Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
File:                     aaEKEpVYyDgLwT2axFQB0h2rnfA.mft (raw, json)
Hash identifier:          8RMBIX9HF0uCP+nd1Rk+TDMnN04bI+wnyB6hwFnk3ys=
Subject key identifier:   A0:21:01:94:13:64:07:CA:A6:46:1D:F1:6D:4F:E8:BF:04:BE:32:CF
Authority key identifier: 69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0
Certificate issuer:       /CN=69a10a129558c8380bc13d9ac45401d21dab9df0
Certificate serial:       0199FDD9E60B14F7E604F932179A37C25348
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 19:02:19 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:19 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:19 +0000
Files and hashes:         1: aaEKEpVYyDgLwT2axFQB0h2rnfA.crl (hash: f2dgOknnbkkjLralGfT9XVKVM5Tx9KrgakR11KUneAI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:02:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:e6:0b:14:f7:e6:04:f9:32:17:9a:37:c2:53:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a10a129558c8380bc13d9ac45401d21dab9df0
        Validity
            Not Before: Oct 19 19:02:19 2025 GMT
            Not After : Oct 20 19:02:19 2025 GMT
        Subject: CN=a0210194136407caa6461df16d4fe8bf04be32cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:2d:7b:40:e0:49:2f:1f:90:86:82:ff:3a:28:
                    f6:66:84:8a:3a:71:44:79:0d:0b:45:b6:f2:59:0a:
                    e9:94:02:22:18:5c:80:ec:cf:46:71:a0:fb:f7:3f:
                    ef:7a:8c:da:ca:97:4d:e5:54:aa:5f:c7:3b:8d:61:
                    2d:92:4a:1d:b3:4f:ea:7f:95:01:4a:9e:7f:ae:de:
                    7d:08:73:1e:c6:93:5d:bf:92:c7:e7:5c:d3:8c:2f:
                    ed:5c:0f:fa:34:34:40:22:80:57:5e:33:aa:83:05:
                    7b:7c:c8:17:98:63:17:74:7a:96:45:da:d2:7a:70:
                    85:65:34:44:fb:4b:69:36:0f:ef:71:bf:1a:bd:5f:
                    04:e9:ca:70:22:36:03:09:1a:fb:b5:59:79:74:90:
                    72:a6:80:be:0f:01:ff:70:b2:de:2d:af:f8:c5:b2:
                    45:bf:26:12:20:2a:6f:85:10:8d:79:29:53:f4:fa:
                    98:b0:bd:7e:93:87:fc:e5:db:b4:bc:7c:db:4a:dc:
                    a5:fa:f6:56:f5:3d:c3:d6:b4:dd:91:94:a2:41:32:
                    63:82:37:33:30:bb:2f:ab:32:f1:b0:e9:f5:c4:d3:
                    b0:dd:17:cd:6b:bc:02:a9:50:3f:8b:f5:fe:8c:61:
                    31:02:9b:cd:9a:e3:74:1b:44:a1:66:ef:aa:67:81:
                    64:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:21:01:94:13:64:07:CA:A6:46:1D:F1:6D:4F:E8:BF:04:BE:32:CF
            X509v3 Authority Key Identifier:
                keyid:69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:21:0e:69:f6:bf:a9:24:c8:18:0a:e5:80:fe:79:95:ee:8d:
         65:bc:63:cd:39:05:31:51:8a:53:fe:dd:c6:20:74:13:b4:fc:
         ec:94:0e:ce:b6:92:ea:5d:cc:2a:36:08:d9:a4:8a:92:ee:58:
         fa:c1:dd:ea:82:08:5f:6e:61:9c:6d:f0:47:9f:d8:5c:0d:3e:
         3f:6b:2b:a2:86:9a:a9:ab:74:60:bc:8a:00:41:5a:48:49:38:
         0d:0c:5f:7d:c4:c1:ec:31:3a:86:95:72:1e:e1:36:73:59:69:
         76:ef:02:d2:97:26:3a:c4:06:1a:67:1b:fd:82:b2:12:a3:76:
         94:bc:9f:c7:7c:95:6a:8d:66:34:35:0a:f8:e7:86:69:6a:3b:
         26:44:01:3e:28:d3:07:5f:e2:a4:ff:1f:b9:06:23:6f:d3:dd:
         06:b0:02:b0:d7:6f:de:51:af:02:3e:53:83:28:e8:10:75:da:
         13:63:86:13:10:97:54:61:91:33:be:e1:88:d4:7b:d0:14:9f:
         6b:2c:68:d4:1c:ed:e6:74:1f:06:0b:76:18:99:96:0c:92:09:
         cd:7d:87:55:4a:c1:2c:4c:20:0e:8a:e9:fb:d4:2d:39:a8:d6:
         23:8e:c0:0d:c8:ef:1a:5b:2d:22:51:8f:1f:fd:4b:46:13:45:
         05:75:74:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92eYLFPfmBPkyF5o3wlNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTEwYTEyOTU1OGM4MzgwYmMxM2Q5YWM0NTQwMWQyMWRh
YjlkZjAwHhcNMjUxMDE5MTkwMjE5WhcNMjUxMDIwMTkwMjE5WjAzMTEwLwYDVQQD
EyhhMDIxMDE5NDEzNjQwN2NhYTY0NjFkZjE2ZDRmZThiZjA0YmUzMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy17QOBJLx+QhoL/Oij2ZoSKOnFE
eQ0LRbbyWQrplAIiGFyA7M9GcaD79z/veozaypdN5VSqX8c7jWEtkkods0/qf5UB
Sp5/rt59CHMexpNdv5LH51zTjC/tXA/6NDRAIoBXXjOqgwV7fMgXmGMXdHqWRdrS
enCFZTRE+0tpNg/vcb8avV8E6cpwIjYDCRr7tVl5dJBypoC+DwH/cLLeLa/4xbJF
vyYSICpvhRCNeSlT9PqYsL1+k4f85du0vHzbStyl+vZW9T3D1rTdkZSiQTJjgjcz
MLsvqzLxsOn1xNOw3RfNa7wCqVA/i/X+jGExApvNmuN0G0ShZu+qZ4FkZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAhAZQTZAfKpkYd8W1P6L8EvjLPMB8GA1UdIwQY
MBaAFGmhChKVWMg4C8E9msRUAdIdq53wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWIt
ODc3YzY1YjAxNDU2LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWItODc3YzY1YjAxNDU2
LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuiEOafa/
qSTIGArlgP55le6NZbxjzTkFMVGKU/7dxiB0E7T87JQOzraS6l3MKjYI2aSKku5Y
+sHd6oIIX25hnG3wR5/YXA0+P2srooaaqat0YLyKAEFaSEk4DQxffcTB7DE6hpVy
HuE2c1lpdu8C0pcmOsQGGmcb/YKyEqN2lLyfx3yVao1mNDUK+OeGaWo7JkQBPijT
B1/ipP8fuQYjb9PdBrACsNdv3lGvAj5TgyjoEHXaE2OGExCXVGGRM77hiNR70BSf
ayxo1Bzt5nQfBgt2GJmWDJIJzX2HVUrBLEwgDorp+9QtOajWI47ADcjvGlstIlGP
H/1LRhNFBXV08A==
-----END CERTIFICATE-----