Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
File:                     o_60EOB9CI-2UbkTdJuBJX47mVI.mft (raw, json)
Hash identifier:          XBgBgzWG1tWlmP3qftMEKLHaBrIDUi/6anlO5UIgxDU=
Subject key identifier:   D9:9F:9F:AF:6C:15:25:E9:E8:C2:51:EF:DA:9B:5D:AB:81:8C:33:B0
Authority key identifier: A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52
Certificate issuer:       /CN=a3feb410e07d088fb651b913749b81257e3b9952
Certificate serial:       0199FBEA9A781D2F4556E36D7EA75A22B70C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
Manifest number:          112C
Signing time:             Sun 19 Oct 2025 10:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:20 +0000
Files and hashes:         1: o_60EOB9CI-2UbkTdJuBJX47mVI.crl (hash: DCIL/HFnvFRJUIOnDBg0tQmKaYwstc9Qkm9l32vYu40=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:9a:78:1d:2f:45:56:e3:6d:7e:a7:5a:22:b7:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3feb410e07d088fb651b913749b81257e3b9952
        Validity
            Not Before: Oct 19 10:01:20 2025 GMT
            Not After : Oct 20 10:01:20 2025 GMT
        Subject: CN=d99f9faf6c1525e9e8c251efda9b5dab818c33b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:1f:f4:56:4a:bd:85:5f:e8:aa:f5:81:5f:ba:
                    0c:55:5a:46:0d:59:bc:ba:3c:b3:8d:e6:b3:77:ad:
                    d9:ec:38:10:15:34:cd:47:18:46:21:57:70:05:a2:
                    12:f2:a2:0a:73:f8:cf:6e:64:37:9e:2e:15:aa:d5:
                    94:8e:95:ab:65:a9:5c:b7:26:88:8e:8a:74:98:67:
                    20:9f:c3:a5:7e:9a:65:be:72:48:31:d7:e4:3c:10:
                    da:a6:b4:71:ce:35:82:c8:b9:b4:80:4e:06:f0:67:
                    10:b9:91:d7:ee:42:0f:28:00:78:b5:ef:3f:5b:6c:
                    51:21:3d:e5:bc:99:f4:b8:3f:d3:2a:7b:6f:8e:54:
                    70:d0:0c:2f:4f:eb:3d:4e:bb:64:d0:02:80:45:64:
                    9c:d2:78:b3:11:c9:eb:1e:e5:40:f3:52:19:f3:cd:
                    3b:2e:ca:36:d7:a5:4f:05:25:d6:0e:9d:3a:0e:f1:
                    d6:b8:f1:31:4f:64:20:89:a8:4b:f1:1e:32:72:41:
                    6f:11:d3:61:af:64:b3:e1:f3:97:53:a6:3d:dc:dc:
                    17:66:60:4d:f1:0e:7e:ea:dd:3d:90:80:d2:d5:08:
                    83:09:3a:fa:26:eb:07:e4:15:de:7c:80:43:8e:96:
                    b2:c2:d4:39:3c:3c:fe:b8:d0:a0:4a:13:1c:9d:db:
                    52:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:9F:9F:AF:6C:15:25:E9:E8:C2:51:EF:DA:9B:5D:AB:81:8C:33:B0
            X509v3 Authority Key Identifier:
                keyid:A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:01:b2:fc:fa:46:89:a0:1e:d3:03:29:9c:88:a1:de:d2:c2:
         bc:6b:3d:3c:f1:98:99:6b:41:a8:29:3c:e1:16:34:dc:36:a6:
         97:c0:98:c6:74:68:c5:65:da:6e:57:3d:39:5c:81:87:7e:e3:
         f9:d3:33:e1:90:ef:f3:6c:a8:76:63:c8:87:d3:2e:50:33:17:
         16:01:eb:0b:4a:82:1b:12:01:a3:ef:93:82:81:86:04:bd:b7:
         70:65:56:8b:ce:6f:d4:7b:5a:77:99:0e:0b:d5:38:35:58:71:
         73:27:d0:ff:e7:7e:07:91:fa:60:6f:3d:db:c4:e8:d6:e0:13:
         9c:43:45:93:15:2b:98:a4:d2:cf:7f:c6:6a:8f:58:9b:93:ff:
         45:cc:53:25:7f:fe:4c:6c:ac:f8:00:4c:68:92:27:01:60:22:
         20:ab:ae:d6:b0:1c:37:55:0c:26:96:63:ad:6a:fc:38:52:2d:
         1a:d7:f8:36:c0:d7:ed:ac:41:75:57:a1:2e:d2:a8:10:12:d9:
         be:fc:0f:9e:1a:75:58:f1:ed:53:d1:9f:e5:ae:7f:2c:6c:b9:
         9d:d9:14:b1:0a:7a:54:6a:60:a0:29:22:1f:13:d6:5c:2f:6d:
         cd:b1:c6:bd:ef:77:32:15:fd:26:0b:d8:ed:3b:e7:37:be:ba:
         f9:9a:b7:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76pp4HS9FVuNtfqdaIrcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZmViNDEwZTA3ZDA4OGZiNjUxYjkxMzc0OWI4MTI1N2Uz
Yjk5NTIwHhcNMjUxMDE5MTAwMTIwWhcNMjUxMDIwMTAwMTIwWjAzMTEwLwYDVQQD
EyhkOTlmOWZhZjZjMTUyNWU5ZThjMjUxZWZkYTliNWRhYjgxOGMzM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR/0Vkq9hV/oqvWBX7oMVVpGDVm8
ujyzjeazd63Z7DgQFTTNRxhGIVdwBaIS8qIKc/jPbmQ3ni4VqtWUjpWrZalctyaI
jop0mGcgn8OlfpplvnJIMdfkPBDaprRxzjWCyLm0gE4G8GcQuZHX7kIPKAB4te8/
W2xRIT3lvJn0uD/TKntvjlRw0AwvT+s9Trtk0AKARWSc0nizEcnrHuVA81IZ8807
Lso216VPBSXWDp06DvHWuPExT2QgiahL8R4yckFvEdNhr2Sz4fOXU6Y93NwXZmBN
8Q5+6t09kIDS1QiDCTr6JusH5BXefIBDjpaywtQ5PDz+uNCgShMcndtSLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmfn69sFSXp6MJR79qbXauBjDOwMB8GA1UdIwQY
MBaAFKP+tBDgfQiPtlG5E3SbgSV+O5lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMt
MjM0YjMyMmEwY2ZlLzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMtMjM0YjMyMmEwY2Zl
LzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaAGy/PpG
iaAe0wMpnIih3tLCvGs9PPGYmWtBqCk84RY03Daml8CYxnRoxWXablc9OVyBh37j
+dMz4ZDv82yodmPIh9MuUDMXFgHrC0qCGxIBo++TgoGGBL23cGVWi85v1Htad5kO
C9U4NVhxcyfQ/+d+B5H6YG8928To1uATnENFkxUrmKTSz3/Gao9Ym5P/RcxTJX/+
TGys+ABMaJInAWAiIKuu1rAcN1UMJpZjrWr8OFItGtf4NsDX7axBdVehLtKoEBLZ
vvwPnhp1WPHtU9Gf5a5/LGy5ndkUsQp6VGpgoCkiHxPWXC9tzbHGve93MhX9JgvY
7TvnN766+Zq3EA==
-----END CERTIFICATE-----