Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
File:                     jzAoLIbxBGuTEkzycOEU5fAm_3M.mft (raw, json)
Hash identifier:          5vjGSE4Mhgh7FLwbAtBhBvELhN9Uza8Nfc/Mfvy6Ns4=
Subject key identifier:   B8:29:69:B7:D4:5A:62:D4:6A:C1:29:CD:D5:F0:C5:0F:3C:78:57:44
Authority key identifier: 8F:30:28:2C:86:F1:04:6B:93:12:4C:F2:70:E1:14:E5:F0:26:FF:73
Certificate issuer:       /CN=8f30282c86f1046b93124cf270e114e5f026ff73
Certificate serial:       019A18E199E3F7CB79063A945C68BE28CFE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
Manifest number:          10AF
Signing time:             Sat 25 Oct 2025 01:00:29 +0000
Manifest this update:     Sat 25 Oct 2025 01:00:29 +0000
Manifest next update:     Sun 26 Oct 2025 01:00:29 +0000
Files and hashes:         1: jzAoLIbxBGuTEkzycOEU5fAm_3M.crl (hash: uqm5qXEjYTSdsKuApU4lNOCfwUqIET/Hrfk5P0QUXBI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 26 Oct 2025 01:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:18:e1:99:e3:f7:cb:79:06:3a:94:5c:68:be:28:cf:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f30282c86f1046b93124cf270e114e5f026ff73
        Validity
            Not Before: Oct 25 01:00:29 2025 GMT
            Not After : Oct 26 01:00:29 2025 GMT
        Subject: CN=b82969b7d45a62d46ac129cdd5f0c50f3c785744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:54:7c:d5:ee:ec:29:9b:31:d8:dc:20:de:95:
                    e8:ad:71:63:d4:52:cd:72:f1:76:cf:93:68:98:75:
                    4e:56:6f:19:49:b2:cb:0d:8f:be:4d:96:75:26:d8:
                    43:58:79:34:ca:ef:75:4c:fd:2e:10:19:49:46:97:
                    09:3d:c6:e6:68:4e:88:a7:33:0f:15:2d:a2:0f:72:
                    32:ad:3f:6e:85:e7:87:3f:e2:cc:99:7e:95:71:ee:
                    9e:c2:c6:31:be:a3:e0:e9:4f:34:0f:5a:6c:63:b6:
                    48:34:fb:29:98:e9:55:8e:a8:85:a6:e8:50:f9:36:
                    37:38:ca:b6:30:da:16:da:ae:e6:e4:a9:56:5f:c9:
                    c2:f6:c1:db:6c:f0:74:a7:7f:62:e5:63:f1:b7:26:
                    49:c4:66:93:fa:49:ac:e0:58:7c:2d:82:7b:5b:20:
                    d8:eb:ea:c5:7b:aa:df:0a:d6:85:6d:80:a7:89:75:
                    9c:9b:f8:f4:79:0d:2c:65:cf:89:b1:e7:07:97:81:
                    c9:6b:07:a5:66:d0:c1:e0:85:b4:13:96:6a:93:5d:
                    cf:5e:bd:b2:5f:3b:17:56:3f:8e:8d:4b:ea:20:a0:
                    f0:09:ec:19:65:9c:17:d1:cb:65:1c:66:8c:1e:c0:
                    d2:c8:24:bf:02:a3:4c:93:97:38:7d:6b:36:52:69:
                    52:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:29:69:B7:D4:5A:62:D4:6A:C1:29:CD:D5:F0:C5:0F:3C:78:57:44
