Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
File:                     XZOOJrKYSy-hYarAewS9uFCq3RY.mft (raw, json)
Hash identifier:          rlIIH7YjyEJ7RS/NR/KaGG+mBZ0pPRdyazz18aMksbg=
Subject key identifier:   8A:00:B1:A7:3E:E1:11:34:F8:9D:23:90:BA:58:83:A6:23:94:78:71
Authority key identifier: 5D:93:8E:26:B2:98:4B:2F:A1:61:AA:C0:7B:04:BD:B8:50:AA:DD:16
Certificate issuer:       /CN=5d938e26b2984b2fa161aac07b04bdb850aadd16
Certificate serial:       019A4DE215B847C44874C1807BFF1B75BC44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
Manifest number:          0AF2
Signing time:             Tue 04 Nov 2025 08:00:53 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:53 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:53 +0000
Files and hashes:         1: XZOOJrKYSy-hYarAewS9uFCq3RY.crl (hash: FB24QbBzqarB0V1RD83QhM5fzgs46P4S1zgjPkCbv3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e2:15:b8:47:c4:48:74:c1:80:7b:ff:1b:75:bc:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d938e26b2984b2fa161aac07b04bdb850aadd16
        Validity
            Not Before: Nov  4 08:00:53 2025 GMT
            Not After : Nov  5 08:00:53 2025 GMT
        Subject: CN=8a00b1a73ee11134f89d2390ba5883a623947871
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:da:4c:27:df:1b:e1:4e:85:d7:22:c5:8a:73:
                    99:3f:86:bb:93:09:1e:75:6d:2b:7a:f9:4e:36:4a:
                    7e:de:81:ca:04:c7:a2:1b:33:d2:a2:ec:7e:82:b3:
                    5d:92:e0:9f:ea:e1:52:17:5d:6e:ab:c3:2c:62:c2:
                    ff:6b:ff:5e:02:df:8b:22:b5:04:a8:48:5b:d6:5d:
                    e8:fb:0e:bd:ec:e3:ca:69:98:61:2a:b1:d3:ea:77:
                    a4:c0:2d:0d:dd:31:9c:22:10:9d:ac:c9:c6:c1:db:
                    d9:21:42:70:d2:63:f0:3b:f4:2f:a9:9a:80:a4:b6:
                    c7:75:d6:7b:07:2f:91:bc:4a:6e:67:82:45:df:42:
                    d4:5f:3d:1f:b0:3d:0e:8f:1c:5a:7b:89:c7:ba:02:
                    75:bc:a6:47:d2:68:d9:d9:f7:d2:9c:8f:26:6b:eb:
                    64:ec:43:93:3c:7e:19:14:39:2d:88:cf:b7:d2:bd:
                    bb:65:9c:f5:ae:09:59:9f:ea:f2:c5:39:ef:13:4b:
                    30:e0:91:f5:bf:e2:9d:b0:00:37:b3:7a:9c:11:9c:
                    9e:dd:1e:e6:7f:e9:5c:3a:c6:85:be:1a:5d:3d:84:
                    9e:70:73:49:91:48:e6:3f:6e:68:ff:e1:51:16:91:
                    43:8d:b3:8a:af:79:fd:bf:28:a9:93:68:d0:86:03:
                    29:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:00:B1:A7:3E:E1:11:34:F8:9D:23:90:BA:58:83:A6:23:94:78:71
            X509v3 Authority Key Identifier:
