Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
File:                     AFA0jPYGQvVOyQck3niqoD3NOOE.mft (raw, json)
Hash identifier:          Rp2wvwDrvK3bSvXBoKbDoExVrX/PK6+orpD83Ok2Z3c=
Subject key identifier:   C2:30:A5:2D:43:B7:59:F4:0C:D4:93:43:1B:B4:A1:A4:50:37:EF:77
Authority key identifier: 00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1
Certificate issuer:       /CN=0050348cf60642f54ec90724de78aaa03dcd38e1
Certificate serial:       0199FDD9332B5B1C10C332D0A54CE949940A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
Manifest number:          0E8E
Signing time:             Sun 19 Oct 2025 19:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:34 +0000
Files and hashes:         1: AFA0jPYGQvVOyQck3niqoD3NOOE.crl (hash: kLL2ovyLo6nB/G3/x9ek4z25zROi3y3I7fPBHsv+8Io=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:33:2b:5b:1c:10:c3:32:d0:a5:4c:e9:49:94:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0050348cf60642f54ec90724de78aaa03dcd38e1
        Validity
            Not Before: Oct 19 19:01:34 2025 GMT
            Not After : Oct 20 19:01:34 2025 GMT
        Subject: CN=c230a52d43b759f40cd493431bb4a1a45037ef77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:4a:2f:7d:72:b7:16:bd:7d:24:ec:53:ef:2e:
                    a1:de:e3:b4:09:cc:ea:26:c7:50:50:1d:8c:81:4c:
                    6b:48:b1:5d:12:af:c9:32:e9:6a:a5:d6:21:97:ff:
                    8d:67:f9:bd:fd:9e:3e:7b:85:93:19:3d:7a:1c:6d:
                    6b:d1:2c:af:30:de:b0:55:f0:7e:7a:51:d0:c5:d4:
                    c6:d6:b2:b7:f3:51:79:f8:07:0b:0a:4c:f2:d1:83:
                    a3:f3:1f:ae:63:c1:dc:07:5a:23:3b:47:56:e4:61:
                    20:a4:a3:db:86:9a:08:06:f7:76:4f:f5:cb:8c:40:
                    a6:af:bb:a8:1d:1a:a3:fc:48:bb:c1:7d:91:1b:3a:
                    33:7b:45:e4:e2:04:aa:da:e5:35:25:26:ac:15:0a:
                    9c:0c:48:cb:f9:97:92:8f:6e:db:7b:20:13:5e:a7:
                    a6:38:b0:6d:f5:22:b0:98:95:a3:72:b8:4d:cd:d5:
                    44:fe:2f:a3:91:77:3e:03:8e:4b:80:e9:ac:80:9b:
                    6d:cf:18:4a:eb:ec:dc:7c:b4:f5:c6:fd:b7:7d:30:
                    1b:25:4d:75:b3:c3:38:a0:bb:f4:ba:df:27:5a:bd:
                    63:50:db:34:54:1e:be:a5:2a:8e:5f:5e:a0:d8:bf:
                    c6:7b:1d:71:a6:9a:ab:60:84:bd:11:a2:1e:4b:68:
                    84:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:30:A5:2D:43:B7:59:F4:0C:D4:93:43:1B:B4:A1:A4:50:37:EF:77
            X509v3 Authority Key Identifier:
                keyid:00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:2d:41:9f:69:89:50:8b:91:17:e2:1c:74:2e:df:a7:e1:c3:
         4c:72:11:7c:f4:eb:80:59:ab:14:6b:3a:dc:2f:ff:ca:a7:26:
         d4:78:6a:28:28:b2:be:d8:ce:03:6d:66:35:58:2a:fb:2c:b0:
         e8:71:24:c2:05:c5:59:4b:a5:09:c5:b5:0e:51:8b:17:6c:19:
         aa:25:2c:8e:54:98:dd:07:b2:91:ee:e1:50:9a:0d:43:c6:51:
         70:df:c7:04:b1:d8:ba:a4:80:2a:2a:fd:8c:d7:5f:10:f6:24:
         a2:9d:80:2a:de:e0:07:0d:23:ed:18:94:29:10:71:80:c4:14:
         52:9f:f6:c5:b9:47:ef:91:73:f8:7e:31:d4:c3:5a:24:a6:2b:
         a1:61:be:1c:77:02:18:f1:ad:7d:7b:60:86:db:9a:6e:80:c0:
         b7:d1:be:6b:71:09:70:61:24:8c:52:13:27:f9:c0:46:d1:3e:
         4f:05:86:ed:1b:4d:d5:0b:83:11:fe:32:0a:89:60:cd:92:46:
         ea:bf:68:2c:80:12:54:ac:5c:f5:1f:a6:93:0d:83:23:2e:43:
         4f:63:6c:90:77:62:88:f1:86:ff:7a:f5:28:b3:fb:0e:1b:48:
         49:a9:0b:1d:ce:a7:16:e5:38:25:0e:5c:13:65:6c:9a:a9:b5:
         aa:42:f6:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92TMrWxwQwzLQpUzpSZQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTAzNDhjZjYwNjQyZjU0ZWM5MDcyNGRlNzhhYWEwM2Rj
ZDM4ZTEwHhcNMjUxMDE5MTkwMTM0WhcNMjUxMDIwMTkwMTM0WjAzMTEwLwYDVQQD
EyhjMjMwYTUyZDQzYjc1OWY0MGNkNDkzNDMxYmI0YTFhNDUwMzdlZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUovfXK3Fr19JOxT7y6h3uO0Cczq
JsdQUB2MgUxrSLFdEq/JMulqpdYhl/+NZ/m9/Z4+e4WTGT16HG1r0SyvMN6wVfB+
elHQxdTG1rK381F5+AcLCkzy0YOj8x+uY8HcB1ojO0dW5GEgpKPbhpoIBvd2T/XL
jECmr7uoHRqj/Ei7wX2RGzoze0Xk4gSq2uU1JSasFQqcDEjL+ZeSj27beyATXqem
OLBt9SKwmJWjcrhNzdVE/i+jkXc+A45LgOmsgJttzxhK6+zcfLT1xv23fTAbJU11
s8M4oLv0ut8nWr1jUNs0VB6+pSqOX16g2L/Gex1xppqrYIS9EaIeS2iEzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIwpS1Dt1n0DNSTQxu0oaRQN+93MB8GA1UdIwQY
MBaAFABQNIz2BkL1TskHJN54qqA9zTjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2Et
ZTU0YjA2YTkzNTI2LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2EtZTU0YjA2YTkzNTI2
LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAki1Bn2mJ
UIuRF+IcdC7fp+HDTHIRfPTrgFmrFGs63C//yqcm1HhqKCiyvtjOA21mNVgq+yyw
6HEkwgXFWUulCcW1DlGLF2wZqiUsjlSY3Qeyke7hUJoNQ8ZRcN/HBLHYuqSAKir9
jNdfEPYkop2AKt7gBw0j7RiUKRBxgMQUUp/2xblH75Fz+H4x1MNaJKYroWG+HHcC
GPGtfXtghtuaboDAt9G+a3EJcGEkjFITJ/nARtE+TwWG7RtN1QuDEf4yColgzZJG
6r9oLIASVKxc9R+mkw2DIy5DT2NskHdiiPGG/3r1KLP7DhtISakLHc6nFuU4JQ5c
E2Vsmqm1qkL2MQ==
-----END CERTIFICATE-----