Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
File:                     97KiPZsF9XV53i8CRJtmYD4-Vzo.mft (raw, json)
Hash identifier:          roCNbXeYx/OKsILhM1/XPj6A2CYKgcr197giRu7CnB0=
Subject key identifier:   BC:7C:97:5B:46:AB:AF:9C:31:C0:59:34:CA:89:64:B1:BF:98:1C:C7
Authority key identifier: F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A
Certificate issuer:       /CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
Certificate serial:       019895FFC86CBB522077B3319848D2D2A88F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
Manifest number:          11DC
Signing time:             Sun 10 Aug 2025 22:00:24 +0000
Manifest this update:     Sun 10 Aug 2025 22:00:24 +0000
Manifest next update:     Mon 11 Aug 2025 22:00:24 +0000
Files and hashes:         1: 97KiPZsF9XV53i8CRJtmYD4-Vzo.crl (hash: 0IU/YjthrtubKezSkcb0GDr+iv7v9ZNG/PI9/8rUtno=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:95:ff:c8:6c:bb:52:20:77:b3:31:98:48:d2:d2:a8:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
        Validity
            Not Before: Aug 10 22:00:24 2025 GMT
            Not After : Aug 11 22:00:24 2025 GMT
        Subject: CN=bc7c975b46abaf9c31c05934ca8964b1bf981cc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:17:de:0a:7b:bc:4f:fc:ec:2e:36:99:3c:5a:
                    95:37:b4:ee:d8:57:b0:61:ed:e7:5f:81:1a:2d:91:
                    45:9e:22:dd:d9:ad:6e:29:43:5d:90:68:b0:d7:7f:
                    49:0d:91:20:59:d1:32:82:f7:01:e8:19:a2:23:57:
                    ec:9e:62:2e:14:ef:4d:db:48:f6:ed:7c:ae:db:7f:
                    59:d0:1b:39:61:ae:5d:e5:fb:cc:6c:6a:f1:a4:7b:
                    67:77:1b:64:3a:64:9b:6b:56:bf:ab:ed:c1:62:ad:
                    a9:83:7f:e3:b7:ac:2a:57:ca:cd:f6:5a:7e:fa:67:
                    ee:07:37:6f:1d:f4:aa:91:5e:82:83:a5:6d:b5:b4:
                    e8:4d:6d:bb:8a:1d:87:a6:06:0a:27:6a:34:4b:fd:
                    0c:89:bc:55:1a:6e:04:1c:5f:c8:cb:3a:45:90:d7:
                    cc:90:85:3b:37:47:b7:6a:35:81:dd:27:9d:fe:8d:
                    4e:7a:80:4c:b7:bd:1f:83:07:fa:e1:bc:9a:59:a3:
                    2d:95:3d:fe:e5:49:c0:99:b3:91:57:d3:9f:7c:02:
                    47:35:97:e9:38:a5:46:6d:03:5c:ab:a6:76:27:a1:
                    72:33:ae:3d:26:5d:c2:4c:92:10:bd:12:92:b0:31:
                    24:cd:fe:08:5e:fe:e3:08:56:2d:68:9a:4c:09:2b:
                    81:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:7C:97:5B:46:AB:AF:9C:31:C0:59:34:CA:89:64:B1:BF:98:1C:C7
            X509v3 Authority Key Identifier:
                keyid:F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:81:c2:2d:5c:f4:8f:14:f3:87:e4:80:e0:43:22:f8:bc:4e:
         b5:44:00:24:9e:2a:2f:11:ca:53:46:c2:f9:08:aa:55:38:b5:
         99:29:07:8f:d3:8f:8a:01:90:7c:0b:da:a1:2e:83:2f:7d:48:
         19:20:11:94:ee:e9:a8:22:6b:f7:ff:6c:69:a2:26:f0:eb:ce:
         cd:cb:b8:a8:c4:6b:b1:da:71:f2:85:4b:9d:b7:5a:23:41:d7:
         28:ed:b8:0f:77:00:13:83:d6:a6:b9:fc:30:26:33:45:1a:81:
         d1:0e:07:4b:1d:46:c4:ed:e9:88:b8:da:23:03:93:6c:f3:7d:
         92:1b:f3:25:b8:f9:0e:43:3d:7f:ec:cb:61:ed:fd:f3:43:a6:
         5e:39:6c:81:3f:52:43:d8:2d:8c:aa:91:34:f5:7e:aa:62:1e:
         ee:29:16:a8:4b:b3:52:92:d2:c6:32:14:c7:36:2e:7b:7a:bc:
         28:f5:f1:20:45:0e:fd:36:83:c0:94:fc:31:7f:ce:e5:bc:e1:
         ce:ed:a2:88:6f:ca:ee:20:77:37:50:26:35:0c:83:45:f6:e8:
         02:e0:d7:cc:a7:57:0d:01:2a:bc:3c:d9:bb:ba:c4:c1:bd:63:
         7b:f2:ea:bf:ad:71:09:50:98:20:f7:3a:08:7f:ca:93:5d:0e:
         8b:67:34:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiV/8hsu1Igd7MxmEjS0qiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjJhMjNkOWIwNWY1NzU3OWRlMmYwMjQ0OWI2NjYwM2Uz
ZTU3M2EwHhcNMjUwODEwMjIwMDI0WhcNMjUwODExMjIwMDI0WjAzMTEwLwYDVQQD
EyhiYzdjOTc1YjQ2YWJhZjljMzFjMDU5MzRjYTg5NjRiMWJmOTgxY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxfeCnu8T/zsLjaZPFqVN7Tu2Few
Ye3nX4EaLZFFniLd2a1uKUNdkGiw139JDZEgWdEygvcB6BmiI1fsnmIuFO9N20j2
7Xyu239Z0Bs5Ya5d5fvMbGrxpHtndxtkOmSba1a/q+3BYq2pg3/jt6wqV8rN9lp+
+mfuBzdvHfSqkV6Cg6VttbToTW27ih2HpgYKJ2o0S/0MibxVGm4EHF/IyzpFkNfM
kIU7N0e3ajWB3Sed/o1OeoBMt70fgwf64byaWaMtlT3+5UnAmbORV9OffAJHNZfp
OKVGbQNcq6Z2J6FyM649Jl3CTJIQvRKSsDEkzf4IXv7jCFYtaJpMCSuBUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLx8l1tGq6+cMcBZNMqJZLG/mBzHMB8GA1UdIwQY
MBaAFPeyoj2bBfV1ed4vAkSbZmA+Plc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMt
NWJlNmE3NTlmMzE4LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMtNWJlNmE3NTlmMzE4
LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjYHCLVz0
jxTzh+SA4EMi+LxOtUQAJJ4qLxHKU0bC+QiqVTi1mSkHj9OPigGQfAvaoS6DL31I
GSARlO7pqCJr9/9saaIm8OvOzcu4qMRrsdpx8oVLnbdaI0HXKO24D3cAE4PWprn8
MCYzRRqB0Q4HSx1GxO3piLjaIwOTbPN9khvzJbj5DkM9f+zLYe3980OmXjlsgT9S
Q9gtjKqRNPV+qmIe7ikWqEuzUpLSxjIUxzYue3q8KPXxIEUO/TaDwJT8MX/O5bzh
zu2iiG/K7iB3N1AmNQyDRfboAuDXzKdXDQEqvDzZu7rEwb1je/Lqv61xCVCYIPc6
CH/Kk10Oi2c07w==
-----END CERTIFICATE-----