV1M6eraC8tSkFYEipaXbSxS2HBeFwoEWV1oGFaw7lr0SYTyZg
Wd7Z3a9r2t1MNmgHQndeqosoMNcpcuRqKXxwibSrMSgBpk015txD4ijbvmA2gk6d
pGiLR1V4426waQ==
-----END CERTIFICATE-----