Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
File:                     AquPiJLQHdTIQHJMu6uQwMpglDI.mft (raw, json)
Hash identifier:          CFLeKKBzvhdG0/9U40jwd8IrlGQZScsCc+FDhIZXSZo=
Subject key identifier:   F7:DA:D6:9A:43:EB:11:D5:61:6A:08:BB:9A:58:BD:DA:7C:D5:57:77
Authority key identifier: 02:AB:8F:88:92:D0:1D:D4:C8:40:72:4C:BB:AB:90:C0:CA:60:94:32
Certificate issuer:       /CN=02ab8f8892d01dd4c840724cbbab90c0ca609432
Certificate serial:       019A54C0CB1C348881E2DF961E3CA088BEEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
Manifest number:          170B
Signing time:             Wed 05 Nov 2025 16:01:52 +0000
Manifest this update:     Wed 05 Nov 2025 16:01:52 +0000
Manifest next update:     Thu 06 Nov 2025 16:01:52 +0000
Files and hashes:         1: AquPiJLQHdTIQHJMu6uQwMpglDI.crl (hash: xgOMtfiJk23a9oQfXLhLfTLOo9ZQyb5gpxl6wiCHNaQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:c0:cb:1c:34:88:81:e2:df:96:1e:3c:a0:88:be:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02ab8f8892d01dd4c840724cbbab90c0ca609432
        Validity
            Not Before: Nov  5 16:01:52 2025 GMT
            Not After : Nov  6 16:01:52 2025 GMT
        Subject: CN=f7dad69a43eb11d5616a08bb9a58bdda7cd55777
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a3:51:38:e9:c0:97:8b:4a:09:7a:74:4d:17:
                    a5:a3:0c:bf:61:f9:8d:e7:99:7f:b1:3c:ab:67:b6:
                    71:ec:16:e3:21:f2:8e:99:d0:05:5e:ea:e0:3a:29:
                    b3:19:6c:e3:9a:d8:9d:63:93:03:33:43:51:0f:10:
                    41:ce:1c:d4:3d:8a:18:bf:d2:fb:49:34:a6:d7:9b:
                    93:16:ae:1f:15:c9:0c:0b:cc:40:e5:41:32:40:47:
                    39:8f:41:2e:b3:95:f9:e1:83:99:05:89:d7:7a:a6:
                    a9:a3:cf:42:b9:4d:0d:c5:b8:7a:fb:a5:ff:57:48:
                    14:d3:e9:c6:1e:5d:62:c7:92:fd:70:7b:a8:23:51:
                    38:94:42:df:d4:12:3b:85:40:47:aa:80:ab:d5:85:
                    13:f5:12:3e:63:24:01:97:52:a8:4f:0a:9e:57:a4:
                    8e:d7:a9:27:7d:2b:19:8c:5a:69:a6:67:5f:16:1a:
                    67:91:43:5f:86:18:61:bf:e8:6a:c1:d7:93:be:7f:
                    b9:4d:c3:b0:7a:d7:bc:e8:e6:19:72:e3:1a:bf:28:
                    81:2e:d2:c7:3d:45:b9:f5:f4:92:1a:c0:72:46:b9:
                    9d:53:03:37:9b:e0:dd:3b:6e:08:50:bb:9f:da:e7:
                    3a:34:ed:ad:0f:08:6b:56:1f:b4:9d:11:85:fa:23:
                    5e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:DA:D6:9A:43:EB:11:D5:61:6A:08:BB:9A:58:BD:DA:7C:D5:57:77
