Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
File:                     AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json)
Hash identifier:          is2bBHMnORCncUcpZr/VqumT88bXka97ejMa71rU+eo=
Subject key identifier:   0C:88:12:E1:03:91:0F:FA:57:D4:5E:45:EE:F3:E5:47:F9:2A:8F:27
Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C
Certificate issuer:       /CN=0248417c7fe9ccec5b9daacc08fce799d673088c
Certificate serial:       019A4EF4905BF50B2E54C12F3002DE9EA2A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
Manifest number:          0F43
Signing time:             Tue 04 Nov 2025 13:00:41 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:41 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:41 +0000
Files and hashes:         1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: g7kaB1K6P/utojk0BnTo2/okW22Le3FQkfvoCXMFXP4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:90:5b:f5:0b:2e:54:c1:2f:30:02:de:9e:a2:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c
        Validity
            Not Before: Nov  4 13:00:41 2025 GMT
            Not After : Nov  5 13:00:41 2025 GMT
        Subject: CN=0c8812e103910ffa57d45e45eef3e547f92a8f27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:0e:48:97:53:2d:1c:63:6a:e7:23:81:c2:32:
                    09:1b:38:4a:5d:fb:6f:c9:90:16:c7:8e:fd:82:50:
                    4b:40:b5:72:67:41:47:af:17:d3:01:4b:c4:62:6e:
                    bb:5d:5f:44:66:2e:34:3a:e6:27:ee:d7:c4:87:94:
                    85:92:2a:4e:c2:9c:92:2a:ed:e1:00:7b:6c:a8:a0:
                    f2:7e:47:29:4a:ca:e5:96:84:b0:04:b1:fb:38:e8:
                    ba:73:d4:d1:24:5e:9e:03:38:02:f4:b6:5c:d4:ff:
                    e4:5b:74:6c:8b:34:e1:3c:e1:af:86:fc:61:df:2c:
                    16:b3:46:68:d1:ac:72:8e:f4:0e:b5:62:fe:74:0c:
                    8a:ec:e2:8c:dc:72:3b:a1:a0:03:bf:48:1e:db:3a:
                    73:aa:8c:dd:d1:06:f6:c1:98:1a:dd:0c:9c:06:a9:
                    49:81:eb:c8:9f:29:3e:ea:77:29:01:1f:fe:cc:60:
                    b8:df:4f:47:6e:ad:d7:42:42:55:f2:58:04:65:d9:
                    00:0b:3f:69:88:7b:a4:11:3d:3f:bb:9c:3c:90:48:
                    4a:1f:70:57:f0:99:6d:fd:f3:5e:9e:2c:3f:4d:b4:
                    10:b0:77:d5:b8:4b:47:14:a1:1c:21:32:9f:84:11:
                    4c:34:eb:57:ba:35:c9:fe:7d:82:10:79:34:4f:56:
                    6e:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:88:12:E1:03:91:0F:FA:57:D4:5E:45:EE:F3:E5:47:F9:2A:8F:27
            X509v3 Authority Key Identifier:
                keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:f7:75:6b:87:98:72:83:28:d4:f8:45:e6:97:40:b1:1f:f3:
         d3:b0:13:a8:3a:7b:43:e8:8c:ea:02:ac:10:b1:31:53:0d:8e:
         37:ad:cf:99:3b:98:e9:14:53:11:84:7f:6e:72:b6:75:64:c1:
         65:e1:90:e5:72:a7:f5:16:20:99:d0:f8:6c:55:15:55:40:47:
         95:ab:bc:1f:7a:72:4e:f5:47:9a:a8:72:07:a0:31:72:d2:2e:
         91:21:aa:1e:52:85:01:4b:b6:96:67:e8:ff:2d:6d:cc:61:72:
         60:87:bd:4f:9f:4d:1d:9f:2a:c9:56:5f:9a:bd:de:20:7a:f8:
         e4:04:b0:12:2d:09:15:36:4b:bc:c5:9b:b5:0e:6c:c3:f6:5d:
         fb:be:76:02:72:4c:01:d4:43:c2:07:ef:6e:3f:80:fd:8b:12:
         7a:58:46:bf:8d:e7:a4:a8:30:2f:6f:c5:74:ae:d2:61:fe:93:
         34:d7:10:de:14:98:93:f3:9a:d5:1f:75:32:3c:ea:94:88:de:
         e0:bb:29:18:f7:60:63:15:f0:01:63:62:f7:75:5d:23:f5:aa:
         ec:22:8f:65:9c:eb:8b:05:a9:4e:c5:93:25:2f:01:09:5b:7f:
         df:67:83:d2:35:aa:69:51:df:27:11:5a:f5:57:97:9f:92:50:
         e9:2f:c4:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9JBb9QsuVMEvMALenqKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3
MzA4OGMwHhcNMjUxMTA0MTMwMDQxWhcNMjUxMTA1MTMwMDQxWjAzMTEwLwYDVQQD
EygwYzg4MTJlMTAzOTEwZmZhNTdkNDVlNDVlZWYzZTU0N2Y5MmE4ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw5Il1MtHGNq5yOBwjIJGzhKXftv
yZAWx479glBLQLVyZ0FHrxfTAUvEYm67XV9EZi40OuYn7tfEh5SFkipOwpySKu3h
AHtsqKDyfkcpSsrlloSwBLH7OOi6c9TRJF6eAzgC9LZc1P/kW3RsizThPOGvhvxh
3ywWs0Zo0axyjvQOtWL+dAyK7OKM3HI7oaADv0ge2zpzqozd0Qb2wZga3QycBqlJ
gevInyk+6ncpAR/+zGC4309Hbq3XQkJV8lgEZdkACz9piHukET0/u5w8kEhKH3BX
8Jlt/fNeniw/TbQQsHfVuEtHFKEcITKfhBFMNOtXujXJ/n2CEHk0T1ZuvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyIEuEDkQ/6V9ReRe7z5Uf5Ko8nMB8GA1UdIwQY
MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt
NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2
LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPd1a4eY
coMo1PhF5pdAsR/z07ATqDp7Q+iM6gKsELExUw2ON63PmTuY6RRTEYR/bnK2dWTB
ZeGQ5XKn9RYgmdD4bFUVVUBHlau8H3pyTvVHmqhyB6AxctIukSGqHlKFAUu2lmfo
/y1tzGFyYIe9T59NHZ8qyVZfmr3eIHr45ASwEi0JFTZLvMWbtQ5sw/Zd+752AnJM
AdRDwgfvbj+A/YsSelhGv43npKgwL2/FdK7SYf6TNNcQ3hSYk/Oa1R91MjzqlIje
4LspGPdgYxXwAWNi93VdI/Wq7CKPZZzriwWpTsWTJS8BCVt/32eD0jWqaVHfJxFa
9VeXn5JQ6S/Eag==
-----END CERTIFICATE-----