Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          9iUIXls3Kvd2X9/XP+VeQPTWA4QaH2F6pIh8dHBGv4c=
Subject key identifier:   32:C0:CC:31:B6:4A:F6:91:4A:5D:B6:D1:92:71:AA:45:8B:79:4A:68
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       019A4DAA8138E47DD01C44E4188CDEAA5277
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          066B
Signing time:             Tue 04 Nov 2025 07:00:10 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:10 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:10 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: S+GiV5F/GWecMBOwEdV843Y6jt+68xxz+5oQM5XjwHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:81:38:e4:7d:d0:1c:44:e4:18:8c:de:aa:52:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Nov  4 07:00:10 2025 GMT
            Not After : Nov  5 07:00:10 2025 GMT
        Subject: CN=32c0cc31b64af6914a5db6d19271aa458b794a68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:fa:de:da:fa:36:d7:2f:9c:be:9d:3e:7c:98:
                    1b:4c:bd:63:d8:cd:6d:d9:cf:e7:16:f0:e8:42:84:
                    36:77:b7:e4:37:d1:08:88:36:68:c6:53:26:29:a0:
                    4c:5d:1c:b6:63:b5:e3:e2:ba:ba:14:d7:78:be:64:
                    94:b3:bb:1d:5c:a0:25:a9:e9:8d:40:c1:a2:63:b8:
                    c7:b0:77:ea:77:6c:f7:6f:20:de:cb:ba:f8:15:c4:
                    c5:cb:b2:82:dc:a6:50:62:8d:bc:44:04:c9:00:e9:
                    ee:e2:57:69:bc:2c:bb:0b:2c:ae:86:d7:d3:7e:be:
                    9e:f3:b2:9c:02:87:19:98:27:ed:06:b1:0b:22:71:
                    fd:24:19:69:93:5c:17:c2:5e:8a:b1:2c:c5:f0:3c:
                    98:4c:ba:0d:01:0b:ea:3f:80:d1:77:ef:aa:64:e1:
                    b4:9f:65:af:27:43:50:3a:ea:42:76:50:84:00:57:
                    19:3c:cc:85:a2:8a:a6:a3:04:7e:5e:cb:53:9a:d9:
                    70:b7:92:29:23:ac:8f:1e:eb:66:a5:5a:ee:2a:29:
                    85:13:eb:7b:87:16:54:05:9e:9e:71:ab:38:31:c4:
                    11:36:9e:95:27:0f:a7:6b:f5:bb:71:b8:3a:17:3a:
                    40:45:39:07:d7:22:dd:4a:1f:f4:e1:9a:f1:d1:82:
                    0e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:C0:CC:31:B6:4A:F6:91:4A:5D:B6:D1:92:71:AA:45:8B:79:4A:68
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:42:10:05:df:a2:a9:fb:01:ef:01:c9:d2:ad:58:7c:77:6a:
         8c:15:b5:09:bd:6f:27:2e:38:16:8b:59:dc:b5:c5:49:3c:f2:
         05:4e:f1:16:b0:da:ad:a7:f0:3a:44:f8:f5:41:bf:e7:e2:98:
         53:fa:80:f4:8e:29:09:33:e2:5a:c7:db:49:b9:3c:42:bc:ba:
         a4:04:39:a1:a7:c6:d3:7c:b8:f5:77:e3:87:35:0f:69:f2:c8:
         7d:fd:cd:81:ab:48:5f:9e:fb:17:cb:fe:63:6f:90:0b:d1:28:
         a0:32:84:70:e5:aa:de:33:bd:be:04:b3:78:68:a6:72:b3:22:
         b6:60:b9:a3:00:5e:f5:4b:6f:e9:d3:0a:7a:98:d1:57:79:8f:
         91:ff:a5:88:81:5a:a0:20:73:f1:aa:df:46:c7:19:6b:11:a9:
         c1:1e:d6:c7:d7:0b:81:31:f8:98:80:39:7d:1a:69:a4:bd:be:
         2d:b4:8a:8e:00:50:e4:58:d7:63:67:28:05:84:bc:46:cf:12:
         54:01:4d:76:ad:53:c0:2b:58:7e:49:38:d8:b8:9f:72:91:9f:
         b0:e3:a3:9a:a5:79:3c:0f:a3:5f:41:59:a8:bc:37:ca:fd:52:
         db:c3:38:3e:b2:53:88:f0:57:95:0e:29:fe:71:30:1b:43:87:
         7e:6e:73:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqoE45H3QHETkGIzeqlJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjUxMTA0MDcwMDEwWhcNMjUxMTA1MDcwMDEwWjAzMTEwLwYDVQQD
EygzMmMwY2MzMWI2NGFmNjkxNGE1ZGI2ZDE5MjcxYWE0NThiNzk0YTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPre2vo21y+cvp0+fJgbTL1j2M1t
2c/nFvDoQoQ2d7fkN9EIiDZoxlMmKaBMXRy2Y7Xj4rq6FNd4vmSUs7sdXKAlqemN
QMGiY7jHsHfqd2z3byDey7r4FcTFy7KC3KZQYo28RATJAOnu4ldpvCy7CyyuhtfT
fr6e87KcAocZmCftBrELInH9JBlpk1wXwl6KsSzF8DyYTLoNAQvqP4DRd++qZOG0
n2WvJ0NQOupCdlCEAFcZPMyFooqmowR+XstTmtlwt5IpI6yPHutmpVruKimFE+t7
hxZUBZ6ecas4McQRNp6VJw+na/W7cbg6FzpARTkH1yLdSh/04Zrx0YIO+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLAzDG2SvaRSl220ZJxqkWLeUpoMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZEIQBd+i
qfsB7wHJ0q1YfHdqjBW1Cb1vJy44FotZ3LXFSTzyBU7xFrDarafwOkT49UG/5+KY
U/qA9I4pCTPiWsfbSbk8Qry6pAQ5oafG03y49XfjhzUPafLIff3NgatIX577F8v+
Y2+QC9EooDKEcOWq3jO9vgSzeGimcrMitmC5owBe9Utv6dMKepjRV3mPkf+liIFa
oCBz8arfRscZaxGpwR7Wx9cLgTH4mIA5fRpppL2+LbSKjgBQ5FjXY2coBYS8Rs8S
VAFNdq1TwCtYfkk42LifcpGfsOOjmqV5PA+jX0FZqLw3yv1S28M4PrJTiPBXlQ4p
/nEwG0OHfm5zHQ==
-----END CERTIFICATE-----