Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
File:                     AguJY5thIAOqgSvktlIbVnhFao4.mft (raw, json)
Hash identifier:          /eI7CcJ2HrTTd4Rss8KvfrMuzT6wtD9guUYpyrlNfyM=
Subject key identifier:   02:C0:DB:6C:72:62:87:94:2D:BF:C3:4E:FE:E9:7E:F5:2C:CC:97:4A
Authority key identifier: 02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E
Certificate issuer:       /CN=020b89639b612003aa812be4b6521b5678456a8e
Certificate serial:       0199FD6B2C96A33DE537823C003E94579B22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
Manifest number:          0444
Signing time:             Sun 19 Oct 2025 17:01:23 +0000
Manifest this update:     Sun 19 Oct 2025 17:01:23 +0000
Manifest next update:     Mon 20 Oct 2025 17:01:23 +0000
Files and hashes:         1: AguJY5thIAOqgSvktlIbVnhFao4.crl (hash: uffVLFuU9t9IycCXlrlJPJdadlEnZjopSvcAwwBOUbk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:6b:2c:96:a3:3d:e5:37:82:3c:00:3e:94:57:9b:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=020b89639b612003aa812be4b6521b5678456a8e
        Validity
            Not Before: Oct 19 17:01:23 2025 GMT
            Not After : Oct 20 17:01:23 2025 GMT
        Subject: CN=02c0db6c726287942dbfc34efee97ef52ccc974a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:6e:d6:fd:8e:5f:31:eb:98:d4:f9:71:c5:44:
                    a9:ad:b5:80:4f:9f:e0:82:f1:d1:a2:ea:5f:77:47:
                    08:eb:a5:4d:37:b8:7a:ac:70:7a:f6:c9:e1:ca:a2:
                    4b:f7:a2:09:e9:7b:66:94:c6:5a:00:77:ed:cc:d4:
                    ca:c9:68:91:c1:73:2c:77:4e:1f:02:bd:af:4f:72:
                    33:27:47:34:6b:d8:2b:f3:4c:42:56:f5:ad:d5:9a:
                    8a:5e:3b:fb:d3:6e:54:09:33:f0:64:3f:4a:cd:78:
                    82:24:19:bd:52:70:4a:f1:62:ab:09:d9:b4:8a:62:
                    fb:5e:f6:e6:ee:7a:4b:53:c4:20:f9:52:11:c0:42:
                    11:5c:c1:d5:0b:03:96:2c:28:f0:2a:91:8f:7e:6a:
                    6a:51:2b:c3:38:6a:b4:93:af:38:0d:71:c8:c6:d1:
                    04:66:28:3c:ab:b3:91:69:c9:a1:dd:2e:41:a2:30:
                    46:57:93:94:c9:74:49:d4:01:6c:9a:d2:e7:04:c8:
                    b9:3f:cb:c7:76:9b:c4:4e:c4:4b:3c:7c:be:17:71:
                    c3:f6:72:8f:b6:15:04:d6:31:9f:1b:61:bb:57:9b:
                    16:f7:4b:85:3f:2a:d5:e0:0e:7d:f0:5e:68:62:e6:
                    b7:3f:95:23:87:5a:9e:1a:43:45:f4:dc:64:4e:d0:
                    6b:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:C0:DB:6C:72:62:87:94:2D:BF:C3:4E:FE:E9:7E:F5:2C:CC:97:4A
            X509v3 Authority Key Identifier:
                keyid:02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:ba:33:05:1c:ef:1b:83:dc:ac:0b:a1:35:d8:63:ce:bc:c0:
         42:f7:06:10:bc:e3:ad:f5:6e:d0:87:8e:c4:4d:bf:44:6f:da:
         9d:b1:24:ca:90:c5:b4:56:4d:e9:81:21:a2:5f:33:07:ab:8f:
         0c:bc:7c:78:9a:9a:59:95:03:40:6d:65:e2:f9:e6:bb:ae:c6:
         99:a0:dc:61:c3:4e:82:bf:0d:4b:a2:fc:aa:91:20:d8:ac:82:
         03:93:79:6f:5c:b7:ed:c5:bf:95:03:42:9d:87:24:41:63:4a:
         2a:2f:74:85:a6:29:58:4c:17:cd:a7:9b:6f:26:68:c0:eb:32:
         04:d2:9d:51:60:c6:f7:81:ef:4b:b6:15:95:14:20:58:1c:e2:
         9b:44:6c:35:cb:98:63:1d:0f:3a:9b:40:df:f4:13:94:27:6c:
         b3:c2:fe:68:81:c1:c1:9f:9e:4e:cc:ca:31:be:da:e1:22:46:
         df:97:c1:22:e6:a7:67:cc:01:f0:5e:08:e7:f6:72:97:5d:2f:
         2c:a7:08:77:52:c9:34:7b:c1:67:24:88:27:b5:d0:68:e2:5c:
         5a:ee:54:8f:c7:5c:b5:cd:d2:ae:db:d4:e8:21:e5:0e:41:de:
         0a:d8:49:cb:fa:48:4a:3f:77:00:fa:21:e3:b7:5c:c4:af:81:
         c4:09:69:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9ayyWoz3lN4I8AD6UV5siMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMGI4OTYzOWI2MTIwMDNhYTgxMmJlNGI2NTIxYjU2Nzg0
NTZhOGUwHhcNMjUxMDE5MTcwMTIzWhcNMjUxMDIwMTcwMTIzWjAzMTEwLwYDVQQD
EygwMmMwZGI2YzcyNjI4Nzk0MmRiZmMzNGVmZWU5N2VmNTJjY2M5NzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA227W/Y5fMeuY1PlxxUSprbWAT5/g
gvHRoupfd0cI66VNN7h6rHB69snhyqJL96IJ6XtmlMZaAHftzNTKyWiRwXMsd04f
Ar2vT3IzJ0c0a9gr80xCVvWt1ZqKXjv7025UCTPwZD9KzXiCJBm9UnBK8WKrCdm0
imL7Xvbm7npLU8Qg+VIRwEIRXMHVCwOWLCjwKpGPfmpqUSvDOGq0k684DXHIxtEE
Zig8q7ORacmh3S5BojBGV5OUyXRJ1AFsmtLnBMi5P8vHdpvETsRLPHy+F3HD9nKP
thUE1jGfG2G7V5sW90uFPyrV4A598F5oYua3P5Ujh1qeGkNF9NxkTtBrUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALA22xyYoeULb/DTv7pfvUszJdKMB8GA1UdIwQY
MBaAFAILiWObYSADqoEr5LZSG1Z4RWqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDIt
ZWJmMzI5ZTk2ODQ2LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDItZWJmMzI5ZTk2ODQ2
LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLozBRzv
G4PcrAuhNdhjzrzAQvcGELzjrfVu0IeOxE2/RG/anbEkypDFtFZN6YEhol8zB6uP
DLx8eJqaWZUDQG1l4vnmu67GmaDcYcNOgr8NS6L8qpEg2KyCA5N5b1y37cW/lQNC
nYckQWNKKi90haYpWEwXzaebbyZowOsyBNKdUWDG94HvS7YVlRQgWBzim0RsNcuY
Yx0POptA3/QTlCdss8L+aIHBwZ+eTszKMb7a4SJG35fBIuanZ8wB8F4I5/Zyl10v
LKcId1LJNHvBZySIJ7XQaOJcWu5Uj8dctc3SrtvU6CHlDkHeCthJy/pISj93APoh
47dcxK+BxAlpAg==
-----END CERTIFICATE-----