Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft
File:                     z312VOh85PlnktVlxW4ZH0Ten1o.mft (raw, json)
Hash identifier:          z4Dwj3AhVvfOfaF+HcLY9E778LcGgqkrOgyCUddSGug=
Subject key identifier:   76:96:15:47:18:E4:0C:7C:60:D7:20:26:29:AB:8E:1D:2F:B3:2C:C6
Authority key identifier: CF:7D:76:54:E8:7C:E4:F9:67:92:D5:65:C5:6E:19:1F:44:DE:9F:5A
Certificate issuer:       /CN=cf7d7654e87ce4f96792d565c56e191f44de9f5a
Certificate serial:       0198D7A8F375E59F40D17150B3C660A190F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z312VOh85PlnktVlxW4ZH0Ten1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft
Manifest number:          0F5C
Signing time:             Sat 23 Aug 2025 16:00:30 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:30 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:30 +0000
Files and hashes:         1: z312VOh85PlnktVlxW4ZH0Ten1o.crl (hash: kVBVPmr155j4aPw+EkTdhcGWqgeUiLDQI1T2cO5PvyU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z312VOh85PlnktVlxW4ZH0Ten1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a8:f3:75:e5:9f:40:d1:71:50:b3:c6:60:a1:90:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7d7654e87ce4f96792d565c56e191f44de9f5a
        Validity
            Not Before: Aug 23 16:00:30 2025 GMT
            Not After : Aug 24 16:00:30 2025 GMT
        Subject: CN=7696154718e40c7c60d7202629ab8e1d2fb32cc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:7f:ba:8f:ad:1d:e2:58:50:3f:c7:8f:91:31:
                    6e:7c:28:fe:b0:60:e1:46:c5:dd:61:fb:ae:cb:d2:
                    96:19:a8:21:31:c0:f2:48:3f:7f:26:51:8c:f1:e0:
                    5a:7b:63:3c:23:3f:77:48:89:e6:f9:fc:4a:21:9c:
                    be:00:06:62:9f:43:46:85:34:5a:f6:6c:63:07:a7:
                    aa:a2:fd:dc:37:c5:c9:e7:58:98:3a:c6:48:65:9c:
                    47:09:7c:2a:7b:57:f6:7e:2d:43:53:95:e8:4e:24:
                    67:2e:b6:f4:46:08:d4:d7:bf:a4:2b:7e:d3:1c:90:
                    5b:d5:83:29:e6:7c:34:94:70:9e:bd:20:c0:64:6a:
                    d9:d4:81:47:d1:89:72:5e:28:f2:9b:75:14:79:08:
                    e6:93:86:9c:2e:1a:a4:c0:60:e4:ac:3a:99:c9:1f:
                    b3:3f:6f:2f:6e:66:5c:27:1c:92:10:f6:d0:7b:0b:
                    0a:e1:36:32:8f:49:b5:e4:e2:a0:f6:20:ae:d2:75:
                    d4:07:89:0d:dc:73:28:b7:14:34:d0:93:18:d4:e0:
                    cd:b9:54:67:aa:61:d9:7a:57:b6:59:d7:7a:14:2c:
                    96:2e:98:a4:a8:91:26:b8:fe:c6:a4:97:cf:80:42:
                    35:cc:24:d2:21:82:2c:82:84:bc:4c:6b:9b:17:73:
                    24:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:96:15:47:18:E4:0C:7C:60:D7:20:26:29:AB:8E:1D:2F:B3:2C:C6
            X509v3 Authority Key Identifier:
