Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
File:                     r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json)
Hash identifier:          VOz+E4+BaGjN27gckew4tR+i5RugAGl8dcDTzYLkjr0=
Subject key identifier:   AA:B3:0A:47:AD:9A:26:5B:ED:54:B6:01:89:0B:5C:B5:5D:85:C5:CC
Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84
Certificate issuer:       /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
Certificate serial:       0199FCC629C3113EC60E184161DF560852B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
Manifest number:          0354
Signing time:             Sun 19 Oct 2025 14:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:09 +0000
Files and hashes:         1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: frAnqNn8EUsfYBnVp+ENU/v0wjux8AkROfhv8NT/KYU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 14:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:29:c3:11:3e:c6:0e:18:41:61:df:56:08:52:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
        Validity
            Not Before: Oct 19 14:01:09 2025 GMT
            Not After : Oct 20 14:01:09 2025 GMT
        Subject: CN=aab30a47ad9a265bed54b601890b5cb55d85c5cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:83:17:3c:3a:20:f2:61:f7:b4:79:63:25:e4:
                    80:0d:0a:8d:f4:c7:ed:5c:44:8d:32:87:00:2a:bf:
                    d0:d6:d1:2b:49:ab:21:a2:41:17:8e:e0:08:a8:54:
                    99:f1:32:bd:bb:4e:c1:df:29:ca:84:ed:e0:cb:68:
                    ad:f9:b5:a3:c9:d4:a0:68:b7:54:95:7b:8c:2a:5e:
                    24:36:d5:e5:4e:4c:87:9c:89:5f:e5:12:cf:34:2e:
                    f1:9d:ca:8a:c4:2f:d6:a7:7e:ec:93:64:cd:6f:d8:
                    99:78:e4:92:bf:81:a6:cc:02:62:97:a0:89:88:21:
                    4f:d1:2c:4c:88:8f:fc:aa:bc:fe:2f:dc:89:53:a6:
                    18:41:be:83:3f:99:92:e0:f4:66:ba:78:a4:36:cf:
                    6d:a0:1e:b6:e8:37:96:57:7c:cb:5e:91:6a:c5:bf:
                    5a:4c:7d:73:ba:ef:64:71:aa:ae:9a:cd:40:fb:03:
                    fb:dc:9a:eb:f9:55:3c:cb:66:be:55:36:86:a7:82:
                    60:3f:22:db:42:e1:f7:10:fd:ec:cc:bc:e8:87:4d:
                    f8:08:f3:33:8f:ed:bb:32:bf:11:ca:71:a3:e1:37:
                    d8:ba:92:47:bb:8c:3d:8b:3d:f1:dd:bf:c4:09:e2:
                    14:b8:a4:55:e3:c9:34:cf:10:da:58:d1:c6:6e:44:
                    0f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:B3:0A:47:AD:9A:26:5B:ED:54:B6:01:89:0B:5C:B5:5D:85:C5:CC
            X509v3 Authority Key Identifier:
                keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:b5:fd:ba:1c:62:6a:a1:65:6f:c8:0d:89:b0:33:fc:23:f8:
         05:16:4c:aa:b5:79:91:4f:ce:71:f0:89:a6:d2:a0:cd:93:f3:
         bc:ac:d3:bb:36:4a:6e:99:59:90:53:d4:75:44:e3:1d:de:82:
         27:b5:6c:8e:fb:98:20:19:b7:9b:ee:d6:38:cc:4a:f5:78:84:
         f8:6e:82:db:3b:90:78:65:15:2e:a3:a0:b5:91:22:61:63:a4:
         49:01:26:81:c1:9d:1b:f2:71:c8:98:15:84:3f:b5:5b:65:eb:
         a5:76:fd:db:eb:8f:b4:8c:81:5f:13:59:8c:b5:38:6e:eb:78:
         13:42:e1:1e:84:a7:a1:05:f5:5e:a2:5d:04:af:1d:85:da:fc:
         89:49:31:2f:06:87:d0:7c:89:fa:5c:62:d7:92:8f:52:f6:0a:
         27:3c:77:d8:82:1e:dd:8f:10:d0:b7:f2:c7:92:ea:20:1c:7d:
         d8:78:86:53:24:b1:fa:1c:94:43:db:22:43:72:47:b0:a0:02:
         c2:91:c9:b4:27:97:bc:a5:f2:73:b2:7f:59:e4:5a:fd:8f:ba:
         f5:be:d2:73:63:b1:9d:cf:4c:60:b9:02:0a:c3:0e:6d:b2:48:
         ef:12:50:65:20:f2:ae:b0:b1:55:58:e6:d5:20:01:52:95:f3:
         a6:a3:be:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xinDET7GDhhBYd9WCFK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz
NzU5ODQwHhcNMjUxMDE5MTQwMTA5WhcNMjUxMDIwMTQwMTA5WjAzMTEwLwYDVQQD
EyhhYWIzMGE0N2FkOWEyNjViZWQ1NGI2MDE4OTBiNWNiNTVkODVjNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoMXPDog8mH3tHljJeSADQqN9Mft
XESNMocAKr/Q1tErSashokEXjuAIqFSZ8TK9u07B3ynKhO3gy2it+bWjydSgaLdU
lXuMKl4kNtXlTkyHnIlf5RLPNC7xncqKxC/Wp37sk2TNb9iZeOSSv4GmzAJil6CJ
iCFP0SxMiI/8qrz+L9yJU6YYQb6DP5mS4PRmunikNs9toB626DeWV3zLXpFqxb9a
TH1zuu9kcaqums1A+wP73Jrr+VU8y2a+VTaGp4JgPyLbQuH3EP3szLzoh034CPMz
j+27Mr8RynGj4TfYupJHu4w9iz3x3b/ECeIUuKRV48k0zxDaWNHGbkQPbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKqzCketmiZb7VS2AYkLXLVdhcXMMB8GA1UdIwQY
MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct
NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4
LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAprX9uhxi
aqFlb8gNibAz/CP4BRZMqrV5kU/OcfCJptKgzZPzvKzTuzZKbplZkFPUdUTjHd6C
J7VsjvuYIBm3m+7WOMxK9XiE+G6C2zuQeGUVLqOgtZEiYWOkSQEmgcGdG/JxyJgV
hD+1W2XrpXb92+uPtIyBXxNZjLU4but4E0LhHoSnoQX1XqJdBK8dhdr8iUkxLwaH
0HyJ+lxi15KPUvYKJzx32IIe3Y8Q0Lfyx5LqIBx92HiGUySx+hyUQ9siQ3JHsKAC
wpHJtCeXvKXyc7J/WeRa/Y+69b7Sc2Oxnc9MYLkCCsMObbJI7xJQZSDyrrCxVVjm
1SABUpXzpqO+UA==
-----END CERTIFICATE-----