Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File:                     ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier:          zaz6eC3r9PXvUxHTceHvzUAZTa7z0fuaIXdxZOqqC8Q=
Subject key identifier:   A3:31:D3:C3:6B:09:77:4B:47:E2:48:AF:6E:DC:BD:6A:FB:14:4D:7F
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer:       /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial:       0199FDD90340B24745783C3A536D17FE43AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number:          0CCC
Signing time:             Sun 19 Oct 2025 19:01:21 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:21 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:21 +0000
Files and hashes:         1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: ADQG5oReBPJGxmaVFIgSjuo//DoKmGEb7mfkwULZmyY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:03:40:b2:47:45:78:3c:3a:53:6d:17:fe:43:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
        Validity
            Not Before: Oct 19 19:01:21 2025 GMT
            Not After : Oct 20 19:01:21 2025 GMT
        Subject: CN=a331d3c36b09774b47e248af6edcbd6afb144d7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:db:ed:b0:fc:6e:20:9b:bb:c8:a8:a1:48:c3:
                    bf:24:4f:a9:23:f7:e7:aa:db:bc:08:02:ba:6e:86:
                    58:47:48:6f:7a:0d:37:22:19:a7:45:0e:10:c3:14:
                    39:85:1a:58:ba:ef:43:57:c6:c6:d2:cf:e4:df:20:
                    b6:ce:29:54:75:c0:5b:20:e7:97:93:8e:cb:16:eb:
                    3f:4d:1b:a8:d6:b6:76:6c:aa:b9:b7:39:13:d4:9f:
                    f5:1d:da:72:cb:2d:4a:2e:74:ea:01:b7:d0:a6:09:
                    1b:5d:29:b1:2a:6c:ef:0a:50:d9:7e:b9:c6:60:8d:
                    ff:53:8c:9f:e7:70:8d:1d:25:38:b8:85:2a:f9:f2:
                    2c:09:f4:db:2a:10:4d:b0:64:64:6b:49:0d:77:c3:
                    d2:6d:b8:85:74:38:6f:72:c8:6d:e7:1d:b6:5e:5f:
                    ec:e9:98:0c:61:18:ad:24:56:38:cf:c2:e8:7d:3c:
                    5d:f5:4e:c2:19:f9:81:39:a8:c1:04:4d:64:93:9f:
                    b8:3a:f5:7d:1f:d8:84:28:89:46:f8:16:2c:32:93:
                    6d:70:39:17:a8:f6:db:ca:1f:81:ef:ef:ec:83:c8:
                    b2:77:ac:26:85:eb:44:2e:8a:23:b0:ff:ae:b1:88:
                    a1:34:d5:69:41:48:9e:1b:f8:e7:4b:c1:cc:38:83:
                    af:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:31:D3:C3:6B:09:77:4B:47:E2:48:AF:6E:DC:BD:6A:FB:14:4D:7F
            X509v3 Authority Key Identifier:
                keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:5e:e3:eb:a9:fe:19:66:71:75:b0:b5:59:fb:0f:4f:15:b1:
         83:5e:92:c0:50:49:5d:a0:58:4c:20:17:0e:61:be:9a:d6:03:
         85:c0:2a:7f:6f:82:19:eb:72:53:6d:da:5a:0c:2a:36:61:b6:
         dd:b5:49:31:c8:24:9c:f1:1c:8b:90:6b:97:9b:84:da:f3:f9:
         65:c8:62:42:11:92:e0:05:2d:ad:2d:34:8b:39:74:2e:5b:2e:
         ec:d3:4b:7b:aa:81:61:75:62:ab:17:e3:35:6e:a0:70:d0:e4:
         f4:67:51:32:f2:a6:55:0d:26:c7:4d:71:c4:c3:41:68:2d:db:
         a5:85:06:2d:be:4c:28:69:31:20:d1:ad:c9:1e:97:37:c4:e9:
         4c:4d:f6:e7:bc:93:3a:2e:63:0b:e3:0f:9c:ff:b3:57:3c:bb:
         eb:cf:51:41:68:2d:22:8e:c9:cc:e4:33:d3:b8:1e:36:4c:bf:
         fd:d1:14:90:25:f9:e0:3f:47:36:6b:d0:34:75:47:9d:99:c4:
         f1:7a:11:32:a1:a4:49:68:24:f7:47:24:b9:08:ce:5f:88:7e:
         c6:69:7f:b3:48:99:b9:32:b9:a8:c7:05:5e:d7:00:e9:b6:a4:
         eb:36:90:f4:c7:27:18:00:95:4a:9a:29:45:f6:ea:07:4b:43:
         85:56:10:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92QNAskdFeDw6U20X/kOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjUxMDE5MTkwMTIxWhcNMjUxMDIwMTkwMTIxWjAzMTEwLwYDVQQD
EyhhMzMxZDNjMzZiMDk3NzRiNDdlMjQ4YWY2ZWRjYmQ2YWZiMTQ0ZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9vtsPxuIJu7yKihSMO/JE+pI/fn
qtu8CAK6boZYR0hveg03IhmnRQ4QwxQ5hRpYuu9DV8bG0s/k3yC2zilUdcBbIOeX
k47LFus/TRuo1rZ2bKq5tzkT1J/1Hdpyyy1KLnTqAbfQpgkbXSmxKmzvClDZfrnG
YI3/U4yf53CNHSU4uIUq+fIsCfTbKhBNsGRka0kNd8PSbbiFdDhvcsht5x22Xl/s
6ZgMYRitJFY4z8LofTxd9U7CGfmBOajBBE1kk5+4OvV9H9iEKIlG+BYsMpNtcDkX
qPbbyh+B7+/sg8iyd6wmhetELoojsP+usYihNNVpQUieG/jnS8HMOIOv1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMx08NrCXdLR+JIr27cvWr7FE1/MB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi17j66n+
GWZxdbC1WfsPTxWxg16SwFBJXaBYTCAXDmG+mtYDhcAqf2+CGetyU23aWgwqNmG2
3bVJMcgknPEci5Brl5uE2vP5ZchiQhGS4AUtrS00izl0Llsu7NNLe6qBYXViqxfj
NW6gcNDk9GdRMvKmVQ0mx01xxMNBaC3bpYUGLb5MKGkxINGtyR6XN8TpTE3257yT
Oi5jC+MPnP+zVzy7689RQWgtIo7JzOQz07geNky//dEUkCX54D9HNmvQNHVHnZnE
8XoRMqGkSWgk90ckuQjOX4h+xml/s0iZuTK5qMcFXtcA6bak6zaQ9McnGACVSpop
RfbqB0tDhVYQWw==
-----END CERTIFICATE-----