                keyid:CF:7D:76:54:E8:7C:E4:F9:67:92:D5:65:C5:6E:19:1F:44:DE:9F:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z312VOh85PlnktVlxW4ZH0Ten1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/fba0ec-de56-40a5-89cf-770d7e3c0620/1/z312VOh85PlnktVlxW4ZH0Ten1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:ab:b4:36:ab:1a:19:fe:23:d2:f3:e5:71:21:43:6d:a5:3d:
         9a:bd:31:6d:0a:29:28:a7:4f:9e:d8:5d:a2:b5:d1:32:ac:d9:
         32:5c:6c:24:b3:41:f0:3c:3e:9b:ca:da:34:ae:dc:cb:ec:4b:
         43:3f:21:71:18:eb:d2:ef:f1:d8:37:66:09:9b:51:0e:56:83:
         b1:b7:44:2a:8e:3f:8a:75:e8:0b:9e:19:df:95:df:95:9d:17:
         ca:5b:45:36:eb:c6:e0:19:60:b5:82:cd:7f:64:dd:3b:b0:f9:
         16:ce:ec:c1:c8:c4:23:db:5b:1c:da:00:69:f8:3d:31:66:cc:
         d2:a8:34:b3:86:23:33:e0:55:19:fc:c3:d8:09:1c:7b:71:b4:
         7e:4f:53:d8:52:3a:92:87:b0:53:6d:aa:bf:10:a9:bf:63:cc:
         9b:b5:47:39:3b:17:12:e2:10:a4:ce:e8:d7:27:65:7c:a4:31:
         44:ad:b4:04:c4:f2:f4:48:ac:0a:30:c9:97:00:94:9d:8c:76:
         16:26:a1:94:61:df:c6:bc:50:f4:a0:4c:5d:dc:6a:42:b9:36:
         9e:91:a2:0c:0f:cc:a5:9a:7c:b4:97:22:ad:e4:83:7f:34:47:
         74:63:97:76:ba:49:bc:b0:ad:86:09:c3:92:7c:98:0d:34:4a:
         30:46:48:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqPN15Z9A0XFQs8ZgoZD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2Q3NjU0ZTg3Y2U0Zjk2NzkyZDU2NWM1NmUxOTFmNDRk
ZTlmNWEwHhcNMjUwODIzMTYwMDMwWhcNMjUwODI0MTYwMDMwWjAzMTEwLwYDVQQD
Eyg3Njk2MTU0NzE4ZTQwYzdjNjBkNzIwMjYyOWFiOGUxZDJmYjMyY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3+6j60d4lhQP8ePkTFufCj+sGDh
RsXdYfuuy9KWGaghMcDySD9/JlGM8eBae2M8Iz93SInm+fxKIZy+AAZin0NGhTRa
9mxjB6eqov3cN8XJ51iYOsZIZZxHCXwqe1f2fi1DU5XoTiRnLrb0RgjU17+kK37T
HJBb1YMp5nw0lHCevSDAZGrZ1IFH0YlyXijym3UUeQjmk4acLhqkwGDkrDqZyR+z
P28vbmZcJxySEPbQewsK4TYyj0m15OKg9iCu0nXUB4kN3HMotxQ00JMY1ODNuVRn
qmHZele2Wdd6FCyWLpikqJEmuP7GpJfPgEI1zCTSIYIsgoS8TGubF3Mk4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaWFUcY5Ax8YNcgJimrjh0vsyzGMB8GA1UdIwQY
MBaAFM99dlTofOT5Z5LVZcVuGR9E3p9aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejMxMlZPaDg1UGxua3RWbHhXNFpIMFRlbjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9mYmEwZWMtZGU1Ni00MGE1LTg5Y2Yt
NzcwZDdlM2MwNjIwLzEvejMxMlZPaDg1UGxua3RWbHhXNFpIMFRlbjFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9mYmEwZWMtZGU1Ni00MGE1LTg5Y2YtNzcwZDdlM2MwNjIw
LzEvejMxMlZPaDg1UGxua3RWbHhXNFpIMFRlbjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZau0Nqsa
Gf4j0vPlcSFDbaU9mr0xbQopKKdPnthdorXRMqzZMlxsJLNB8Dw+m8raNK7cy+xL
Qz8hcRjr0u/x2DdmCZtRDlaDsbdEKo4/inXoC54Z35XflZ0XyltFNuvG4BlgtYLN
f2TdO7D5Fs7swcjEI9tbHNoAafg9MWbM0qg0s4YjM+BVGfzD2Akce3G0fk9T2FI6
koewU22qvxCpv2PMm7VHOTsXEuIQpM7o1ydlfKQxRK20BMTy9EisCjDJlwCUnYx2
FiahlGHfxrxQ9KBMXdxqQrk2npGiDA/MpZp8tJcireSDfzRHdGOXdrpJvLCthgnD
knyYDTRKMEZIGw==
-----END CERTIFICATE-----