Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft
File:                     z312VOh85PlnktVlxW4ZH0Ten1o.mft (raw, json)
Hash identifier:          OmLjfsmIxeP5wI1b3fB23zcM8KdIzChYUmfBdidNTN8=
Subject key identifier:   25:A9:05:01:30:D0:FC:A0:3A:BB:10:EF:4D:F8:F5:2B:DE:EA:B0:FD
Authority key identifier: CF:7D:76:54:E8:7C:E4:F9:67:92:D5:65:C5:6E:19:1F:44:DE:9F:5A
Certificate issuer:       /CN=cf7d7654e87ce4f96792d565c56e191f44de9f5a
Certificate serial:       0197B7EA82894224EA01CC7DE5E93B41F5F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z312VOh85PlnktVlxW4ZH0Ten1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft
Manifest number:          0EC7
Signing time:             Sat 28 Jun 2025 19:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:28 +0000
Files and hashes:         1: z312VOh85PlnktVlxW4ZH0Ten1o.crl (hash: R1XgJ9MVRdbNaMX8MQRFKV24Z+brte6lZ9RudhkmMiE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z312VOh85PlnktVlxW4ZH0Ten1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:82:89:42:24:ea:01:cc:7d:e5:e9:3b:41:f5:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7d7654e87ce4f96792d565c56e191f44de9f5a
        Validity
            Not Before: Jun 28 19:01:28 2025 GMT
            Not After : Jun 29 19:01:28 2025 GMT
        Subject: CN=25a9050130d0fca03abb10ef4df8f52bdeeab0fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:87:cb:e3:e2:d3:2b:cf:41:71:bc:4c:3f:59:
                    00:47:68:ff:6f:7d:6d:1d:7e:88:f9:00:d4:14:e0:
                    e1:73:a8:30:93:3e:85:0b:4f:f3:9f:e9:12:a2:09:
                    18:70:5f:28:ad:10:32:af:81:eb:47:bd:09:2e:69:
                    2c:e3:58:7e:06:fd:10:2d:ec:28:f4:be:26:0b:d8:
                    de:d4:46:d9:48:83:ef:07:63:9d:d5:dd:c9:a9:66:
                    5d:be:36:07:fa:6b:14:c7:a7:35:ee:97:09:c8:04:
                    ba:3c:39:b3:10:e6:c1:11:68:de:38:8e:70:f0:bb:
                    33:1c:8b:12:03:a3:9a:26:83:99:3a:fd:f8:9f:4e:
                    63:ac:7b:d5:5e:99:d1:0b:10:ca:47:04:ee:04:13:
                    04:40:3b:a7:5c:05:46:ac:b6:f5:4f:b2:f6:e3:69:
                    fe:36:fa:43:51:7f:17:d5:83:0a:36:f6:d8:ff:d8:
                    fb:18:9b:3a:78:a6:e1:d4:48:fd:f2:9e:31:84:83:
                    e7:05:ef:5c:0e:93:65:af:64:32:6a:22:b1:29:3f:
                    e2:5c:4b:00:f0:0c:a4:ff:a4:87:74:8e:8f:a5:9e:
                    52:29:5c:8f:b7:6d:ca:59:c7:ee:4c:9a:13:22:03:
                    74:9b:e0:4d:0f:e2:34:51:6c:25:08:d4:af:b1:5e:
                    3d:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:A9:05:01:30:D0:FC:A0:3A:BB:10:EF:4D:F8:F5:2B:DE:EA:B0:FD
            X509v3 Authority Key Identifier:
                keyid:CF:7D:76:54:E8:7C:E4:F9:67:92:D5:65:C5:6E:19:1F:44:DE:9F:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z312VOh85PlnktVlxW4ZH0Ten1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:0f:a6:f4:9a:84:91:cf:21:d5:76:3a:06:55:92:58:f9:6c:
         6f:3f:85:09:54:24:cb:ad:52:e7:09:40:21:af:9f:fe:09:06:
         b4:3f:c3:ab:6c:4b:f4:11:f7:ca:40:d1:a4:79:74:ac:f2:53:
         97:fb:9c:5e:50:53:0c:58:d0:47:72:cc:ea:34:61:53:1e:36:
         26:3c:34:01:e8:a8:22:91:3d:17:5d:74:44:9d:ee:6e:fb:b8:
         6a:8b:87:51:48:b0:80:85:63:8e:28:27:1f:35:d9:1b:d9:36:
         cc:39:e4:35:1f:92:b2:37:8b:78:48:f4:7c:d4:78:37:a2:ea:
         b5:ce:00:56:a7:04:77:13:0b:3d:17:be:14:a6:ce:40:f2:87:
         fb:12:42:bd:6c:71:b1:f2:eb:2e:92:32:b3:e2:74:52:fe:76:
         b8:82:e2:4c:c3:8f:bb:e7:33:0c:74:12:16:ad:54:6c:dd:a9:
         17:59:e3:81:ab:fa:46:93:41:19:d0:fb:97:74:38:43:5f:bc:
         58:70:01:64:3d:98:c7:89:d1:8f:21:42:6e:70:43:32:f4:f0:
         ec:bb:2d:1d:47:09:d5:58:59:b4:03:b8:73:23:ca:6b:ad:be:
         43:64:df:1d:bc:ea:43:a6:c1:45:b3:54:b6:da:49:31:3f:d8:
         52:66:98:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36oKJQiTqAcx95ek7QfX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2Q3NjU0ZTg3Y2U0Zjk2NzkyZDU2NWM1NmUxOTFmNDRk
ZTlmNWEwHhcNMjUwNjI4MTkwMTI4WhcNMjUwNjI5MTkwMTI4WjAzMTEwLwYDVQQD
EygyNWE5MDUwMTMwZDBmY2EwM2FiYjEwZWY0ZGY4ZjUyYmRlZWFiMGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIfL4+LTK89BcbxMP1kAR2j/b31t
HX6I+QDUFODhc6gwkz6FC0/zn+kSogkYcF8orRAyr4HrR70JLmks41h+Bv0QLewo
9L4mC9je1EbZSIPvB2Od1d3JqWZdvjYH+msUx6c17pcJyAS6PDmzEObBEWjeOI5w
8LszHIsSA6OaJoOZOv34n05jrHvVXpnRCxDKRwTuBBMEQDunXAVGrLb1T7L242n+
NvpDUX8X1YMKNvbY/9j7GJs6eKbh1Ej98p4xhIPnBe9cDpNlr2QyaiKxKT/iXEsA
8Ayk/6SHdI6PpZ5SKVyPt23KWcfuTJoTIgN0m+BND+I0UWwlCNSvsV49YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWpBQEw0PygOrsQ70349Sve6rD9MB8GA1UdIwQY
MBaAFM99dlTofOT5Z5LVZcVuGR9E3p9aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejMxMlZPaDg1UGxua3RWbHhXNFpIMFRlbjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9mYmEwZWMtZGU1Ni00MGE1LTg5Y2Yt
NzcwZDdlM2MwNjIwLzEvejMxMlZPaDg1UGxua3RWbHhXNFpIMFRlbjFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9mYmEwZWMtZGU1Ni00MGE1LTg5Y2YtNzcwZDdlM2MwNjIw
LzEvejMxMlZPaDg1UGxua3RWbHhXNFpIMFRlbjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQA+m9JqE
kc8h1XY6BlWSWPlsbz+FCVQky61S5wlAIa+f/gkGtD/Dq2xL9BH3ykDRpHl0rPJT
l/ucXlBTDFjQR3LM6jRhUx42Jjw0AeioIpE9F110RJ3ubvu4aouHUUiwgIVjjign
HzXZG9k2zDnkNR+SsjeLeEj0fNR4N6Lqtc4AVqcEdxMLPRe+FKbOQPKH+xJCvWxx
sfLrLpIys+J0Uv52uILiTMOPu+czDHQSFq1UbN2pF1njgav6RpNBGdD7l3Q4Q1+8
WHABZD2Yx4nRjyFCbnBDMvTw7LstHUcJ1VhZtAO4cyPKa62+Q2TfHbzqQ6bBRbNU
ttpJMT/YUmaYiw==
-----END CERTIFICATE-----