Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft
File:                     z312VOh85PlnktVlxW4ZH0Ten1o.mft (raw, json)
Hash identifier:          bjnJPE1VjUZjYsArBOCdSPCCvnsvYUTv53z2AA7h+mw=
Subject key identifier:   C1:BB:AF:62:0B:E7:27:82:CD:6C:E5:88:35:02:AD:88:87:98:E3:AE
Authority key identifier: CF:7D:76:54:E8:7C:E4:F9:67:92:D5:65:C5:6E:19:1F:44:DE:9F:5A
Certificate issuer:       /CN=cf7d7654e87ce4f96792d565c56e191f44de9f5a
Certificate serial:       0199FB45EF50D07734DFCEEE83BA2CA29DDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z312VOh85PlnktVlxW4ZH0Ten1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft
Manifest number:          0FF3
Signing time:             Sun 19 Oct 2025 07:01:28 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:28 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:28 +0000
Files and hashes:         1: z312VOh85PlnktVlxW4ZH0Ten1o.crl (hash: OUat3im6Uo+vb/gnF1wEpYM6PKSI7tgbySxsGt5jB6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z312VOh85PlnktVlxW4ZH0Ten1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:ef:50:d0:77:34:df:ce:ee:83:ba:2c:a2:9d:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7d7654e87ce4f96792d565c56e191f44de9f5a
        Validity
            Not Before: Oct 19 07:01:28 2025 GMT
            Not After : Oct 20 07:01:28 2025 GMT
        Subject: CN=c1bbaf620be72782cd6ce5883502ad888798e3ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:4f:37:97:e7:b6:d8:8a:af:d7:82:30:6a:fe:
                    5c:fe:82:35:10:60:a9:4c:ab:1c:90:9f:25:f4:d9:
                    84:20:59:36:3f:d9:d5:a2:7e:04:5f:2e:86:6a:22:
                    16:ab:6e:9a:62:c0:66:f0:6b:03:f4:5f:c0:cb:a1:
                    ee:5d:72:18:94:d2:fd:93:84:f5:86:7b:36:98:f0:
                    b5:00:a5:93:8d:fd:86:71:39:9b:b3:36:0f:ed:da:
                    dd:26:b2:88:72:75:df:27:f0:c0:79:b8:60:82:36:
                    6f:c8:f7:43:43:b5:d1:40:fe:b4:bc:03:cf:7a:a8:
                    4f:e8:61:e4:03:0d:87:2e:e5:86:d6:0b:38:eb:f6:
                    d7:2d:ec:80:9c:77:6e:b1:46:cf:5f:83:3d:4f:81:
                    bb:0c:da:ce:8e:8e:50:b7:d3:24:39:2d:ce:d9:ef:
                    09:ec:c4:e0:5b:1c:31:a4:a2:04:60:bc:72:db:c7:
                    5d:05:79:20:94:99:6a:79:2b:ab:62:ef:5a:27:be:
                    01:1d:f2:ce:25:5b:68:8c:c7:8d:b7:7a:00:a4:cf:
                    3c:43:f7:81:ff:1e:e9:94:f2:71:9b:ae:5b:88:fd:
                    12:33:0d:4c:a5:79:ed:8a:21:65:10:66:27:d0:52:
                    33:f1:1c:e9:81:7e:bb:b4:2b:b5:30:90:42:7d:d7:
                    cc:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:BB:AF:62:0B:E7:27:82:CD:6C:E5:88:35:02:AD:88:87:98:E3:AE
            X509v3 Authority Key Identifier:
                keyid:CF:7D:76:54:E8:7C:E4:F9:67:92:D5:65:C5:6E:19:1F:44:DE:9F:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z312VOh85PlnktVlxW4ZH0Ten1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:8b:7c:97:4f:a3:0c:f8:a1:db:7f:59:0c:dd:ba:57:6b:6a:
         a5:d5:9c:af:2f:a0:9a:79:b4:2c:16:ed:8a:1a:22:e0:4a:2b:
         6d:cb:e9:dd:39:0b:78:ae:fe:1c:c4:1e:5b:be:19:ed:eb:80:
         e2:5a:62:f7:89:87:65:b6:db:94:59:95:1f:b6:c2:3f:74:4c:
         df:3f:66:16:cb:57:64:c0:1f:ba:58:77:1a:35:c0:46:9e:43:
         01:fd:23:63:b9:2f:01:e9:9e:dc:04:54:2f:b5:40:6e:e4:5d:
         5d:34:9e:b3:7e:91:82:4d:ce:a1:bf:1c:8b:51:2d:90:ae:15:
         01:74:e3:8e:0c:fa:0e:66:d4:e8:80:f2:6f:44:3e:b9:bf:c0:
         b8:fc:f3:7b:fc:86:e8:f1:55:ba:a9:43:ec:45:c3:f0:62:85:
         88:e1:09:ce:43:c0:b9:fe:5f:de:a5:43:65:bf:e9:ef:b1:56:
         88:84:d6:a6:32:37:59:02:b2:88:44:57:09:20:2f:5b:51:11:
         1f:2d:0b:07:4c:6e:d4:ad:d2:2f:c9:b5:27:d7:09:f7:36:95:
         e8:e3:b5:b3:a0:61:46:25:c0:2e:97:88:35:6e:f9:9d:50:7e:
         64:9c:a7:84:dd:da:e6:bc:43:da:53:9d:be:c0:f6:6f:31:95:
         37:0a:f5:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Re9Q0Hc0387ug7osop3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2Q3NjU0ZTg3Y2U0Zjk2NzkyZDU2NWM1NmUxOTFmNDRk
ZTlmNWEwHhcNMjUxMDE5MDcwMTI4WhcNMjUxMDIwMDcwMTI4WjAzMTEwLwYDVQQD
EyhjMWJiYWY2MjBiZTcyNzgyY2Q2Y2U1ODgzNTAyYWQ4ODg3OThlM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU83l+e22Iqv14Iwav5c/oI1EGCp
TKsckJ8l9NmEIFk2P9nVon4EXy6GaiIWq26aYsBm8GsD9F/Ay6HuXXIYlNL9k4T1
hns2mPC1AKWTjf2GcTmbszYP7drdJrKIcnXfJ/DAebhggjZvyPdDQ7XRQP60vAPP
eqhP6GHkAw2HLuWG1gs46/bXLeyAnHdusUbPX4M9T4G7DNrOjo5Qt9MkOS3O2e8J
7MTgWxwxpKIEYLxy28ddBXkglJlqeSurYu9aJ74BHfLOJVtojMeNt3oApM88Q/eB
/x7plPJxm65biP0SMw1MpXntiiFlEGYn0FIz8RzpgX67tCu1MJBCfdfMlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMG7r2IL5yeCzWzliDUCrYiHmOOuMB8GA1UdIwQY
MBaAFM99dlTofOT5Z5LVZcVuGR9E3p9aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejMxMlZPaDg1UGxua3RWbHhXNFpIMFRlbjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9mYmEwZWMtZGU1Ni00MGE1LTg5Y2Yt
NzcwZDdlM2MwNjIwLzEvejMxMlZPaDg1UGxua3RWbHhXNFpIMFRlbjFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9mYmEwZWMtZGU1Ni00MGE1LTg5Y2YtNzcwZDdlM2MwNjIw
LzEvejMxMlZPaDg1UGxua3RWbHhXNFpIMFRlbjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEot8l0+j
DPih239ZDN26V2tqpdWcry+gmnm0LBbtihoi4Eorbcvp3TkLeK7+HMQeW74Z7euA
4lpi94mHZbbblFmVH7bCP3RM3z9mFstXZMAfulh3GjXARp5DAf0jY7kvAeme3ARU
L7VAbuRdXTSes36Rgk3Oob8ci1EtkK4VAXTjjgz6DmbU6IDyb0Q+ub/AuPzze/yG
6PFVuqlD7EXD8GKFiOEJzkPAuf5f3qVDZb/p77FWiITWpjI3WQKyiERXCSAvW1ER
Hy0LB0xu1K3SL8m1J9cJ9zaV6OO1s6BhRiXALpeINW75nVB+ZJynhN3a5rxD2lOd
vsD2bzGVNwr1rA==
-----END CERTIFICATE-----