Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
File:                     AhaSppUBf7XEv4wjgHjzA9j78Ic.mft (raw, json)
Hash identifier:          jbx8HERLTg+HniAzVAGlHaOgP58s9gNYF9+Z4+YI53Q=
Subject key identifier:   4F:38:72:C0:C0:CA:9E:F9:3F:97:19:FC:C7:89:ED:57:FA:D6:7E:60
Authority key identifier: 02:16:92:A6:95:01:7F:B5:C4:BF:8C:23:80:78:F3:03:D8:FB:F0:87
Certificate issuer:       /CN=021692a695017fb5c4bf8c238078f303d8fbf087
Certificate serial:       019A4EF49CB65AF5301756DC9179A826D947
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 13:00:44 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:44 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:44 +0000
Files and hashes:         1: AhaSppUBf7XEv4wjgHjzA9j78Ic.crl (hash: Qu04hqghlwuiCs+vtA+r9B234TkAKmL56NmfqDu5Bvs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:9c:b6:5a:f5:30:17:56:dc:91:79:a8:26:d9:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=021692a695017fb5c4bf8c238078f303d8fbf087
        Validity
            Not Before: Nov  4 13:00:44 2025 GMT
            Not After : Nov  5 13:00:44 2025 GMT
        Subject: CN=4f3872c0c0ca9ef93f9719fcc789ed57fad67e60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:68:65:9f:89:80:86:b0:2d:0e:2c:0e:3e:8e:
                    50:08:35:f8:d4:9b:54:b1:93:32:99:41:16:20:a9:
                    a9:6f:f2:be:ec:20:bc:4f:c7:d2:04:30:34:e1:3c:
                    e9:f1:84:ca:9f:93:4f:e2:6d:1a:c8:a8:38:25:f0:
                    66:fb:a9:72:11:f8:e7:36:79:13:64:54:1c:2b:ba:
                    f4:23:92:ca:17:b1:5b:de:8d:81:82:3b:32:6b:29:
                    86:ee:9b:98:ec:f9:28:12:95:9b:69:2d:ad:dd:bc:
                    32:84:10:7b:f1:be:c0:52:03:76:f3:40:e6:b9:67:
                    9e:b1:34:f9:6c:61:0f:f7:d1:09:79:7b:be:d5:0e:
                    ce:00:8f:f2:ec:e1:36:53:09:2c:04:ef:0b:5f:61:
                    28:aa:9b:f4:46:bb:5e:05:55:96:c3:24:6f:94:5c:
                    e1:ce:00:80:d3:40:bd:42:dd:b1:f2:39:e2:21:04:
                    79:9d:b6:f6:06:d7:26:dc:4a:bf:be:fd:89:bc:6f:
                    4d:37:31:28:70:d2:1c:10:89:9a:37:d8:e4:01:98:
                    f9:14:be:9b:d5:38:8a:74:57:b7:da:a1:20:7b:19:
                    28:0d:d1:aa:06:d6:17:95:c6:20:a4:a1:ae:20:02:
                    2c:1a:a4:4f:40:5b:b3:07:92:f1:ac:37:30:0a:2a:
                    5b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:38:72:C0:C0:CA:9E:F9:3F:97:19:FC:C7:89:ED:57:FA:D6:7E:60
            X509v3 Authority Key Identifier:
                keyid:02:16:92:A6:95:01:7F:B5:C4:BF:8C:23:80:78:F3:03:D8:FB:F0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:7e:05:b5:bc:64:a2:bb:bb:c4:b5:8e:6a:cd:c5:c5:52:77:
         81:f7:a7:23:ee:f3:22:c1:2c:bd:e4:78:25:08:30:7b:cd:c9:
         56:da:61:83:c2:61:ee:b1:69:7b:88:8c:f3:e4:be:99:bd:6d:
         57:d3:d8:4e:bf:a2:63:da:3c:38:e9:a0:36:18:96:c9:35:c1:
         45:41:f7:b9:40:c7:fd:e2:13:d0:d2:9a:a8:72:1d:b5:67:b5:
         a5:93:0f:99:7e:b5:2e:3f:2d:ea:b1:10:dc:91:28:50:c6:14:
         c9:0e:28:3a:9b:4d:5b:7a:51:4a:6c:a6:ce:dd:48:ed:a2:81:
         68:c2:9a:c3:6b:47:4a:c5:09:7d:90:ea:ff:af:6c:02:fb:39:
         d9:33:4e:4e:4e:bc:ef:78:9c:84:06:02:22:b5:b5:6c:42:f4:
         77:97:89:72:cf:17:53:96:8e:6b:c6:72:f6:9a:13:d5:d1:22:
         d6:02:3f:1f:89:7a:ac:a1:69:b0:38:b1:be:c7:8f:f4:28:0d:
         bf:50:9b:41:6e:a1:66:1a:7f:aa:57:d9:2c:0d:9c:d3:df:ef:
         2d:82:17:0b:77:0a:e7:f7:01:c8:3a:a3:03:8a:85:76:1a:ba:
         00:17:ab:63:6a:0a:2a:c0:29:46:47:da:6a:23:ed:a7:b2:40:
         ed:e8:52:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Jy2WvUwF1bckXmoJtlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTY5MmE2OTUwMTdmYjVjNGJmOGMyMzgwNzhmMzAzZDhm
YmYwODcwHhcNMjUxMTA0MTMwMDQ0WhcNMjUxMTA1MTMwMDQ0WjAzMTEwLwYDVQQD
Eyg0ZjM4NzJjMGMwY2E5ZWY5M2Y5NzE5ZmNjNzg5ZWQ1N2ZhZDY3ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2hln4mAhrAtDiwOPo5QCDX41JtU
sZMymUEWIKmpb/K+7CC8T8fSBDA04Tzp8YTKn5NP4m0ayKg4JfBm+6lyEfjnNnkT
ZFQcK7r0I5LKF7Fb3o2BgjsyaymG7puY7PkoEpWbaS2t3bwyhBB78b7AUgN280Dm
uWeesTT5bGEP99EJeXu+1Q7OAI/y7OE2UwksBO8LX2Eoqpv0RrteBVWWwyRvlFzh
zgCA00C9Qt2x8jniIQR5nbb2Btcm3Eq/vv2JvG9NNzEocNIcEImaN9jkAZj5FL6b
1TiKdFe32qEgexkoDdGqBtYXlcYgpKGuIAIsGqRPQFuzB5LxrDcwCipbbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE84csDAyp75P5cZ/MeJ7Vf61n5gMB8GA1UdIwQY
MBaAFAIWkqaVAX+1xL+MI4B48wPY+/CHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8xM2JlZDUtOGQzNC00ZDNkLThlMDUt
NDhkMjVjMGE0OTVmLzEvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8xM2JlZDUtOGQzNC00ZDNkLThlMDUtNDhkMjVjMGE0OTVm
LzEvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa34Ftbxk
oru7xLWOas3FxVJ3gfenI+7zIsEsveR4JQgwe83JVtphg8Jh7rFpe4iM8+S+mb1t
V9PYTr+iY9o8OOmgNhiWyTXBRUH3uUDH/eIT0NKaqHIdtWe1pZMPmX61Lj8t6rEQ
3JEoUMYUyQ4oOptNW3pRSmymzt1I7aKBaMKaw2tHSsUJfZDq/69sAvs52TNOTk68
73ichAYCIrW1bEL0d5eJcs8XU5aOa8Zy9poT1dEi1gI/H4l6rKFpsDixvseP9CgN
v1CbQW6hZhp/qlfZLA2c09/vLYIXC3cK5/cByDqjA4qFdhq6ABerY2oKKsApRkfa
aiPtp7JA7ehSCg==
-----END CERTIFICATE-----