            X509v3 Authority Key Identifier:
                keyid:02:AB:8F:88:92:D0:1D:D4:C8:40:72:4C:BB:AB:90:C0:CA:60:94:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:14:97:34:a1:e9:97:97:a3:3c:ab:5a:49:e8:df:9c:a4:2c:
         81:cc:44:70:0f:11:ed:bb:ef:df:da:51:de:70:7f:5f:a7:45:
         df:5e:bd:8d:6a:ad:58:5b:aa:57:79:b0:ac:1b:fc:6a:4d:3c:
         cc:e8:2b:91:1e:99:ee:8f:1d:5d:df:95:81:65:ce:01:a2:38:
         d9:3e:e7:70:2f:f2:72:1b:cb:dc:c7:55:7b:b5:cc:e9:b1:84:
         43:e8:b5:24:bb:69:5f:73:0c:09:14:d8:ec:d1:9a:7f:df:60:
         a9:87:90:82:40:f7:07:99:c1:99:63:4a:2a:de:81:b8:23:63:
         46:9a:cf:fe:78:d6:26:05:68:82:f1:c7:59:51:bb:84:5e:ad:
         6d:bd:0d:27:b7:32:39:a4:d8:b2:64:90:3e:f8:4e:ec:d1:d9:
         f3:95:f4:52:de:eb:d4:ed:96:a5:91:5d:88:a5:6f:56:08:3a:
         ce:83:91:6b:84:19:d4:ed:72:0f:91:19:2e:4b:59:d1:40:b4:
         ee:51:d1:fb:fa:e3:e6:5e:6a:30:2b:36:5b:b8:c1:94:f7:e4:
         11:4b:0f:8c:cc:e7:30:60:e3:2b:2f:e3:bd:de:40:8a:85:07:
         a8:3d:ce:4f:49:4d:9e:a5:cf:e0:ec:20:62:5f:e4:db:91:f1:
         b1:88:d4:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUwMscNIiB4t+WHjygiL7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYWI4Zjg4OTJkMDFkZDRjODQwNzI0Y2JiYWI5MGMwY2E2
MDk0MzIwHhcNMjUxMTA1MTYwMTUyWhcNMjUxMTA2MTYwMTUyWjAzMTEwLwYDVQQD
EyhmN2RhZDY5YTQzZWIxMWQ1NjE2YTA4YmI5YTU4YmRkYTdjZDU1Nzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaNROOnAl4tKCXp0TRelowy/YfmN
55l/sTyrZ7Zx7BbjIfKOmdAFXurgOimzGWzjmtidY5MDM0NRDxBBzhzUPYoYv9L7
STSm15uTFq4fFckMC8xA5UEyQEc5j0Eus5X54YOZBYnXeqapo89CuU0Nxbh6+6X/
V0gU0+nGHl1ix5L9cHuoI1E4lELf1BI7hUBHqoCr1YUT9RI+YyQBl1KoTwqeV6SO
16knfSsZjFpppmdfFhpnkUNfhhhhv+hqwdeTvn+5TcOwete86OYZcuMavyiBLtLH
PUW59fSSGsByRrmdUwM3m+DdO24IULuf2uc6NO2tDwhrVh+0nRGF+iNelwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfa1ppD6xHVYWoIu5pYvdp81Vd3MB8GA1UdIwQY
MBaAFAKrj4iS0B3UyEByTLurkMDKYJQyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTNhOTUtYjA1YS00ZmM0LTlkOTEt
ZTNiNzcwMTNmZGI3LzEvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTNhOTUtYjA1YS00ZmM0LTlkOTEtZTNiNzcwMTNmZGI3
LzEvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgxSXNKHp
l5ejPKtaSejfnKQsgcxEcA8R7bvv39pR3nB/X6dF3169jWqtWFuqV3mwrBv8ak08
zOgrkR6Z7o8dXd+VgWXOAaI42T7ncC/ychvL3MdVe7XM6bGEQ+i1JLtpX3MMCRTY
7NGaf99gqYeQgkD3B5nBmWNKKt6BuCNjRprP/njWJgVogvHHWVG7hF6tbb0NJ7cy
OaTYsmSQPvhO7NHZ85X0Ut7r1O2WpZFdiKVvVgg6zoORa4QZ1O1yD5EZLktZ0UC0
7lHR+/rj5l5qMCs2W7jBlPfkEUsPjMznMGDjKy/jvd5AioUHqD3OT0lNnqXP4Owg
Yl/k25HxsYjU5g==
-----END CERTIFICATE-----