Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          EeEBPmpEH0TYwoyFj2Sv5lI/T3olHKU2Afyx1W8WgT4=
Subject key identifier:   8F:BF:5C:22:7E:F9:0C:69:24:D9:89:9A:5B:AE:F6:AF:16:D3:A2:30
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       019A4DE1A6F351E79227C9E636244B83E7BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0CA8
Signing time:             Tue 04 Nov 2025 08:00:25 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:25 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:25 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: nzoS0ziCMTj+ViNw9fBQXeVV/VQGDRZSmABQhTm91+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:a6:f3:51:e7:92:27:c9:e6:36:24:4b:83:e7:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: Nov  4 08:00:25 2025 GMT
            Not After : Nov  5 08:00:25 2025 GMT
        Subject: CN=8fbf5c227ef90c6924d9899a5baef6af16d3a230
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:de:19:68:87:d5:3c:f6:c9:1e:87:ec:ce:10:
                    55:61:07:2c:8e:8b:35:48:b7:20:5a:12:72:3a:2e:
                    f3:91:17:ae:7a:7b:4e:d4:89:97:dc:7e:bd:87:63:
                    95:b8:09:cd:93:cf:2c:48:13:71:cf:f3:ae:15:eb:
                    fe:1f:d4:ad:fa:4a:b1:f9:94:81:fb:30:c2:1f:2c:
                    68:15:85:01:ee:69:58:e8:bb:96:b4:e7:fc:72:3f:
                    89:3e:d8:31:a1:8b:c5:09:b7:7e:c7:99:7e:d4:52:
                    9e:e0:c3:c3:32:6a:8a:48:c3:fa:80:be:25:54:68:
                    02:b1:43:03:63:7f:12:b0:2e:50:fd:d3:63:50:62:
                    1e:b2:4f:0f:c8:80:b1:94:d3:0a:33:a7:31:9f:d3:
                    7c:9b:00:3b:b6:19:de:f5:62:3b:5a:84:63:57:83:
                    69:15:b0:31:8c:0e:9e:a4:07:7a:83:c4:9a:4f:c4:
                    53:aa:eb:c4:f8:64:9c:80:c2:b9:06:53:fd:2e:d3:
                    e7:79:e1:61:97:4c:7c:95:c9:52:2d:1d:19:bd:27:
                    0e:a0:19:90:83:a0:14:6f:53:dc:2a:48:60:49:98:
                    4e:60:98:91:bb:76:5f:0c:47:06:64:4c:2e:e4:14:
                    b1:83:8d:3d:11:b1:1d:ba:94:b8:3f:98:12:70:dd:
                    95:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:BF:5C:22:7E:F9:0C:69:24:D9:89:9A:5B:AE:F6:AF:16:D3:A2:30
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:77:87:57:c3:a6:86:59:0f:9f:05:88:9e:4c:12:b3:3e:19:
         7c:1b:55:0c:64:f1:a6:ef:67:10:01:cd:0d:a5:0a:b5:fc:61:
         cf:77:d9:62:a1:80:a1:d1:17:d1:ea:7c:c0:21:d5:5e:e4:80:
         42:1b:44:f2:58:a7:c8:75:f2:2b:96:3b:08:66:bf:5f:59:57:
         43:92:38:94:99:56:35:d1:84:2f:12:94:dc:73:34:d6:f1:b1:
         69:c9:0e:dd:65:27:fd:c1:75:e1:e5:73:e1:c9:32:fa:36:72:
         64:ce:c1:91:1b:26:da:11:7f:26:01:d8:99:b8:8e:13:4a:c7:
         60:d7:d0:70:06:d7:3c:fa:cc:22:e8:0e:17:d5:19:b8:69:2d:
         b4:c5:59:45:c0:90:ef:6b:73:04:9d:56:92:62:1a:67:0a:15:
         6f:a9:95:7c:5e:7c:77:92:64:b9:85:f5:31:d8:0c:48:a1:9f:
         3e:20:fb:08:32:cd:4b:90:c4:5d:21:f9:24:12:33:b8:c6:c6:
         c6:bf:2b:84:5c:a2:87:ae:8f:18:b6:fd:8b:f0:b3:9f:75:a2:
         5d:16:dc:ab:56:64:03:79:7d:8b:96:93:da:c0:1f:de:ee:5b:
         fd:ea:97:34:cc:74:a1:f9:6e:8a:9f:8c:fd:61:d0:49:22:f5:
         cf:36:4d:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4abzUeeSJ8nmNiRLg+e8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjUxMTA0MDgwMDI1WhcNMjUxMTA1MDgwMDI1WjAzMTEwLwYDVQQD
Eyg4ZmJmNWMyMjdlZjkwYzY5MjRkOTg5OWE1YmFlZjZhZjE2ZDNhMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+t4ZaIfVPPbJHofszhBVYQcsjos1
SLcgWhJyOi7zkReuentO1ImX3H69h2OVuAnNk88sSBNxz/OuFev+H9St+kqx+ZSB
+zDCHyxoFYUB7mlY6LuWtOf8cj+JPtgxoYvFCbd+x5l+1FKe4MPDMmqKSMP6gL4l
VGgCsUMDY38SsC5Q/dNjUGIesk8PyICxlNMKM6cxn9N8mwA7thne9WI7WoRjV4Np
FbAxjA6epAd6g8SaT8RTquvE+GScgMK5BlP9LtPneeFhl0x8lclSLR0ZvScOoBmQ
g6AUb1PcKkhgSZhOYJiRu3ZfDEcGZEwu5BSxg409EbEdupS4P5gScN2V9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+/XCJ++QxpJNmJmluu9q8W06IwMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuneHV8Om
hlkPnwWInkwSsz4ZfBtVDGTxpu9nEAHNDaUKtfxhz3fZYqGAodEX0ep8wCHVXuSA
QhtE8linyHXyK5Y7CGa/X1lXQ5I4lJlWNdGELxKU3HM01vGxackO3WUn/cF14eVz
4cky+jZyZM7BkRsm2hF/JgHYmbiOE0rHYNfQcAbXPPrMIugOF9UZuGkttMVZRcCQ
72tzBJ1WkmIaZwoVb6mVfF58d5JkuYX1MdgMSKGfPiD7CDLNS5DEXSH5JBIzuMbG
xr8rhFyih66PGLb9i/Czn3WiXRbcq1ZkA3l9i5aT2sAf3u5b/eqXNMx0ofluip+M
/WHQSSL1zzZNEA==
-----END CERTIFICATE-----