            X509v3 Authority Key Identifier:
                keyid:8F:30:28:2C:86:F1:04:6B:93:12:4C:F2:70:E1:14:E5:F0:26:FF:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:fb:c0:61:97:3f:7b:3a:2d:4e:a2:13:a8:d5:e2:ef:37:c3:
         2a:1a:2f:d6:84:65:af:93:cf:ac:a2:a6:62:5d:32:c3:05:85:
         e8:9f:40:78:ca:55:a4:4f:38:83:1e:83:0a:29:bd:31:a7:40:
         9b:9a:1a:ad:0a:53:f6:3b:db:a1:1b:ae:5e:e7:cf:32:f2:49:
         e6:2e:28:90:1f:97:04:ff:a3:07:27:3a:51:70:a2:be:b3:73:
         53:e5:38:24:06:37:b9:04:6b:f7:54:75:d8:da:6d:a1:f3:fe:
         ae:29:a0:43:60:69:18:12:45:b7:47:8c:af:09:39:5d:02:06:
         1b:0c:4b:e7:d6:ff:60:21:c8:32:b4:36:a9:2f:87:b3:71:93:
         07:01:12:f1:e8:f0:3a:9d:55:16:b5:b3:5c:ea:93:5c:a1:46:
         b8:33:9a:ce:91:7e:7f:de:52:dd:74:c4:08:69:a1:8f:9d:1f:
         ef:f1:cc:55:1a:d7:6f:5e:1f:fc:87:f6:1f:84:43:6c:1a:70:
         12:62:2a:70:f6:bf:b0:70:07:20:3b:c6:a2:69:9c:87:c6:c5:
         84:b0:99:30:3f:2f:1d:37:ee:cc:f3:61:65:54:a8:b1:2c:bd:
         04:9c:76:12:30:bb:d1:97:2a:c8:c1:ad:ed:47:72:ff:3b:cf:
         81:13:64:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoY4Znj98t5BjqUXGi+KM/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzAyODJjODZmMTA0NmI5MzEyNGNmMjcwZTExNGU1ZjAy
NmZmNzMwHhcNMjUxMDI1MDEwMDI5WhcNMjUxMDI2MDEwMDI5WjAzMTEwLwYDVQQD
EyhiODI5NjliN2Q0NWE2MmQ0NmFjMTI5Y2RkNWYwYzUwZjNjNzg1NzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VR81e7sKZsx2Nwg3pXorXFj1FLN
cvF2z5NomHVOVm8ZSbLLDY++TZZ1JthDWHk0yu91TP0uEBlJRpcJPcbmaE6IpzMP
FS2iD3IyrT9uheeHP+LMmX6Vce6ewsYxvqPg6U80D1psY7ZINPspmOlVjqiFpuhQ
+TY3OMq2MNoW2q7m5KlWX8nC9sHbbPB0p39i5WPxtyZJxGaT+kms4Fh8LYJ7WyDY
6+rFe6rfCtaFbYCniXWcm/j0eQ0sZc+JsecHl4HJawelZtDB4IW0E5Zqk13PXr2y
XzsXVj+OjUvqIKDwCewZZZwX0ctlHGaMHsDSyCS/AqNMk5c4fWs2UmlS0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgpabfUWmLUasEpzdXwxQ88eFdEMB8GA1UdIwQY
MBaAFI8wKCyG8QRrkxJM8nDhFOXwJv9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82Y2Q3OTgtMzFkNC00NDc4LTk5NjIt
Zjk4Nzk2ZjUxMDIyLzEvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82Y2Q3OTgtMzFkNC00NDc4LTk5NjItZjk4Nzk2ZjUxMDIy
LzEvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuvvAYZc/
ezotTqITqNXi7zfDKhov1oRlr5PPrKKmYl0ywwWF6J9AeMpVpE84gx6DCim9MadA
m5oarQpT9jvboRuuXufPMvJJ5i4okB+XBP+jByc6UXCivrNzU+U4JAY3uQRr91R1
2NptofP+rimgQ2BpGBJFt0eMrwk5XQIGGwxL59b/YCHIMrQ2qS+Hs3GTBwES8ejw
Op1VFrWzXOqTXKFGuDOazpF+f95S3XTECGmhj50f7/HMVRrXb14f/If2H4RDbBpw
EmIqcPa/sHAHIDvGommch8bFhLCZMD8vHTfuzPNhZVSosSy9BJx2EjC70ZcqyMGt
7Udy/zvPgRNkRQ==
-----END CERTIFICATE-----