Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
File:                     aWZ-UauBVWetZ8u10biJY4Nfqfc.mft (raw, json)
Hash identifier:          8bl9GnuGgN6fZF2pHV8C11eeYUmIqL4Oe62xaM82WqE=
Subject key identifier:   BC:F5:B8:BF:30:F0:FA:7B:EB:03:61:F8:CF:F0:1E:F0:E9:B8:09:07
Authority key identifier: 69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7
Certificate issuer:       /CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
Certificate serial:       019A4EF48A122A09F38D92C89C40F20E4598
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
Manifest number:          0E6D
Signing time:             Tue 04 Nov 2025 13:00:40 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:40 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:40 +0000
Files and hashes:         1: aWZ-UauBVWetZ8u10biJY4Nfqfc.crl (hash: /zz5Rc43vOT897xKL6BjO5iBy4/6JnNfvFzBrQiiiKo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:8a:12:2a:09:f3:8d:92:c8:9c:40:f2:0e:45:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
        Validity
            Not Before: Nov  4 13:00:40 2025 GMT
            Not After : Nov  5 13:00:40 2025 GMT
        Subject: CN=bcf5b8bf30f0fa7beb0361f8cff01ef0e9b80907
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:43:4c:ad:fb:07:28:2b:c4:94:7a:53:8e:d8:
                    5c:87:e6:93:1f:48:11:c6:2d:b9:57:06:67:ef:92:
                    d6:13:96:5a:21:b6:c7:5e:4e:e5:23:5a:bc:60:55:
                    2d:15:38:33:18:32:77:c2:df:db:26:ff:64:be:bd:
                    ea:65:52:45:83:fd:2c:60:05:cf:13:03:9f:0f:4b:
                    31:22:ca:46:bb:03:af:b7:fd:9e:9a:35:49:8f:d9:
                    eb:20:e2:c4:c9:09:bc:73:51:1f:ab:51:09:86:39:
                    3c:6a:4a:d5:38:5b:e5:71:33:60:72:eb:34:44:e8:
                    55:f1:6d:b1:2b:65:42:22:45:b8:6b:b7:b9:ce:e9:
                    28:a9:ec:52:b1:fa:1b:82:89:c7:e9:4b:89:b0:9d:
                    49:56:bb:7a:b3:b8:3b:48:17:c1:1a:78:63:a3:b7:
                    f8:3c:cf:13:a1:1c:1b:d4:18:40:ba:e2:4a:45:d0:
                    9d:3b:29:20:c7:1d:25:d9:37:14:fd:38:a9:6d:87:
                    5c:55:62:24:9b:41:29:25:4c:6d:29:85:6f:7d:1a:
                    5a:fc:0d:d0:fd:c2:e8:cb:53:db:16:fc:03:46:05:
                    dc:08:af:56:1d:8f:9c:a5:b2:25:16:24:03:da:ef:
                    74:a7:ea:3d:18:c7:6d:9d:c4:21:19:76:6d:4f:df:
                    58:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:F5:B8:BF:30:F0:FA:7B:EB:03:61:F8:CF:F0:1E:F0:E9:B8:09:07
            X509v3 Authority Key Identifier:
                keyid:69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:98:6d:62:50:c0:92:6f:b4:e7:97:27:23:1b:00:34:ec:8b:
         c9:a0:22:22:fc:86:45:ff:53:32:fa:7e:13:8b:bf:cd:fd:ed:
         06:3f:69:0b:73:64:ad:b5:7e:e5:8a:19:da:06:7d:ed:9d:fd:
         52:e6:9e:65:9a:7c:e3:14:6c:e7:62:20:54:9e:5e:aa:27:83:
         db:93:2e:88:bb:47:40:17:61:78:02:fe:86:76:c6:2d:bf:9c:
         42:bd:43:0c:cc:19:d6:cb:32:52:91:fe:8c:41:53:e6:03:98:
         85:ee:7a:b6:77:ce:aa:b8:cd:6a:18:3a:b6:05:ce:c5:02:5c:
         1b:10:fa:f8:40:b9:c6:a3:21:c4:68:b4:8f:44:d9:ca:93:54:
         b6:cb:58:03:49:cf:84:b8:ee:c0:43:a2:c1:59:42:20:2b:8f:
         bb:ea:1a:3a:35:a1:9f:1b:80:99:bf:4d:5c:98:23:9e:3e:6c:
         b8:e2:01:c3:15:fb:31:2b:32:3d:58:f4:0d:2c:75:ab:22:0c:
         19:b8:56:81:28:cd:45:c8:a8:a7:f4:b7:33:28:46:32:c5:e1:
         66:d1:ea:d2:b2:5e:f9:b6:d2:21:b5:4d:ae:df:92:96:d3:5b:
         22:1d:7f:6c:9c:af:90:11:aa:a6:c4:d4:f5:3f:7a:08:e9:01:
         d6:73:77:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9IoSKgnzjZLInEDyDkWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY3ZTUxYWI4MTU1NjdhZDY3Y2JiNWQxYjg4OTYzODM1
ZmE5ZjcwHhcNMjUxMTA0MTMwMDQwWhcNMjUxMTA1MTMwMDQwWjAzMTEwLwYDVQQD
EyhiY2Y1YjhiZjMwZjBmYTdiZWIwMzYxZjhjZmYwMWVmMGU5YjgwOTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUNMrfsHKCvElHpTjthch+aTH0gR
xi25VwZn75LWE5ZaIbbHXk7lI1q8YFUtFTgzGDJ3wt/bJv9kvr3qZVJFg/0sYAXP
EwOfD0sxIspGuwOvt/2emjVJj9nrIOLEyQm8c1Efq1EJhjk8akrVOFvlcTNgcus0
ROhV8W2xK2VCIkW4a7e5zukoqexSsfobgonH6UuJsJ1JVrt6s7g7SBfBGnhjo7f4
PM8ToRwb1BhAuuJKRdCdOykgxx0l2TcU/TipbYdcVWIkm0EpJUxtKYVvfRpa/A3Q
/cLoy1PbFvwDRgXcCK9WHY+cpbIlFiQD2u90p+o9GMdtncQhGXZtT99YNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLz1uL8w8Pp76wNh+M/wHvDpuAkHMB8GA1UdIwQY
MBaAFGlmflGrgVVnrWfLtdG4iWODX6n3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzct
YTdlM2M2YTg5MmVjLzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzctYTdlM2M2YTg5MmVj
LzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh5htYlDA
km+055cnIxsANOyLyaAiIvyGRf9TMvp+E4u/zf3tBj9pC3NkrbV+5YoZ2gZ97Z39
UuaeZZp84xRs52IgVJ5eqieD25MuiLtHQBdheAL+hnbGLb+cQr1DDMwZ1ssyUpH+
jEFT5gOYhe56tnfOqrjNahg6tgXOxQJcGxD6+EC5xqMhxGi0j0TZypNUtstYA0nP
hLjuwEOiwVlCICuPu+oaOjWhnxuAmb9NXJgjnj5suOIBwxX7MSsyPVj0DSx1qyIM
GbhWgSjNRciop/S3MyhGMsXhZtHq0rJe+bbSIbVNrt+SltNbIh1/bJyvkBGqpsTU
9T96COkB1nN3BA==
-----END CERTIFICATE-----