Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          sX3XxQUnZFjBYnkRRAIn82yp4gRlpGK3qd18GcJWYEk=
Subject key identifier:   B1:8D:31:D1:1C:3D:FB:FE:46:C9:DD:58:B3:C7:16:31:E3:0D:FE:C9
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       019A4F62BDD42E826A5EB10982E1D01D6272
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0C84
Signing time:             Tue 04 Nov 2025 15:01:02 +0000
Manifest this update:     Tue 04 Nov 2025 15:01:02 +0000
Manifest next update:     Wed 05 Nov 2025 15:01:02 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: A+ZghQOCt3x68egAEnJxpXLKJjClSlbByccIrugsWYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:bd:d4:2e:82:6a:5e:b1:09:82:e1:d0:1d:62:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Nov  4 15:01:02 2025 GMT
            Not After : Nov  5 15:01:02 2025 GMT
        Subject: CN=b18d31d11c3dfbfe46c9dd58b3c71631e30dfec9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c0:99:ac:93:df:f0:dd:84:f3:d4:45:6f:fc:
                    27:2b:be:00:7c:44:9c:50:65:92:0d:92:ce:5d:02:
                    6e:18:79:bc:75:f0:b2:06:2c:d8:18:a9:0b:2d:20:
                    80:10:30:48:5b:9d:02:86:1a:66:2d:39:b1:86:7b:
                    c5:04:19:e9:86:a3:44:8a:19:a3:d1:0b:f1:b4:a6:
                    6b:80:e1:21:4b:c3:da:41:88:db:5a:1e:b2:4f:10:
                    57:55:a5:db:9c:60:45:dc:a5:3f:47:64:39:f5:4d:
                    c5:31:8c:15:51:c8:5c:2c:e8:68:07:d6:17:31:b8:
                    87:94:35:66:b5:b8:f3:71:c5:72:14:a9:35:0b:af:
                    c1:d1:61:95:f3:83:e4:72:17:6a:be:be:61:be:59:
                    5e:c8:47:4a:39:a6:43:fa:7f:0a:0c:94:97:e1:82:
                    02:22:fe:4b:22:a0:f6:95:8e:83:97:5d:7f:84:cf:
                    50:38:36:43:de:15:2c:66:06:90:4b:4b:94:ae:80:
                    a0:0b:cf:a2:64:c5:fb:7c:62:76:d5:ef:0d:78:02:
                    22:72:c1:73:49:4a:e5:db:91:20:22:d5:91:e3:41:
                    bd:33:07:0e:ba:d2:1f:1f:5c:ec:76:91:6c:43:48:
                    82:58:2f:2b:3f:55:1a:2d:39:55:bc:23:35:56:7e:
                    f5:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:8D:31:D1:1C:3D:FB:FE:46:C9:DD:58:B3:C7:16:31:E3:0D:FE:C9
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:28:3c:04:64:fa:48:ae:3b:06:10:3b:19:69:41:59:0f:5c:
         c2:b4:1f:53:30:1b:fd:9d:95:e4:5a:30:53:0a:49:34:45:a4:
         fd:fb:7c:3e:24:c6:db:ab:95:1d:3a:4d:20:9a:f7:a8:87:d9:
         97:91:c6:86:aa:2c:30:1a:95:6d:20:dd:50:fb:2a:11:f1:19:
         3b:47:63:96:93:14:06:91:8a:7f:2f:cd:3b:a2:75:75:3f:e3:
         c9:44:a2:6e:78:bc:c9:42:52:c3:2b:8f:79:62:2f:90:14:63:
         05:14:27:96:e4:a8:f9:3b:52:ee:d0:cc:b2:89:62:d0:89:6a:
         38:f6:fc:b6:d9:6d:9e:a3:b5:16:e4:52:f1:1b:7a:eb:82:b6:
         54:c1:df:be:86:49:29:42:05:33:f0:ff:47:d1:bd:68:5f:5b:
         0d:05:cd:00:e1:bf:5a:cb:4e:97:86:82:53:cd:da:58:b4:4d:
         69:ec:67:da:ae:d5:67:81:58:51:c9:f8:20:4b:b3:be:cd:4d:
         74:cd:2f:1a:bf:4b:14:fa:be:eb:5d:c2:20:9a:cb:e3:ec:96:
         1a:86:5f:0a:3b:dc:64:54:8a:5c:41:73:09:fe:b8:e7:2d:98:
         7f:15:d2:9f:53:63:48:12:cd:75:2b:85:0b:ae:f2:c8:3f:8e:
         2f:8c:67:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYr3ULoJqXrEJguHQHWJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUxMTA0MTUwMTAyWhcNMjUxMTA1MTUwMTAyWjAzMTEwLwYDVQQD
EyhiMThkMzFkMTFjM2RmYmZlNDZjOWRkNThiM2M3MTYzMWUzMGRmZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycCZrJPf8N2E89RFb/wnK74AfESc
UGWSDZLOXQJuGHm8dfCyBizYGKkLLSCAEDBIW50ChhpmLTmxhnvFBBnphqNEihmj
0QvxtKZrgOEhS8PaQYjbWh6yTxBXVaXbnGBF3KU/R2Q59U3FMYwVUchcLOhoB9YX
MbiHlDVmtbjzccVyFKk1C6/B0WGV84Pkchdqvr5hvlleyEdKOaZD+n8KDJSX4YIC
Iv5LIqD2lY6Dl11/hM9QODZD3hUsZgaQS0uUroCgC8+iZMX7fGJ21e8NeAIicsFz
SUrl25EgItWR40G9MwcOutIfH1zsdpFsQ0iCWC8rP1UaLTlVvCM1Vn71cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGNMdEcPfv+RsndWLPHFjHjDf7JMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnig8BGT6
SK47BhA7GWlBWQ9cwrQfUzAb/Z2V5FowUwpJNEWk/ft8PiTG26uVHTpNIJr3qIfZ
l5HGhqosMBqVbSDdUPsqEfEZO0djlpMUBpGKfy/NO6J1dT/jyUSibni8yUJSwyuP
eWIvkBRjBRQnluSo+TtS7tDMsoli0IlqOPb8ttltnqO1FuRS8Rt664K2VMHfvoZJ
KUIFM/D/R9G9aF9bDQXNAOG/WstOl4aCU83aWLRNaexn2q7VZ4FYUcn4IEuzvs1N
dM0vGr9LFPq+613CIJrL4+yWGoZfCjvcZFSKXEFzCf645y2YfxXSn1NjSBLNdSuF
C67yyD+OL4xnMA==
-----END CERTIFICATE-----