Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
File:                     97KiPZsF9XV53i8CRJtmYD4-Vzo.mft (raw, json)
Hash identifier:          yJ5pLWi0zcwxOY97kk1PvgY/m30gzawMfTORTYdldhw=
Subject key identifier:   DD:0F:B1:09:5D:ED:47:84:4E:C9:D7:31:79:96:C9:7C:23:04:90:7F
Authority key identifier: F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A
Certificate issuer:       /CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
Certificate serial:       019A7301A3652D84C368CF12EE78BB2A9FD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
Manifest number:          12D3
Signing time:             Tue 11 Nov 2025 13:01:18 +0000
Manifest this update:     Tue 11 Nov 2025 13:01:18 +0000
Manifest next update:     Wed 12 Nov 2025 13:01:18 +0000
Files and hashes:         1: 97KiPZsF9XV53i8CRJtmYD4-Vzo.crl (hash: 7tzLocpl93q30l8tKsuu9dlnh95YYZMbyzcfdiLMaV8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:a3:65:2d:84:c3:68:cf:12:ee:78:bb:2a:9f:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
        Validity
            Not Before: Nov 11 13:01:18 2025 GMT
            Not After : Nov 12 13:01:18 2025 GMT
        Subject: CN=dd0fb1095ded47844ec9d7317996c97c2304907f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8d:e0:1a:c7:10:d9:fd:f2:30:db:56:8d:c3:
                    34:c3:e2:d3:75:db:98:2d:41:c1:ec:6b:d5:55:fd:
                    a3:b0:6b:47:f7:c0:20:ca:f4:14:90:c8:4d:64:91:
                    f6:4e:74:1a:d1:b9:16:aa:b4:2e:2e:93:e6:d6:4b:
                    a1:0f:1d:7d:f8:88:dd:07:aa:5f:15:aa:f7:b4:0d:
                    ae:1a:2d:e2:44:dc:d9:7e:e9:9f:24:85:0c:a4:c8:
                    f3:f6:86:b5:26:73:7b:ac:79:b7:89:5a:b0:c4:16:
                    08:0a:30:bc:08:c7:f4:ea:fa:47:95:db:ed:86:ac:
                    01:90:a1:9e:06:a4:78:40:29:35:9b:a9:d1:ae:18:
                    a7:95:8d:b9:06:3a:1e:fd:7e:38:aa:1a:4a:76:27:
                    8a:6b:78:38:7f:8c:32:d6:5b:4f:28:68:16:f9:d4:
                    e3:37:91:34:3c:46:d9:06:86:79:9e:dc:b5:93:5a:
                    b9:84:84:e2:24:6e:c0:ca:b3:b8:ea:e8:16:4b:af:
                    a6:be:04:d3:76:dd:fa:89:0e:85:00:de:66:5c:d8:
                    4b:46:b9:00:4c:3c:3c:a9:ea:59:10:0f:c9:8a:22:
                    1a:b1:bd:4f:d0:8e:58:80:54:ad:8c:67:ec:da:71:
                    fb:3b:bb:42:03:86:b2:ae:60:12:cc:d1:e1:a4:dd:
                    d6:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:0F:B1:09:5D:ED:47:84:4E:C9:D7:31:79:96:C9:7C:23:04:90:7F
            X509v3 Authority Key Identifier:
                keyid:F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:c8:38:2a:8c:99:6e:de:d6:30:be:fc:9e:64:42:51:fe:ff:
         8c:90:e2:a5:a7:fb:64:75:b4:97:95:3b:c1:3c:b0:b3:bb:80:
         b0:b7:68:2a:ac:bb:c5:da:60:b9:06:be:46:3e:a4:a1:83:2c:
         8f:02:39:63:dc:e0:68:07:cf:89:4a:a6:2b:fe:1f:67:f7:4e:
         be:9b:3d:ff:19:2c:23:1a:b5:26:e4:f2:17:89:18:c2:3b:0d:
         00:35:cf:02:55:8e:cf:73:00:1f:7e:12:19:95:6d:b5:a3:fa:
         40:3a:97:eb:a2:48:96:35:f6:98:b2:a1:db:65:d6:a0:f8:bf:
         84:ac:d0:25:dc:26:23:3c:69:c6:db:3f:8e:08:e3:d2:61:56:
         b3:21:ac:1e:b0:04:b8:b2:99:38:e8:fa:2b:64:1b:75:0b:89:
         2c:2b:a7:42:d8:d9:ac:59:7b:14:58:de:dd:70:23:de:3b:09:
         ee:30:f7:11:cf:0e:55:58:e7:9f:f5:4b:db:0a:15:99:35:77:
         34:88:ec:93:fc:24:db:e2:58:cb:99:5d:2e:ad:2d:9a:4d:d8:
         6d:c0:43:41:20:cf:10:0a:10:98:e6:5b:ce:c8:c6:6c:ea:84:
         34:51:96:7d:11:04:17:a1:f3:40:4c:10:5a:32:be:cf:92:b3:
         5a:c6:01:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAaNlLYTDaM8S7ni7Kp/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjJhMjNkOWIwNWY1NzU3OWRlMmYwMjQ0OWI2NjYwM2Uz
ZTU3M2EwHhcNMjUxMTExMTMwMTE4WhcNMjUxMTEyMTMwMTE4WjAzMTEwLwYDVQQD
EyhkZDBmYjEwOTVkZWQ0Nzg0NGVjOWQ3MzE3OTk2Yzk3YzIzMDQ5MDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo3gGscQ2f3yMNtWjcM0w+LTdduY
LUHB7GvVVf2jsGtH98AgyvQUkMhNZJH2TnQa0bkWqrQuLpPm1kuhDx19+IjdB6pf
Far3tA2uGi3iRNzZfumfJIUMpMjz9oa1JnN7rHm3iVqwxBYICjC8CMf06vpHldvt
hqwBkKGeBqR4QCk1m6nRrhinlY25Bjoe/X44qhpKdieKa3g4f4wy1ltPKGgW+dTj
N5E0PEbZBoZ5nty1k1q5hITiJG7AyrO46ugWS6+mvgTTdt36iQ6FAN5mXNhLRrkA
TDw8qepZEA/JiiIasb1P0I5YgFStjGfs2nH7O7tCA4ayrmASzNHhpN3W0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0PsQld7UeETsnXMXmWyXwjBJB/MB8GA1UdIwQY
MBaAFPeyoj2bBfV1ed4vAkSbZmA+Plc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMt
NWJlNmE3NTlmMzE4LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMtNWJlNmE3NTlmMzE4
LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALsg4KoyZ
bt7WML78nmRCUf7/jJDipaf7ZHW0l5U7wTyws7uAsLdoKqy7xdpguQa+Rj6koYMs
jwI5Y9zgaAfPiUqmK/4fZ/dOvps9/xksIxq1JuTyF4kYwjsNADXPAlWOz3MAH34S
GZVttaP6QDqX66JIljX2mLKh22XWoPi/hKzQJdwmIzxpxts/jgjj0mFWsyGsHrAE
uLKZOOj6K2QbdQuJLCunQtjZrFl7FFje3XAj3jsJ7jD3Ec8OVVjnn/VL2woVmTV3
NIjsk/wk2+JYy5ldLq0tmk3YbcBDQSDPEAoQmOZbzsjGbOqENFGWfREEF6HzQEwQ
WjK+z5KzWsYBgg==
-----END CERTIFICATE-----