Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          R/ecWzZDtbk6Pe4UV/CjyrCdcha4JiQV7D3NIq/VPiI=
Subject key identifier:   CA:33:BC:3C:8E:C3:B0:8E:25:41:AB:3B:B6:7E:7C:87:21:22:D4:F3
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       0199FC8F7CEC7203C267948B65F4C95A5C12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          0641
Signing time:             Sun 19 Oct 2025 13:01:25 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:25 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:25 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: Wvb2v0320x0uo2KjLT22WMZRKrqKKKNdScbk5rqVRyg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:7c:ec:72:03:c2:67:94:8b:65:f4:c9:5a:5c:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Oct 19 13:01:25 2025 GMT
            Not After : Oct 20 13:01:25 2025 GMT
        Subject: CN=ca33bc3c8ec3b08e2541ab3bb67e7c872122d4f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f6:7f:3b:2f:1e:e9:fe:aa:ab:2c:6b:eb:a1:
                    5f:bd:e6:8f:8a:ea:67:0b:9f:a1:99:5a:c9:45:19:
                    be:1f:90:ba:4b:52:99:fd:2b:0a:20:ed:7b:07:e7:
                    82:fa:b2:e6:9b:95:3c:9d:fd:f7:c1:ff:d2:a9:57:
                    c7:16:67:94:b9:2a:e1:90:3a:04:59:ef:d0:6f:8f:
                    11:19:43:77:bf:43:2f:e8:ea:ba:07:9f:a2:c5:46:
                    1f:bb:71:98:51:68:14:03:cf:89:cd:84:4e:92:0a:
                    d6:a9:60:bb:ce:8b:96:40:2b:26:70:c5:cd:4a:61:
                    01:a9:bf:05:c7:6f:d8:55:ac:f2:5f:1e:ff:64:d4:
                    a7:81:4a:9c:aa:f4:c1:ea:01:b1:88:a2:d4:42:bc:
                    d4:e8:c1:3c:de:2f:bd:1b:12:59:7b:ce:8a:0b:16:
                    5b:47:7c:20:48:de:59:4d:43:cc:ef:a7:40:17:8e:
                    30:3a:22:e1:97:c9:99:68:e2:9c:4c:5a:4c:a5:93:
                    62:8a:35:2d:db:59:0a:dd:93:5d:2f:d4:5a:a3:47:
                    67:e6:1c:8d:8e:81:ba:ba:d4:80:25:16:84:b3:72:
                    70:d7:73:8b:ca:be:81:87:72:96:f1:92:8b:21:7c:
                    c0:74:ad:77:84:eb:71:31:c5:68:39:96:03:39:fb:
                    c5:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:33:BC:3C:8E:C3:B0:8E:25:41:AB:3B:B6:7E:7C:87:21:22:D4:F3
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:6d:18:58:4e:d0:0d:76:dd:01:55:96:b2:60:9d:27:e0:91:
         cb:4d:ce:9b:e5:f2:7e:9f:6a:76:cc:0f:06:56:dd:a4:c2:65:
         86:7c:f6:11:9b:40:a9:4b:9b:85:dd:be:3d:54:c3:16:b9:dc:
         4a:8f:a7:c9:28:b7:73:bf:36:6b:45:92:a9:a8:51:02:54:c0:
         08:00:5d:27:f6:37:c6:97:d0:43:1a:20:56:8f:57:6e:c0:be:
         30:0e:ac:dd:dc:53:ef:81:66:9e:3a:a8:49:46:56:6c:2b:98:
         ae:0a:27:e7:c4:af:2a:cf:06:98:d0:b4:41:e0:4e:fa:ac:2c:
         b5:7b:ea:c1:37:a8:23:f2:bd:85:01:50:40:46:2e:c6:a2:a4:
         40:40:e7:42:06:1e:95:91:79:bb:ca:8e:8d:1c:3c:bb:6d:50:
         9a:18:c4:5d:88:ef:94:fd:ac:db:1c:08:0b:22:3f:1f:c5:72:
         26:f6:d3:a0:be:31:b4:f2:dc:c4:17:f9:fc:0a:56:35:1d:0d:
         9f:bb:0d:7d:57:1d:7e:8b:aa:b3:ea:fe:7a:13:8a:69:54:38:
         48:fa:3e:33:fc:38:f9:b8:e5:c5:fc:63:ac:13:af:eb:c3:79:
         df:50:b1:e1:b2:4c:79:bb:f2:92:8c:5b:14:34:87:03:7e:c5:
         bc:8d:15:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j3zscgPCZ5SLZfTJWlwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjUxMDE5MTMwMTI1WhcNMjUxMDIwMTMwMTI1WjAzMTEwLwYDVQQD
EyhjYTMzYmMzYzhlYzNiMDhlMjU0MWFiM2JiNjdlN2M4NzIxMjJkNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/Z/Oy8e6f6qqyxr66FfveaPiupn
C5+hmVrJRRm+H5C6S1KZ/SsKIO17B+eC+rLmm5U8nf33wf/SqVfHFmeUuSrhkDoE
We/Qb48RGUN3v0Mv6Oq6B5+ixUYfu3GYUWgUA8+JzYROkgrWqWC7zouWQCsmcMXN
SmEBqb8Fx2/YVazyXx7/ZNSngUqcqvTB6gGxiKLUQrzU6ME83i+9GxJZe86KCxZb
R3wgSN5ZTUPM76dAF44wOiLhl8mZaOKcTFpMpZNiijUt21kK3ZNdL9Rao0dn5hyN
joG6utSAJRaEs3Jw13OLyr6Bh3KW8ZKLIXzAdK13hOtxMcVoOZYDOfvFLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMozvDyOw7COJUGrO7Z+fIchItTzMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKm0YWE7Q
DXbdAVWWsmCdJ+CRy03Om+Xyfp9qdswPBlbdpMJlhnz2EZtAqUubhd2+PVTDFrnc
So+nySi3c782a0WSqahRAlTACABdJ/Y3xpfQQxogVo9XbsC+MA6s3dxT74Fmnjqo
SUZWbCuYrgon58SvKs8GmNC0QeBO+qwstXvqwTeoI/K9hQFQQEYuxqKkQEDnQgYe
lZF5u8qOjRw8u21QmhjEXYjvlP2s2xwICyI/H8VyJvbToL4xtPLcxBf5/ApWNR0N
n7sNfVcdfouqs+r+ehOKaVQ4SPo+M/w4+bjlxfxjrBOv68N531Cx4bJMebvykoxb
FDSHA37FvI0VmA==
-----END CERTIFICATE-----