Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
File:                     aweCDo1ADzwl3dC-G0bFTpVZYKE.mft (raw, json)
Hash identifier:          jon+QsQUWuxSbYpTz1LsZ5BQVjdJx6B59pmaWRJzGPQ=
Subject key identifier:   A5:5D:F2:5B:4B:B4:FD:AB:77:74:96:FF:84:22:42:02:04:51:02:BD
Authority key identifier: 6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1
Certificate issuer:       /CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1
Certificate serial:       019A4DAB0BD2D135578A939C07BFE8363072
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
Manifest number:          0E26
Signing time:             Tue 04 Nov 2025 07:00:46 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:46 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:46 +0000
Files and hashes:         1: aweCDo1ADzwl3dC-G0bFTpVZYKE.crl (hash: 3sFL6lx9JSo/8Ojz7e+KwXMp/6B0XRGGW8erycVc3b4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:ab:0b:d2:d1:35:57:8a:93:9c:07:bf:e8:36:30:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1
        Validity
            Not Before: Nov  4 07:00:46 2025 GMT
            Not After : Nov  5 07:00:46 2025 GMT
        Subject: CN=a55df25b4bb4fdab777496ff84224202045102bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c9:2a:96:35:0a:1c:ca:0c:c2:89:62:7b:8d:
                    55:3c:34:6d:4e:f0:c2:dc:be:5b:ba:c1:91:3d:e0:
                    82:4b:93:04:14:00:8e:18:8a:6e:6e:c5:57:5d:1c:
                    d6:4b:26:34:1d:1b:a6:ae:40:bb:27:25:68:3f:5d:
                    12:f0:18:87:f9:c7:b4:1d:a0:ce:6c:48:46:fa:c2:
                    2e:22:f4:a6:6d:b4:cf:61:83:75:7d:f5:e5:65:4c:
                    c2:a6:d9:6e:f3:a4:85:d9:25:b3:9d:e2:f6:86:a7:
                    a3:90:fb:d1:a7:f0:a8:92:c8:25:17:97:51:88:3b:
                    6f:08:aa:eb:16:e9:f3:6e:dd:fd:2e:c5:eb:20:d6:
                    b0:9b:df:4a:70:bf:6b:db:9c:da:fd:86:1b:59:bd:
                    16:69:3a:57:66:13:fb:1d:1d:0a:6f:e7:1f:71:8a:
                    30:2d:9a:e1:0b:7f:53:17:58:0a:91:d9:39:2d:49:
                    81:7d:02:44:48:82:d4:87:32:d0:2f:06:35:71:e3:
                    b6:83:8e:9d:f3:72:15:8e:fa:52:77:a1:a1:d7:0d:
                    b8:ab:4c:03:0c:06:e8:fd:da:7b:97:c8:4e:60:33:
                    28:c9:e3:40:79:4d:f0:33:c9:48:40:7f:b6:b1:8e:
                    38:a2:30:18:b3:34:85:f1:e1:80:c6:81:8a:0b:0c:
                    ea:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:5D:F2:5B:4B:B4:FD:AB:77:74:96:FF:84:22:42:02:04:51:02:BD
            X509v3 Authority Key Identifier:
                keyid:6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:6a:37:dd:5c:90:75:ac:ed:d3:a6:4d:50:5f:6d:81:6c:a5:
         bb:2c:71:fc:b7:65:25:e1:db:fe:98:34:95:ae:6c:a4:cb:9d:
         51:5b:28:a2:29:3a:e2:05:d6:28:77:b1:df:2e:22:21:7d:1c:
         4f:63:33:7c:24:d3:05:3c:c8:fa:db:e1:18:ec:1b:78:2a:8e:
         86:6a:1e:1f:c1:2b:1a:c3:ec:0d:46:35:5e:2f:1c:8c:b2:13:
         f0:cb:56:0d:0e:48:30:76:6f:cd:1e:0e:92:89:72:bb:6e:29:
         de:51:42:ff:80:f9:e3:b4:21:7c:b6:1d:67:98:f5:a4:e5:1f:
         2e:de:cd:51:79:5f:6c:f5:3f:a8:cf:f0:3b:8c:48:d0:ec:0c:
         de:0e:d3:31:5b:e1:1e:12:32:2f:a0:74:ba:ee:89:50:8a:da:
         4b:50:76:ba:e2:a6:de:06:57:94:e8:c4:73:84:f0:28:ab:7f:
         07:86:a2:7e:19:54:2d:60:11:c3:9f:09:2a:a8:30:f6:8d:ad:
         00:6d:23:db:fd:90:e2:27:a4:0b:1a:78:95:f2:16:28:cb:7f:
         ac:81:19:14:12:e9:cc:c1:7a:e3:4e:fe:a0:a0:f7:5c:3d:f8:
         43:f2:de:25:16:b6:00:87:9e:b7:c7:d6:4d:b3:91:df:7a:aa:
         00:e7:93:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqwvS0TVXipOcB7/oNjByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMDc4MjBlOGQ0MDBmM2MyNWRkZDBiZTFiNDZjNTRlOTU1
OTYwYTEwHhcNMjUxMTA0MDcwMDQ2WhcNMjUxMTA1MDcwMDQ2WjAzMTEwLwYDVQQD
EyhhNTVkZjI1YjRiYjRmZGFiNzc3NDk2ZmY4NDIyNDIwMjA0NTEwMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuckqljUKHMoMwolie41VPDRtTvDC
3L5busGRPeCCS5MEFACOGIpubsVXXRzWSyY0HRumrkC7JyVoP10S8BiH+ce0HaDO
bEhG+sIuIvSmbbTPYYN1ffXlZUzCptlu86SF2SWzneL2hqejkPvRp/CoksglF5dR
iDtvCKrrFunzbt39LsXrINawm99KcL9r25za/YYbWb0WaTpXZhP7HR0Kb+cfcYow
LZrhC39TF1gKkdk5LUmBfQJESILUhzLQLwY1ceO2g46d83IVjvpSd6Gh1w24q0wD
DAbo/dp7l8hOYDMoyeNAeU3wM8lIQH+2sY44ojAYszSF8eGAxoGKCwzqEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVd8ltLtP2rd3SW/4QiQgIEUQK9MB8GA1UdIwQY
MBaAFGsHgg6NQA88Jd3QvhtGxU6VWWChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQt
NGQ0OTMwODJkYTFjLzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQtNGQ0OTMwODJkYTFj
LzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI2o33VyQ
dazt06ZNUF9tgWyluyxx/LdlJeHb/pg0la5spMudUVsooik64gXWKHex3y4iIX0c
T2MzfCTTBTzI+tvhGOwbeCqOhmoeH8ErGsPsDUY1Xi8cjLIT8MtWDQ5IMHZvzR4O
kolyu24p3lFC/4D547QhfLYdZ5j1pOUfLt7NUXlfbPU/qM/wO4xI0OwM3g7TMVvh
HhIyL6B0uu6JUIraS1B2uuKm3gZXlOjEc4TwKKt/B4aifhlULWARw58JKqgw9o2t
AG0j2/2Q4iekCxp4lfIWKMt/rIEZFBLpzMF6407+oKD3XD34Q/LeJRa2AIeet8fW
TbOR33qqAOeTdw==
-----END CERTIFICATE-----