Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
File:                     aPw7CfVvin8ea-PJTw8IikKiy1s.mft (raw, json)
Hash identifier:          wiR4Aw24WVw9PUP+xDuhgZaqWSGiX5oNkMxE4CEE8Vc=
Subject key identifier:   C8:DE:9C:0B:B1:64:CC:A7:AB:8A:02:45:69:D3:76:C0:BE:55:8E:87
Authority key identifier: 68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B
Certificate issuer:       /CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
Certificate serial:       019A4FCFC1BFFADC4769ABA0560959D3FE75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
Manifest number:          08CB
Signing time:             Tue 04 Nov 2025 17:00:06 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:06 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:06 +0000
Files and hashes:         1: aPw7CfVvin8ea-PJTw8IikKiy1s.crl (hash: hVSnMdavDcl48TygKY2diydSbQdJ++1eLRUnxKwlDus=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:cf:c1:bf:fa:dc:47:69:ab:a0:56:09:59:d3:fe:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b
        Validity
            Not Before: Nov  4 17:00:06 2025 GMT
            Not After : Nov  5 17:00:06 2025 GMT
        Subject: CN=c8de9c0bb164cca7ab8a024569d376c0be558e87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c5:03:ea:bf:70:76:9c:5b:76:09:4d:8f:d1:
                    38:27:5c:e5:76:e7:9f:05:b3:35:57:94:73:76:da:
                    40:2d:8b:a3:4a:0a:ef:ef:86:a3:53:8b:91:59:f5:
                    ab:c1:ad:80:9d:dd:85:60:fa:25:50:b8:d0:66:a7:
                    37:9e:4c:9e:e0:29:a7:04:bb:9f:a8:95:2f:75:53:
                    b6:be:f0:de:8e:5d:6e:b5:3d:86:4c:63:a1:e8:e7:
                    dc:05:24:e4:6d:56:b4:61:71:54:f4:ec:64:3d:70:
                    e1:d9:b7:ce:45:8d:b6:0c:5d:84:30:3b:e0:50:da:
                    64:98:6d:86:4c:a9:74:ef:a6:d7:1e:48:b0:6d:5e:
                    fa:fb:4c:68:3f:fe:bc:df:a6:77:74:66:e2:e5:df:
                    7e:1b:26:ac:7c:34:53:8b:f0:d8:fb:df:17:65:82:
                    53:f1:6d:a0:ac:db:c6:b6:f9:d7:1c:06:c5:b7:bd:
                    d3:da:19:e3:8b:f4:d1:91:0c:f2:2e:bd:ba:be:65:
                    18:49:bd:11:67:54:3f:c4:eb:75:0c:d6:69:7c:e1:
                    2e:af:cf:74:67:2f:de:67:c9:b8:ab:c1:7b:c7:67:
                    4c:dd:ec:e2:27:03:89:ed:ec:7d:3b:8f:5e:f3:0d:
                    bd:d1:d0:e9:ef:2f:38:4f:60:64:28:95:ed:77:8c:
                    15:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:DE:9C:0B:B1:64:CC:A7:AB:8A:02:45:69:D3:76:C0:BE:55:8E:87
            X509v3 Authority Key Identifier:
                keyid:68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:c1:68:94:f4:3c:c1:32:42:12:1e:d4:44:70:0e:8f:9d:b4:
         74:63:39:09:56:b2:07:aa:3d:c9:1d:cd:9c:f1:38:e9:ce:e1:
         0c:b9:f4:b2:ad:c8:01:6b:d7:76:4d:1a:e2:46:5d:da:76:de:
         e9:71:4f:b4:b1:64:d8:ed:56:8a:f0:8d:c6:22:f5:cd:6c:c9:
         04:d8:f7:e4:a6:ea:82:c2:09:26:d9:fb:80:cf:27:a5:20:fe:
         28:b4:10:96:40:13:78:84:25:71:53:91:46:e0:c9:8b:03:20:
         ec:1c:45:dc:0e:15:bd:a9:cf:cc:32:41:eb:fa:79:32:bf:30:
         65:b7:5f:a1:a4:57:e3:91:a6:35:29:cc:f9:0d:cb:1b:fe:c4:
         3d:10:9f:55:fa:45:aa:57:c0:e2:7a:86:62:2e:de:85:76:a9:
         59:4e:9b:23:31:d3:a9:86:78:46:20:97:ad:39:fd:84:03:ca:
         cf:4c:68:3f:63:95:22:6e:e1:86:12:3a:96:5c:0e:27:8c:4b:
         df:1d:e3:0a:8c:80:ab:e0:36:2c:ef:55:c2:39:f7:5a:b3:97:
         e9:9e:66:6f:2c:87:5a:0d:03:5a:6e:a8:97:a2:58:5e:bd:3c:
         2a:8d:a8:e0:6d:81:05:30:25:10:19:3c:04:38:9b:8e:b1:fa:
         36:4f:56:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPz8G/+txHaaugVglZ0/51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZmMzYjA5ZjU2ZjhhN2YxZTZiZTNjOTRmMGYwODhhNDJh
MmNiNWIwHhcNMjUxMTA0MTcwMDA2WhcNMjUxMTA1MTcwMDA2WjAzMTEwLwYDVQQD
EyhjOGRlOWMwYmIxNjRjY2E3YWI4YTAyNDU2OWQzNzZjMGJlNTU4ZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMUD6r9wdpxbdglNj9E4J1zlduef
BbM1V5RzdtpALYujSgrv74ajU4uRWfWrwa2And2FYPolULjQZqc3nkye4CmnBLuf
qJUvdVO2vvDejl1utT2GTGOh6OfcBSTkbVa0YXFU9OxkPXDh2bfORY22DF2EMDvg
UNpkmG2GTKl076bXHkiwbV76+0xoP/6836Z3dGbi5d9+GyasfDRTi/DY+98XZYJT
8W2grNvGtvnXHAbFt73T2hnji/TRkQzyLr26vmUYSb0RZ1Q/xOt1DNZpfOEur890
Zy/eZ8m4q8F7x2dM3eziJwOJ7ex9O49e8w290dDp7y84T2BkKJXtd4wVVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjenAuxZMynq4oCRWnTdsC+VY6HMB8GA1UdIwQY
MBaAFGj8Own1b4p/HmvjyU8PCIpCostbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMt
Yzg1MzRhM2M5NDk4LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMtYzg1MzRhM2M5NDk4
LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw8FolPQ8
wTJCEh7URHAOj520dGM5CVayB6o9yR3NnPE46c7hDLn0sq3IAWvXdk0a4kZd2nbe
6XFPtLFk2O1WivCNxiL1zWzJBNj35KbqgsIJJtn7gM8npSD+KLQQlkATeIQlcVOR
RuDJiwMg7BxF3A4VvanPzDJB6/p5Mr8wZbdfoaRX45GmNSnM+Q3LG/7EPRCfVfpF
qlfA4nqGYi7ehXapWU6bIzHTqYZ4RiCXrTn9hAPKz0xoP2OVIm7hhhI6llwOJ4xL
3x3jCoyAq+A2LO9Vwjn3WrOX6Z5mbyyHWg0DWm6ol6JYXr08Ko2o4G2BBTAlEBk8
BDibjrH6Nk9W4Q==
-----END CERTIFICATE-----