Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
File:                     MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json)
Hash identifier:          agk07h3D2yv5D7kf1JnpUvVKfJdekftMxZGzNPEkN8Q=
Subject key identifier:   94:9C:A4:42:D4:26:45:C0:E8:CD:74:77:78:FA:D3:42:C3:FA:D6:C1
Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58
Certificate issuer:       /CN=30aab02b654e915cadca339292e28c15c47df858
Certificate serial:       019A515139C3DCE82D4D78E6D9E8730D6DE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
Manifest number:          0570
Signing time:             Wed 05 Nov 2025 00:01:08 +0000
Manifest this update:     Wed 05 Nov 2025 00:01:08 +0000
Manifest next update:     Thu 06 Nov 2025 00:01:08 +0000
Files and hashes:         1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: LQ3BqrGKF9R0Xh0iWpB1U8nhhayDgWgwlVR1D4neUXA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:51:39:c3:dc:e8:2d:4d:78:e6:d9:e8:73:0d:6d:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30aab02b654e915cadca339292e28c15c47df858
        Validity
            Not Before: Nov  5 00:01:08 2025 GMT
            Not After : Nov  6 00:01:08 2025 GMT
        Subject: CN=949ca442d42645c0e8cd747778fad342c3fad6c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:26:88:4c:f4:59:3b:b5:51:e9:dd:91:f5:7f:
                    03:8c:5c:97:92:6d:a3:82:fc:19:3c:37:9e:39:fb:
                    a4:20:49:ea:ce:cc:4f:82:41:e1:63:b3:c2:44:82:
                    f8:a8:fd:f4:00:3b:8a:d1:65:bc:19:06:f2:f7:4b:
                    f8:5e:8e:12:f7:67:51:5d:76:25:d7:f9:39:eb:7e:
                    62:20:8e:e4:05:b6:02:84:0a:8f:bf:98:dc:55:3b:
                    4d:7a:18:d0:4c:87:69:14:df:83:ea:55:61:df:07:
                    0d:3c:fe:01:88:c3:85:c6:33:b4:b0:da:f1:a0:aa:
                    9c:bd:27:6a:3e:19:dc:fe:4d:f1:c2:10:a4:2d:62:
                    73:33:2d:45:94:b4:4e:a3:b1:bb:d3:31:c4:1a:c4:
                    37:ef:9c:88:24:1c:92:ea:36:24:21:9d:66:49:52:
                    e1:30:ab:f4:d1:a6:7a:21:a5:c7:bc:91:84:b4:64:
                    0a:d9:5d:05:ae:27:30:68:a9:44:25:39:4b:ab:bc:
                    d3:20:76:02:6e:cd:15:d1:e0:f0:27:c3:05:64:f9:
                    c4:a0:99:e3:f3:90:23:c9:90:c2:c1:5c:ef:a8:1f:
                    ae:cf:d1:c4:71:aa:0c:b1:7a:b1:d5:b0:dc:d7:cc:
                    b7:a9:d1:fd:5b:32:f6:23:d9:19:96:40:6d:e9:cb:
                    a9:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:9C:A4:42:D4:26:45:C0:E8:CD:74:77:78:FA:D3:42:C3:FA:D6:C1
            X509v3 Authority Key Identifier:
                keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:96:29:52:57:45:38:7d:76:87:b2:fd:07:66:39:37:dd:cc:
         77:2d:cc:3b:5b:ce:f9:5c:6f:0f:bc:77:66:8b:37:a2:b7:1f:
         08:d8:fc:ac:f2:03:b1:c4:69:d0:66:4c:32:68:34:37:dd:db:
         00:24:9c:f3:0c:47:a3:cf:f4:36:05:d1:de:35:bf:8d:5a:6d:
         9c:27:21:19:6d:51:07:9f:e7:8c:28:ce:d2:73:b4:3c:08:53:
         27:c9:2a:5c:ca:24:1f:b7:b6:bc:36:bd:bd:95:71:16:9a:7c:
         14:ad:34:b9:47:da:1d:ac:38:0e:07:99:90:79:a9:c0:6c:f9:
         3d:e3:00:cd:2c:5b:34:4b:1d:48:c3:d8:cb:0a:5d:bd:78:30:
         cd:b2:cd:66:0e:b5:d4:aa:b0:f3:1e:f6:fb:63:49:76:aa:52:
         80:7a:14:28:95:ef:c4:ae:57:1d:47:25:9d:d2:77:8f:cf:b2:
         60:3e:9c:c2:06:92:fb:29:09:90:39:b8:1c:f9:41:d3:bd:b2:
         01:dd:7d:59:3f:99:f0:e4:0c:94:69:26:a9:4d:8e:72:44:2e:
         6d:e0:99:db:d2:b8:87:00:2e:be:70:1c:48:ee:fa:00:6f:49:
         55:32:18:0c:01:d2:12:33:8f:c2:e7:c0:18:86:e2:f9:6c:54:
         3a:63:86:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUTnD3OgtTXjm2ehzDW3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3
ZGY4NTgwHhcNMjUxMTA1MDAwMTA4WhcNMjUxMTA2MDAwMTA4WjAzMTEwLwYDVQQD
Eyg5NDljYTQ0MmQ0MjY0NWMwZThjZDc0Nzc3OGZhZDM0MmMzZmFkNmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6SaITPRZO7VR6d2R9X8DjFyXkm2j
gvwZPDeeOfukIEnqzsxPgkHhY7PCRIL4qP30ADuK0WW8GQby90v4Xo4S92dRXXYl
1/k5635iII7kBbYChAqPv5jcVTtNehjQTIdpFN+D6lVh3wcNPP4BiMOFxjO0sNrx
oKqcvSdqPhnc/k3xwhCkLWJzMy1FlLROo7G70zHEGsQ375yIJByS6jYkIZ1mSVLh
MKv00aZ6IaXHvJGEtGQK2V0FricwaKlEJTlLq7zTIHYCbs0V0eDwJ8MFZPnEoJnj
85AjyZDCwVzvqB+uz9HEcaoMsXqx1bDc18y3qdH9WzL2I9kZlkBt6cupBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJScpELUJkXA6M10d3j600LD+tbBMB8GA1UdIwQY
MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt
YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux
LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARpYpUldF
OH12h7L9B2Y5N93Mdy3MO1vO+VxvD7x3Zos3orcfCNj8rPIDscRp0GZMMmg0N93b
ACSc8wxHo8/0NgXR3jW/jVptnCchGW1RB5/njCjO0nO0PAhTJ8kqXMokH7e2vDa9
vZVxFpp8FK00uUfaHaw4DgeZkHmpwGz5PeMAzSxbNEsdSMPYywpdvXgwzbLNZg61
1Kqw8x72+2NJdqpSgHoUKJXvxK5XHUclndJ3j8+yYD6cwgaS+ykJkDm4HPlB072y
Ad19WT+Z8OQMlGkmqU2OckQubeCZ29K4hwAuvnAcSO76AG9JVTIYDAHSEjOPwufA
GIbi+WxUOmOGPg==
-----END CERTIFICATE-----