Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
File:                     AFA0jPYGQvVOyQck3niqoD3NOOE.mft (raw, json)
Hash identifier:          RKCoFvOjLChIgGk/j2K1lYTpHrxerGDcpvLTYVJwj18=
Subject key identifier:   58:6F:92:24:5E:5E:D8:A3:17:F6:46:3E:0F:FC:19:73:A8:B7:70:6A
Authority key identifier: 00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1
Certificate issuer:       /CN=0050348cf60642f54ec90724de78aaa03dcd38e1
Certificate serial:       019A4D065D31AAF8970EE56B9285E4AEE9E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
Manifest number:          0EB7
Signing time:             Tue 04 Nov 2025 04:00:53 +0000
Manifest this update:     Tue 04 Nov 2025 04:00:53 +0000
Manifest next update:     Wed 05 Nov 2025 04:00:53 +0000
Files and hashes:         1: AFA0jPYGQvVOyQck3niqoD3NOOE.crl (hash: uNtD1BBlac+T/TJ67cqTZj3Hi39iQmLsB+hTZMK6lmw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:06:5d:31:aa:f8:97:0e:e5:6b:92:85:e4:ae:e9:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0050348cf60642f54ec90724de78aaa03dcd38e1
        Validity
            Not Before: Nov  4 04:00:53 2025 GMT
            Not After : Nov  5 04:00:53 2025 GMT
        Subject: CN=586f92245e5ed8a317f6463e0ffc1973a8b7706a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:a3:43:69:78:81:c2:0f:f1:90:60:34:55:d2:
                    8d:62:09:f7:42:45:98:f8:1f:1e:22:01:cb:50:c0:
                    c7:c2:f5:95:a9:c8:0c:8c:03:af:da:f2:1e:36:8d:
                    a4:0a:f6:ea:c1:de:49:62:7d:ce:01:a8:80:f4:41:
                    37:b3:0f:53:b3:a4:97:bf:e8:bc:95:14:73:6d:a9:
                    76:5f:ee:a6:f2:96:57:2f:2f:30:09:ef:95:02:fe:
                    47:35:74:f9:4a:6d:fe:2b:4f:91:57:f4:b3:7e:78:
                    22:cf:86:58:4a:f0:70:84:01:63:27:bf:37:f1:50:
                    97:fd:09:29:60:44:23:4b:a1:16:a6:a1:15:34:11:
                    2e:15:6a:4f:f9:b4:5a:85:da:5a:cc:7f:47:61:f1:
                    80:f9:67:2b:8a:57:8e:36:d4:49:67:6e:ce:47:3c:
                    f2:77:13:13:0f:5f:4c:25:e9:12:11:65:94:02:8f:
                    8e:4e:43:47:8a:e0:e6:4b:cc:4e:dd:12:f7:63:19:
                    0f:d7:40:66:34:09:71:08:5d:68:ec:6b:f6:9f:34:
                    19:93:02:83:04:3d:63:2d:7b:8d:e6:85:5e:f0:da:
                    7e:3d:92:a0:80:a7:a4:24:ef:47:0a:f8:a7:f8:19:
                    e1:02:1a:27:9d:57:9c:17:7f:6f:5f:18:54:97:e6:
                    54:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:6F:92:24:5E:5E:D8:A3:17:F6:46:3E:0F:FC:19:73:A8:B7:70:6A
            X509v3 Authority Key Identifier:
                keyid:00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:d2:32:ed:06:bb:2a:f1:93:c6:ea:f7:4f:92:aa:2f:73:e2:
         09:14:46:64:53:77:87:b7:30:38:f7:82:ff:49:82:36:b8:f7:
         54:01:85:a7:1d:b2:b4:89:98:b0:e3:44:37:b8:6c:b6:0a:f8:
         f6:06:87:ae:67:6e:81:0e:d7:3d:bd:77:2b:f6:cb:97:79:8f:
         d7:47:d4:ca:49:cd:c3:2f:16:c9:82:ce:7f:36:96:89:40:85:
         21:f4:d0:6e:01:82:d1:bd:b9:a4:9c:ab:fb:20:0e:8f:d6:c8:
         96:c8:7c:84:90:fe:e3:09:cb:90:f8:1c:b4:a5:23:75:34:3e:
         eb:b2:d5:97:5a:53:0c:7c:30:03:5d:32:3f:b7:ee:33:13:c7:
         91:ed:0b:02:ee:16:6d:c8:07:81:91:ae:54:3a:90:0c:f7:28:
         3a:ff:14:56:ef:b0:e8:9a:e0:cb:9c:17:51:fc:62:36:3e:ac:
         8b:98:56:fa:da:7f:d3:e9:5e:5b:ed:1e:a9:9c:13:42:b7:ee:
         98:7e:37:7c:89:c7:5a:71:df:ba:3a:a5:f0:95:c5:5b:69:4e:
         ef:8b:8f:f2:45:78:96:b3:c8:65:dc:d7:59:90:8d:a3:c3:08:
         56:f7:76:f6:2d:0c:b4:f3:ab:6c:1f:3b:2f:8f:de:8f:5a:50:
         f0:d4:e9:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBl0xqviXDuVrkoXkrunhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTAzNDhjZjYwNjQyZjU0ZWM5MDcyNGRlNzhhYWEwM2Rj
ZDM4ZTEwHhcNMjUxMTA0MDQwMDUzWhcNMjUxMTA1MDQwMDUzWjAzMTEwLwYDVQQD
Eyg1ODZmOTIyNDVlNWVkOGEzMTdmNjQ2M2UwZmZjMTk3M2E4Yjc3MDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qNDaXiBwg/xkGA0VdKNYgn3QkWY
+B8eIgHLUMDHwvWVqcgMjAOv2vIeNo2kCvbqwd5JYn3OAaiA9EE3sw9Ts6SXv+i8
lRRzbal2X+6m8pZXLy8wCe+VAv5HNXT5Sm3+K0+RV/Szfngiz4ZYSvBwhAFjJ783
8VCX/QkpYEQjS6EWpqEVNBEuFWpP+bRahdpazH9HYfGA+WcrileONtRJZ27ORzzy
dxMTD19MJekSEWWUAo+OTkNHiuDmS8xO3RL3YxkP10BmNAlxCF1o7Gv2nzQZkwKD
BD1jLXuN5oVe8Np+PZKggKekJO9HCvin+BnhAhonnVecF39vXxhUl+ZUYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhvkiReXtijF/ZGPg/8GXOot3BqMB8GA1UdIwQY
MBaAFABQNIz2BkL1TskHJN54qqA9zTjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2Et
ZTU0YjA2YTkzNTI2LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2EtZTU0YjA2YTkzNTI2
LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYNIy7Qa7
KvGTxur3T5KqL3PiCRRGZFN3h7cwOPeC/0mCNrj3VAGFpx2ytImYsONEN7hstgr4
9gaHrmdugQ7XPb13K/bLl3mP10fUyknNwy8WyYLOfzaWiUCFIfTQbgGC0b25pJyr
+yAOj9bIlsh8hJD+4wnLkPgctKUjdTQ+67LVl1pTDHwwA10yP7fuMxPHke0LAu4W
bcgHgZGuVDqQDPcoOv8UVu+w6Jrgy5wXUfxiNj6si5hW+tp/0+leW+0eqZwTQrfu
mH43fInHWnHfujql8JXFW2lO74uP8kV4lrPIZdzXWZCNo8MIVvd29i0MtPOrbB87
L4/ej1pQ8NTpHg==
-----END CERTIFICATE-----