Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          YVbpXCLH9eBNCi52wlCT0HOyJXiFBEN3vFV5W8Tfjcs=
Subject key identifier:   D9:8C:42:3A:17:CC:0C:20:E9:8B:89:81:BF:40:56:8A:8F:82:B5:07
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       0199FBEAC2F94ECEE859C087645881AA4A28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          0F8F
Signing time:             Sun 19 Oct 2025 10:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:30 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: Ig0VBNmdbVnfZka4RV/3+ZD0/oeYnUDGblSSCkZx16A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:c2:f9:4e:ce:e8:59:c0:87:64:58:81:aa:4a:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: Oct 19 10:01:30 2025 GMT
            Not After : Oct 20 10:01:30 2025 GMT
        Subject: CN=d98c423a17cc0c20e98b8981bf40568a8f82b507
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:1c:2b:64:75:3b:b0:aa:e1:49:9b:8a:b8:16:
                    bc:5b:c2:65:4f:e4:bd:a0:de:2c:7c:0a:b0:b1:b7:
                    88:63:8d:75:7c:dc:b0:26:a4:0a:63:34:3b:45:b3:
                    1b:7d:2a:f2:15:3f:20:cf:db:61:b7:8b:da:2b:1f:
                    72:53:24:6b:49:d1:b2:89:46:c6:16:1f:3f:51:39:
                    55:c4:86:35:dd:15:91:a8:8a:38:fd:a7:b2:33:ac:
                    a7:e0:db:80:80:1e:13:23:d2:f2:4a:99:74:eb:40:
                    03:5f:06:2b:79:18:8d:93:96:8b:02:96:bc:11:ad:
                    d2:11:09:19:e3:99:9b:19:a4:8e:5f:15:7b:72:fd:
                    c4:8a:81:8f:5f:5f:b8:61:86:47:0a:5d:96:09:ed:
                    e8:e3:ee:7f:1f:3f:cc:93:4a:76:dd:e8:a7:2e:e3:
                    e8:15:cd:62:85:d8:8c:ea:82:5a:3b:2b:34:e6:8a:
                    14:81:58:f5:e0:a6:92:fb:db:66:b2:f2:42:70:b1:
                    ce:64:fb:01:e3:d5:c0:c2:1a:6f:82:a7:e3:51:ec:
                    64:a5:d7:91:8b:0f:56:82:57:8b:54:01:40:df:72:
                    b8:50:31:e6:89:04:11:7e:41:3b:3d:fa:0d:27:6d:
                    d6:41:49:54:d9:35:fd:20:de:e3:29:0b:ab:ba:0a:
                    dc:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:8C:42:3A:17:CC:0C:20:E9:8B:89:81:BF:40:56:8A:8F:82:B5:07
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:ac:8d:02:b7:c2:38:50:68:bb:df:73:46:12:5e:31:1f:6e:
         a1:d8:a3:7c:04:b1:e5:9c:d2:a2:18:ae:3e:0f:60:6b:02:22:
         c7:47:e7:6d:13:36:6f:6b:f2:a3:eb:b2:17:0b:f7:05:dd:07:
         e8:67:1c:8c:3f:54:19:a1:3c:97:f2:42:ed:61:ee:b6:73:1a:
         b3:f8:2b:7e:59:3b:83:3c:7a:4e:32:2a:67:a4:a8:4b:09:24:
         81:67:23:db:fc:3c:0c:a3:50:e3:5a:46:9a:09:ee:41:91:2c:
         54:83:c0:8b:02:b3:b4:b5:7d:50:ba:7b:be:6a:e2:f9:88:82:
         05:c6:eb:01:30:fe:aa:80:26:0d:50:d9:4f:42:3d:07:92:84:
         a2:14:3a:66:28:c4:3e:81:79:69:6b:60:ea:d9:a4:f7:dd:e1:
         20:97:b8:91:88:4d:46:37:63:b9:0c:1a:f0:67:c0:8a:4a:e5:
         75:b8:81:3c:b4:d7:f7:99:d3:4a:9a:04:96:05:49:65:d2:fb:
         68:67:0b:d5:ac:c3:cc:cf:1a:47:1d:e2:d9:08:1e:b0:50:65:
         34:02:f0:95:46:88:fc:14:84:91:39:04:eb:ed:d8:e9:6f:2e:
         34:c0:0e:75:f9:f2:d5:54:a9:8f:74:13:b0:22:7d:30:5f:a7:
         76:9f:ba:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76sL5Ts7oWcCHZFiBqkooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjUxMDE5MTAwMTMwWhcNMjUxMDIwMTAwMTMwWjAzMTEwLwYDVQQD
EyhkOThjNDIzYTE3Y2MwYzIwZTk4Yjg5ODFiZjQwNTY4YThmODJiNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxwrZHU7sKrhSZuKuBa8W8JlT+S9
oN4sfAqwsbeIY411fNywJqQKYzQ7RbMbfSryFT8gz9tht4vaKx9yUyRrSdGyiUbG
Fh8/UTlVxIY13RWRqIo4/aeyM6yn4NuAgB4TI9LySpl060ADXwYreRiNk5aLApa8
Ea3SEQkZ45mbGaSOXxV7cv3EioGPX1+4YYZHCl2WCe3o4+5/Hz/Mk0p23einLuPo
Fc1ihdiM6oJaOys05ooUgVj14KaS+9tmsvJCcLHOZPsB49XAwhpvgqfjUexkpdeR
iw9WgleLVAFA33K4UDHmiQQRfkE7PfoNJ23WQUlU2TX9IN7jKQurugrcewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmMQjoXzAwg6YuJgb9AVoqPgrUHMB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMKyNArfC
OFBou99zRhJeMR9uodijfASx5ZzSohiuPg9gawIix0fnbRM2b2vyo+uyFwv3Bd0H
6GccjD9UGaE8l/JC7WHutnMas/grflk7gzx6TjIqZ6SoSwkkgWcj2/w8DKNQ41pG
mgnuQZEsVIPAiwKztLV9ULp7vmri+YiCBcbrATD+qoAmDVDZT0I9B5KEohQ6ZijE
PoF5aWtg6tmk993hIJe4kYhNRjdjuQwa8GfAikrldbiBPLTX95nTSpoElgVJZdL7
aGcL1azDzM8aRx3i2QgesFBlNALwlUaI/BSEkTkE6+3Y6W8uNMAOdfny1VSpj3QT
sCJ9MF+ndp+6BA==
-----END CERTIFICATE-----