Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
File:                     aaEKEpVYyDgLwT2axFQB0h2rnfA.mft (raw, json)
Hash identifier:          B0zGEfgUK6t1fQKq+yqkY7RO6PfVLARFx2vXOzyCA8k=
Subject key identifier:   13:EE:04:0D:07:8B:52:78:41:21:C0:EF:4C:C9:DF:22:21:79:64:87
Authority key identifier: 69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0
Certificate issuer:       /CN=69a10a129558c8380bc13d9ac45401d21dab9df0
Certificate serial:       019A4EF4D347276F5313541166D1DACFDC2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 13:00:58 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:58 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:58 +0000
Files and hashes:         1: aaEKEpVYyDgLwT2axFQB0h2rnfA.crl (hash: yHvVQJP1TXpGShbuKNUfgwOfYAtXZlUK/6Y2Xyhg6R0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:d3:47:27:6f:53:13:54:11:66:d1:da:cf:dc:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a10a129558c8380bc13d9ac45401d21dab9df0
        Validity
            Not Before: Nov  4 13:00:58 2025 GMT
            Not After : Nov  5 13:00:58 2025 GMT
        Subject: CN=13ee040d078b52784121c0ef4cc9df2221796487
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:44:0a:35:40:77:4a:58:98:67:62:f0:16:d5:
                    e8:c1:6d:89:15:e1:ec:e7:77:34:c8:5c:3b:30:48:
                    2c:4a:9b:84:7b:28:d2:81:1c:8f:a4:6a:d9:7a:f4:
                    9e:a9:c4:ad:1a:80:a5:26:86:a2:0c:42:2d:1e:a6:
                    6b:fc:61:bd:c6:7c:12:2b:38:4d:c2:94:89:c5:38:
                    da:4f:9c:bb:ff:4a:c9:1e:c3:da:1b:98:2a:2e:fe:
                    60:06:20:32:f3:fd:b5:69:ed:c8:9f:0f:4f:4f:58:
                    dc:a3:71:fb:de:0c:84:0a:bd:6e:b0:9e:40:35:41:
                    7d:50:52:25:e8:1a:03:c7:28:d2:a7:df:4a:fe:4c:
                    42:34:28:31:6a:82:ce:f5:4b:ea:bb:51:44:e2:86:
                    9a:f0:87:41:83:9d:a0:75:c8:9e:56:ba:2e:e3:5a:
                    4c:61:ad:cd:f3:e7:51:80:76:b0:79:bc:02:f7:f5:
                    12:60:ee:1d:1c:89:52:aa:12:fc:27:fa:4d:25:6c:
                    a3:11:44:7d:50:9e:4e:09:f9:cd:d1:ac:0f:d1:45:
                    3a:64:46:4d:17:1c:41:f9:05:5e:76:44:7d:34:0f:
                    6f:84:ca:72:d0:f6:cd:02:36:a3:c0:69:48:5e:74:
                    63:eb:5f:03:2f:be:09:49:76:5b:11:25:67:3b:5e:
                    24:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:EE:04:0D:07:8B:52:78:41:21:C0:EF:4C:C9:DF:22:21:79:64:87
            X509v3 Authority Key Identifier:
                keyid:69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:05:5a:e0:5e:92:ad:24:08:d6:0c:e7:81:89:00:2c:db:75:
         59:9f:56:04:de:1a:a0:53:42:b0:38:23:cf:ce:ab:a1:0a:24:
         c1:6d:43:8d:79:3a:ba:7c:58:36:70:fa:6f:c8:6d:da:5a:6f:
         83:ba:0e:f7:d7:af:0d:8a:bf:7f:2e:c6:6e:33:3f:4a:e9:a0:
         91:93:4b:8f:7f:57:fb:9b:80:d5:55:fe:c3:65:5c:8f:7c:76:
         ab:51:b6:19:10:36:7d:cb:eb:c8:ad:a8:81:cd:62:3a:e9:92:
         dc:df:2c:6e:e8:6d:f2:08:6f:aa:b3:25:7b:aa:4f:04:2a:dd:
         c4:60:79:7b:33:43:8b:35:4a:5b:d3:8f:7a:1b:f5:d8:52:68:
         75:7a:25:c0:50:be:99:dd:b5:99:b7:89:1d:3f:89:a3:b3:5e:
         ee:41:44:57:11:af:ef:01:f9:df:0e:69:75:6b:7b:4a:8b:2f:
         e4:ba:3b:4d:11:9b:4c:24:b4:80:50:bf:2a:3c:93:a7:52:7f:
         66:45:b4:9e:f7:5d:44:7c:94:4e:1e:c2:9b:b9:dc:23:87:e7:
         5b:f7:30:d2:fe:f9:1c:72:56:94:f3:4d:a0:40:f3:c9:fc:7f:
         3f:f5:ee:7b:da:bd:03:81:fa:58:1d:26:06:54:c2:05:2b:c6:
         92:7d:85:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9NNHJ29TE1QRZtHaz9wvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTEwYTEyOTU1OGM4MzgwYmMxM2Q5YWM0NTQwMWQyMWRh
YjlkZjAwHhcNMjUxMTA0MTMwMDU4WhcNMjUxMTA1MTMwMDU4WjAzMTEwLwYDVQQD
EygxM2VlMDQwZDA3OGI1Mjc4NDEyMWMwZWY0Y2M5ZGYyMjIxNzk2NDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEQKNUB3SliYZ2LwFtXowW2JFeHs
53c0yFw7MEgsSpuEeyjSgRyPpGrZevSeqcStGoClJoaiDEItHqZr/GG9xnwSKzhN
wpSJxTjaT5y7/0rJHsPaG5gqLv5gBiAy8/21ae3Inw9PT1jco3H73gyECr1usJ5A
NUF9UFIl6BoDxyjSp99K/kxCNCgxaoLO9Uvqu1FE4oaa8IdBg52gdcieVrou41pM
Ya3N8+dRgHawebwC9/USYO4dHIlSqhL8J/pNJWyjEUR9UJ5OCfnN0awP0UU6ZEZN
FxxB+QVedkR9NA9vhMpy0PbNAjajwGlIXnRj618DL74JSXZbESVnO14knQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBPuBA0Hi1J4QSHA70zJ3yIheWSHMB8GA1UdIwQY
MBaAFGmhChKVWMg4C8E9msRUAdIdq53wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWIt
ODc3YzY1YjAxNDU2LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWItODc3YzY1YjAxNDU2
LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHgVa4F6S
rSQI1gzngYkALNt1WZ9WBN4aoFNCsDgjz86roQokwW1DjXk6unxYNnD6b8ht2lpv
g7oO99evDYq/fy7GbjM/SumgkZNLj39X+5uA1VX+w2Vcj3x2q1G2GRA2fcvryK2o
gc1iOumS3N8sbuht8ghvqrMle6pPBCrdxGB5ezNDizVKW9OPehv12FJodXolwFC+
md21mbeJHT+Jo7Ne7kFEVxGv7wH53w5pdWt7Sosv5Lo7TRGbTCS0gFC/KjyTp1J/
ZkW0nvddRHyUTh7Cm7ncI4fnW/cw0v75HHJWlPNNoEDzyfx/P/Xue9q9A4H6WB0m
BlTCBSvGkn2F4g==
-----END CERTIFICATE-----