                keyid:5D:93:8E:26:B2:98:4B:2F:A1:61:AA:C0:7B:04:BD:B8:50:AA:DD:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XZOOJrKYSy-hYarAewS9uFCq3RY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/1be9f1-5c48-4427-a2b1-6ec7dbe27bb3/1/XZOOJrKYSy-hYarAewS9uFCq3RY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:49:47:a5:78:f0:02:f8:0a:5d:93:ab:83:8d:13:9c:85:94:
         43:cd:71:80:6f:42:07:3a:81:07:2a:8f:dd:d8:8c:95:08:85:
         1c:a2:0d:48:cf:0b:82:0f:4d:2d:bb:21:59:5f:23:c8:0b:52:
         dd:3d:98:2d:65:37:21:6e:e8:45:c9:c2:42:bb:95:01:4d:7d:
         68:aa:02:bb:5d:c3:7c:a7:db:df:c1:b1:91:78:76:ad:4f:d8:
         0e:09:ae:fb:ca:88:3f:24:99:f3:47:55:ef:d7:d7:f4:49:b2:
         68:7c:f6:e1:73:9c:f1:24:b2:06:b9:37:9f:ba:29:0a:e3:b9:
         0d:fa:76:ad:92:58:f0:85:c3:5b:51:d2:07:19:98:25:12:27:
         6d:32:8c:70:28:54:d8:37:ce:f8:bb:b0:02:33:4e:d0:bb:9d:
         5c:ff:d4:8b:03:c7:7d:ab:f7:c2:09:00:ed:e7:61:0c:e0:ca:
         04:29:26:39:bd:50:9b:48:f8:3d:d0:bb:dd:6f:e3:55:78:8b:
         63:2f:17:3e:b3:58:27:80:fe:a6:f3:d9:53:28:38:b4:39:b2:
         3f:1b:7d:46:54:7c:08:dd:9a:f4:40:5f:59:b8:d7:48:65:1f:
         ff:10:f6:6a:e0:85:67:93:99:bf:e1:02:b8:52:01:58:a3:7a:
         33:2f:7d:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4hW4R8RIdMGAe/8bdbxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOTM4ZTI2YjI5ODRiMmZhMTYxYWFjMDdiMDRiZGI4NTBh
YWRkMTYwHhcNMjUxMTA0MDgwMDUzWhcNMjUxMTA1MDgwMDUzWjAzMTEwLwYDVQQD
Eyg4YTAwYjFhNzNlZTExMTM0Zjg5ZDIzOTBiYTU4ODNhNjIzOTQ3ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NpMJ98b4U6F1yLFinOZP4a7kwke
dW0revlONkp+3oHKBMeiGzPSoux+grNdkuCf6uFSF11uq8MsYsL/a/9eAt+LIrUE
qEhb1l3o+w697OPKaZhhKrHT6nekwC0N3TGcIhCdrMnGwdvZIUJw0mPwO/QvqZqA
pLbHddZ7By+RvEpuZ4JF30LUXz0fsD0Ojxxae4nHugJ1vKZH0mjZ2ffSnI8ma+tk
7EOTPH4ZFDktiM+30r27ZZz1rglZn+ryxTnvE0sw4JH1v+KdsAA3s3qcEZye3R7m
f+lcOsaFvhpdPYSecHNJkUjmP25o/+FRFpFDjbOKr3n9vyipk2jQhgMpcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoAsac+4RE0+J0jkLpYg6YjlHhxMB8GA1UdIwQY
MBaAFF2TjiaymEsvoWGqwHsEvbhQqt0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xYmU5ZjEtNWM0OC00NDI3LWEyYjEt
NmVjN2RiZTI3YmIzLzEvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xYmU5ZjEtNWM0OC00NDI3LWEyYjEtNmVjN2RiZTI3YmIz
LzEvWFpPT0pyS1lTeS1oWWFyQWV3Uzl1RkNxM1JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqklHpXjw
AvgKXZOrg40TnIWUQ81xgG9CBzqBByqP3diMlQiFHKINSM8Lgg9NLbshWV8jyAtS
3T2YLWU3IW7oRcnCQruVAU19aKoCu13DfKfb38GxkXh2rU/YDgmu+8qIPySZ80dV
79fX9EmyaHz24XOc8SSyBrk3n7opCuO5Dfp2rZJY8IXDW1HSBxmYJRInbTKMcChU
2DfO+LuwAjNO0LudXP/UiwPHfav3wgkA7edhDODKBCkmOb1Qm0j4PdC73W/jVXiL
Yy8XPrNYJ4D+pvPZUyg4tDmyPxt9RlR8CN2a9EBfWbjXSGUf/xD2auCFZ5OZv+EC
uFIBWKN6My99Tg==
-----END CERTIFICATE-----