Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
File:                     a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft (raw, json)
Hash identifier:          58Cecbu0AhAUFhsJCItO60Yivk3g6rnW2DwOJcsUe+Y=
Subject key identifier:   48:38:64:FA:98:D0:C8:2F:A6:33:C2:77:02:D3:C6:1C:00:E1:2B:6C
Authority key identifier: 6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB
Certificate issuer:       /CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
Certificate serial:       019A50E34647485A57B3B911CDABB625D81F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
Manifest number:          0313
Signing time:             Tue 04 Nov 2025 22:01:03 +0000
Manifest this update:     Tue 04 Nov 2025 22:01:03 +0000
Manifest next update:     Wed 05 Nov 2025 22:01:03 +0000
Files and hashes:         1: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl (hash: Sv+0aBu4aXL5KvaellnM6kcXb+jTkoDo7R+Si7pesQk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e3:46:47:48:5a:57:b3:b9:11:cd:ab:b6:25:d8:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
        Validity
            Not Before: Nov  4 22:01:03 2025 GMT
            Not After : Nov  5 22:01:03 2025 GMT
        Subject: CN=483864fa98d0c82fa633c27702d3c61c00e12b6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:01:8d:92:e6:97:6a:54:c3:44:be:58:7a:3d:
                    46:de:d7:a3:66:8c:99:ee:11:3f:a4:f8:91:36:9d:
                    e2:b7:2b:f0:65:6b:82:6f:0b:d4:72:77:6a:79:a6:
                    7e:66:b8:ff:a0:b7:2d:a8:5e:a1:5b:1d:74:4e:bb:
                    14:40:99:e3:df:9b:39:82:81:f4:05:a8:04:37:c8:
                    c3:bf:ad:bf:32:4d:cd:4e:9c:fc:35:06:96:8c:20:
                    1e:dc:0e:9b:28:57:41:ae:bc:11:a0:e7:f9:bb:3a:
                    4e:23:9d:2a:1c:7b:db:eb:cd:17:8b:44:80:93:df:
                    3c:b3:0d:39:7e:5d:a1:96:df:4e:ce:35:6e:2e:82:
                    50:6f:6c:7e:29:fa:fb:02:c6:92:92:b4:9a:88:cf:
                    58:82:1c:f6:bd:36:4b:3b:58:17:65:b2:02:2b:25:
                    c5:84:57:57:e8:48:d9:53:16:8e:05:2e:aa:d7:f0:
                    3b:40:14:40:36:93:66:3c:c8:06:1c:ee:81:28:91:
                    cd:97:42:41:8e:f4:b5:96:f2:30:31:f5:66:e4:2b:
                    e6:7e:c0:20:c9:6f:52:cb:e7:91:dc:68:5a:4b:32:
                    d7:84:e4:1c:4e:0f:cb:da:63:10:1c:d4:71:39:f7:
                    3d:e1:2f:85:36:27:0b:c3:96:6b:15:29:8e:50:e5:
                    54:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:38:64:FA:98:D0:C8:2F:A6:33:C2:77:02:D3:C6:1C:00:E1:2B:6C
            X509v3 Authority Key Identifier:
                keyid:6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:70:69:e0:bb:5a:e3:16:f3:b0:6d:30:bc:95:71:38:da:fe:
         99:d2:5e:14:1c:ea:f7:36:49:b3:85:b9:29:04:12:e9:0e:3b:
         16:11:00:5d:15:9c:42:e9:f2:31:e4:bd:f5:8c:a5:54:b7:06:
         07:0c:f3:44:5b:22:1b:dc:75:4f:eb:3c:d2:0f:f1:07:c8:93:
         be:0e:6b:f2:bf:69:54:1d:51:68:ac:07:00:59:c0:86:a6:92:
         f0:fd:80:3f:1d:eb:d0:03:d1:23:0a:b7:92:2c:92:73:10:0b:
         6b:4e:e6:7f:54:d4:8d:5a:2c:cc:01:ab:23:ad:8b:4f:00:6c:
         94:59:b6:f8:34:77:ba:7c:c9:2a:95:d3:88:96:c4:e5:e4:d6:
         a8:b6:3f:29:3b:3f:d9:60:2f:ac:01:58:eb:4f:00:11:ea:68:
         1e:01:03:25:d0:30:87:fe:13:26:05:3c:cb:8e:0c:08:69:24:
         39:1e:50:69:6c:cf:1e:21:25:f6:bd:44:00:e9:73:fc:27:f5:
         02:52:52:48:eb:5d:62:26:0e:0c:0c:f7:81:a0:35:b1:a1:53:
         38:35:fd:fa:5c:d8:1f:2d:fa:05:8b:10:ec:ee:73:1b:a9:37:
         a6:a9:23:d6:d7:2b:e8:67:9e:54:c4:ba:43:b1:7c:b8:85:4b:
         45:c4:eb:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ40ZHSFpXs7kRzau2JdgfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmEzNWNjMzBlYzMxMTY0MjBjMGZmMDRjNTllNDc5M2U5
MTkzZmIwHhcNMjUxMTA0MjIwMTAzWhcNMjUxMTA1MjIwMTAzWjAzMTEwLwYDVQQD
Eyg0ODM4NjRmYTk4ZDBjODJmYTYzM2MyNzcwMmQzYzYxYzAwZTEyYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgGNkuaXalTDRL5Yej1G3tejZoyZ
7hE/pPiRNp3ityvwZWuCbwvUcndqeaZ+Zrj/oLctqF6hWx10TrsUQJnj35s5goH0
BagEN8jDv62/Mk3NTpz8NQaWjCAe3A6bKFdBrrwRoOf5uzpOI50qHHvb680Xi0SA
k988sw05fl2hlt9OzjVuLoJQb2x+Kfr7AsaSkrSaiM9Yghz2vTZLO1gXZbICKyXF
hFdX6EjZUxaOBS6q1/A7QBRANpNmPMgGHO6BKJHNl0JBjvS1lvIwMfVm5CvmfsAg
yW9Sy+eR3GhaSzLXhOQcTg/L2mMQHNRxOfc94S+FNicLw5ZrFSmOUOVUPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEg4ZPqY0MgvpjPCdwLTxhwA4StsMB8GA1UdIwQY
MBaAFGtqNcww7DEWQgwP8ExZ5Hk+kZP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYt
NTFmYjgyZWZmM2Q2LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYtNTFmYjgyZWZmM2Q2
LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg3Bp4Lta
4xbzsG0wvJVxONr+mdJeFBzq9zZJs4W5KQQS6Q47FhEAXRWcQunyMeS99YylVLcG
BwzzRFsiG9x1T+s80g/xB8iTvg5r8r9pVB1RaKwHAFnAhqaS8P2APx3r0APRIwq3
kiyScxALa07mf1TUjVoszAGrI62LTwBslFm2+DR3unzJKpXTiJbE5eTWqLY/KTs/
2WAvrAFY608AEepoHgEDJdAwh/4TJgU8y44MCGkkOR5QaWzPHiEl9r1EAOlz/Cf1
AlJSSOtdYiYODAz3gaA1saFTODX9+lzYHy36BYsQ7O5zG6k3pqkj1tcr6GeeVMS6
Q7F8uIVLRcTrkA==
-----END CERTIFICATE-----