Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
File:                     AaVsQu18uWPyhVA87AYG1g0Ks4c.mft (raw, json)
Hash identifier:          G5bNxydTy2ORvipaz9JFzWQ4NWGdjYocRukgC6avlC4=
Subject key identifier:   3A:B2:07:52:F0:9A:27:69:BB:B0:24:0B:5D:33:45:B7:39:1E:FA:E4
Authority key identifier: 01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87
Certificate issuer:       /CN=01a56c42ed7cb963f285503cec0606d60d0ab387
Certificate serial:       019A4EF5BBBB557AE78B2E9463CD9980F442
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
Manifest number:          0FCE
Signing time:             Tue 04 Nov 2025 13:01:58 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:58 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:58 +0000
Files and hashes:         1: AaVsQu18uWPyhVA87AYG1g0Ks4c.crl (hash: euwFKsX0mwmlgbyXNGvoEPCKb2GPUa65v8+/pHLNS4A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:bb:bb:55:7a:e7:8b:2e:94:63:cd:99:80:f4:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01a56c42ed7cb963f285503cec0606d60d0ab387
        Validity
            Not Before: Nov  4 13:01:58 2025 GMT
            Not After : Nov  5 13:01:58 2025 GMT
        Subject: CN=3ab20752f09a2769bbb0240b5d3345b7391efae4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:1e:4b:15:10:d6:da:5e:2b:9c:c9:8e:02:db:
                    a1:70:0d:56:fe:50:55:05:77:49:d5:1d:ff:50:c2:
                    f0:cf:4e:f5:b0:f6:35:00:89:7f:f0:a1:44:1b:ac:
                    35:65:8f:34:e6:00:f4:83:d2:7e:13:b9:df:0a:1d:
                    73:19:04:f5:b1:ad:dc:00:3b:20:51:c8:56:4a:ec:
                    33:9f:83:7c:2b:2f:e2:75:28:e2:99:32:20:97:f8:
                    ef:a7:24:8a:a3:e7:29:20:25:37:91:eb:a3:bb:a8:
                    3d:fa:2a:bf:0e:09:19:d4:70:31:de:e9:85:06:e0:
                    28:ec:67:35:14:ab:e0:44:25:d2:b7:2c:0d:1c:4c:
                    ac:23:26:8b:e2:18:49:bc:54:25:56:ed:c7:7f:c2:
                    3d:44:a7:90:d7:d2:46:e9:96:4d:ab:4c:3d:3d:08:
                    71:ff:35:8d:b0:3b:d7:af:a6:f1:b6:73:97:66:7d:
                    08:d6:72:01:fe:01:14:ea:99:a8:c9:89:7e:62:8c:
                    6d:45:f9:eb:e6:2b:8c:d9:ca:6c:11:0a:ad:77:66:
                    3d:d5:b2:73:b7:b9:30:01:c2:23:53:0c:6c:67:df:
                    c5:7e:bd:31:93:e7:64:3a:80:b8:77:78:2d:5c:23:
                    bd:96:98:81:ad:95:bb:98:68:f9:93:44:fb:fa:54:
                    9f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B2:07:52:F0:9A:27:69:BB:B0:24:0B:5D:33:45:B7:39:1E:FA:E4
            X509v3 Authority Key Identifier:
                keyid:01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:26:05:c3:0c:ef:72:9b:67:b3:fd:8d:5c:98:a1:44:f6:4c:
         d9:e3:08:17:0a:89:4d:85:5b:70:a1:88:ff:6a:c3:98:d7:81:
         a0:28:66:90:e1:2d:ff:45:09:ce:17:dd:8a:8f:d0:8e:ca:d9:
         c0:8f:78:3e:e2:e9:12:b8:fe:97:72:37:65:2c:96:09:d9:0e:
         59:ee:a1:85:1a:57:03:af:06:59:83:02:23:7a:a9:d9:f4:5e:
         be:d9:e4:ab:33:d1:9d:af:0d:8e:1b:3c:af:fe:36:9f:4d:21:
         fd:df:7f:b2:c8:7a:e3:6a:c4:95:a1:ac:19:64:7c:5c:3b:8d:
         9c:88:f4:76:55:9e:a8:e7:7d:a1:0d:52:0e:08:82:d2:dc:db:
         36:2a:bf:7f:52:89:ba:ea:54:43:b6:71:8d:c4:ea:4d:fc:a8:
         b8:e4:28:46:8b:b6:9c:bf:ca:28:e3:92:b7:4d:40:d1:60:77:
         71:23:10:43:b3:2f:73:73:00:dc:7e:05:5d:7c:0a:d1:11:ed:
         02:d5:e8:12:73:43:00:83:ad:1d:78:c6:f2:5e:0d:d5:b2:30:
         8b:9c:5e:cb:3a:ac:2b:b0:96:a7:3c:99:ee:d5:64:69:12:d1:
         10:fd:0d:e9:ae:e6:2f:39:de:a1:1a:28:b6:7b:34:3a:6d:e5:
         70:2c:d0:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9bu7VXrniy6UY82ZgPRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYTU2YzQyZWQ3Y2I5NjNmMjg1NTAzY2VjMDYwNmQ2MGQw
YWIzODcwHhcNMjUxMTA0MTMwMTU4WhcNMjUxMTA1MTMwMTU4WjAzMTEwLwYDVQQD
EygzYWIyMDc1MmYwOWEyNzY5YmJiMDI0MGI1ZDMzNDViNzM5MWVmYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3x5LFRDW2l4rnMmOAtuhcA1W/lBV
BXdJ1R3/UMLwz071sPY1AIl/8KFEG6w1ZY805gD0g9J+E7nfCh1zGQT1sa3cADsg
UchWSuwzn4N8Ky/idSjimTIgl/jvpySKo+cpICU3keuju6g9+iq/DgkZ1HAx3umF
BuAo7Gc1FKvgRCXStywNHEysIyaL4hhJvFQlVu3Hf8I9RKeQ19JG6ZZNq0w9PQhx
/zWNsDvXr6bxtnOXZn0I1nIB/gEU6pmoyYl+YoxtRfnr5iuM2cpsEQqtd2Y91bJz
t7kwAcIjUwxsZ9/Ffr0xk+dkOoC4d3gtXCO9lpiBrZW7mGj5k0T7+lSfFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqyB1Lwmidpu7AkC10zRbc5HvrkMB8GA1UdIwQY
MBaAFAGlbELtfLlj8oVQPOwGBtYNCrOHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMt
ZWQwN2Y1Y2FkNmQ3LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMtZWQwN2Y1Y2FkNmQ3
LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWCYFwwzv
cptns/2NXJihRPZM2eMIFwqJTYVbcKGI/2rDmNeBoChmkOEt/0UJzhfdio/QjsrZ
wI94PuLpErj+l3I3ZSyWCdkOWe6hhRpXA68GWYMCI3qp2fRevtnkqzPRna8Njhs8
r/42n00h/d9/ssh642rElaGsGWR8XDuNnIj0dlWeqOd9oQ1SDgiC0tzbNiq/f1KJ
uupUQ7ZxjcTqTfyouOQoRou2nL/KKOOSt01A0WB3cSMQQ7Mvc3MA3H4FXXwK0RHt
AtXoEnNDAIOtHXjG8l4N1bIwi5xeyzqsK7CWpzyZ7tVkaRLREP0N6a7mLzneoRoo
tns0Om3lcCzQSA==
-----END CERTIFICATE-----