Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
File:                     a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft (raw, json)
Hash identifier:          N4FweueOiklP764OOw82UDL55wyI1ZJB9EpT6t9wVec=
Subject key identifier:   7A:40:4D:78:AF:6A:65:EC:46:68:E2:BC:A7:0C:D2:6D:C0:A7:47:6A
Authority key identifier: 6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB
Certificate issuer:       /CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
Certificate serial:       019A71B7BC355A5B075F6EAEDD06DB77DB57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
Manifest number:          0324
Signing time:             Tue 11 Nov 2025 07:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:57 +0000
Files and hashes:         1: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl (hash: jXvtaarU4IBBya55e2SruuPBM7QEmRRlOU6eQmrcKMY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:bc:35:5a:5b:07:5f:6e:ae:dd:06:db:77:db:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
        Validity
            Not Before: Nov 11 07:00:57 2025 GMT
            Not After : Nov 12 07:00:57 2025 GMT
        Subject: CN=7a404d78af6a65ec4668e2bca70cd26dc0a7476a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e0:63:05:41:dc:98:7a:63:15:89:ab:27:3a:
                    ef:99:07:57:ca:38:89:a8:1d:d7:cf:50:67:81:58:
                    3a:d2:fa:74:1a:b0:5d:ad:cd:f6:ef:59:cc:df:49:
                    e0:b2:f0:43:a2:8d:a2:a9:cf:81:ec:90:ac:0d:c0:
                    b8:41:2f:d2:ff:d4:b9:8d:cb:0a:c9:02:39:e2:0d:
                    0d:6b:d9:88:7d:f0:d5:12:3d:94:e1:bb:da:d0:5d:
                    62:81:1c:75:e4:a4:f0:f1:0e:89:64:96:2c:12:39:
                    42:61:83:0c:ef:04:12:45:c8:3b:1e:dd:39:3e:13:
                    4b:c7:aa:64:95:e8:7e:ca:9b:9c:fe:3f:cf:62:73:
                    ea:e0:39:c7:6d:8d:18:8b:78:ff:85:a6:a1:f4:39:
                    b2:fe:3f:28:5e:a5:0d:6b:8f:e0:d1:ed:d8:50:15:
                    f5:57:85:44:07:21:01:c1:03:8b:50:09:f1:35:16:
                    19:c1:75:3f:24:85:d2:56:3e:39:cf:7b:71:72:2c:
                    d6:e6:bf:38:ed:a6:ca:ff:04:47:0c:ff:08:3d:c1:
                    04:b6:63:91:7e:62:91:c1:81:f0:9a:fc:b1:3b:8f:
                    77:04:fe:a8:9c:0f:95:10:a7:28:36:ca:0e:df:d5:
                    0a:79:dc:2c:b7:97:19:72:b3:32:7a:b6:88:de:fe:
                    12:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:40:4D:78:AF:6A:65:EC:46:68:E2:BC:A7:0C:D2:6D:C0:A7:47:6A
            X509v3 Authority Key Identifier:
                keyid:6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:00:05:38:87:1e:fe:d6:f8:d8:dd:69:bf:8b:61:83:9a:9d:
         17:a4:85:ee:4b:c1:3a:ac:c9:a3:99:e7:5a:27:8d:67:f6:c6:
         af:62:ca:7e:c2:96:b7:36:3c:6b:72:57:41:b6:a3:a6:a7:dc:
         6a:99:70:ad:f5:fe:ee:1f:62:35:f2:92:78:44:71:7d:f7:7b:
         db:34:14:20:15:24:20:82:46:3b:f1:97:31:4c:db:16:4d:08:
         3d:95:55:83:c4:a0:7e:12:25:92:3b:31:a1:a5:7d:bd:b1:c9:
         a1:d0:af:b9:21:1e:dc:c1:9a:fa:07:b5:16:04:be:ed:73:6f:
         c9:d7:10:e2:1b:35:aa:a0:10:6c:1b:12:b4:3a:e6:01:1a:c9:
         76:f8:c0:2c:5b:a8:7c:6f:2d:ba:d0:58:2b:4e:eb:84:59:3f:
         71:9a:63:ad:0b:1a:d3:8d:85:b6:34:9b:f8:0f:18:e3:c9:ac:
         69:9a:cd:11:1e:ce:0b:12:1e:94:b6:a9:7c:8c:01:4f:66:5d:
         f1:89:3d:4a:ec:ba:de:0e:48:76:9f:07:c5:48:ec:29:de:42:
         af:0c:c5:9a:6c:9b:f4:20:25:a9:87:26:8d:b9:b4:79:e5:36:
         db:6a:80:c0:a1:61:99:b8:e7:30:fa:21:99:96:33:e6:1f:a3:
         d1:a8:f0:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt7w1WlsHX26u3Qbbd9tXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmEzNWNjMzBlYzMxMTY0MjBjMGZmMDRjNTllNDc5M2U5
MTkzZmIwHhcNMjUxMTExMDcwMDU3WhcNMjUxMTEyMDcwMDU3WjAzMTEwLwYDVQQD
Eyg3YTQwNGQ3OGFmNmE2NWVjNDY2OGUyYmNhNzBjZDI2ZGMwYTc0NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquBjBUHcmHpjFYmrJzrvmQdXyjiJ
qB3Xz1BngVg60vp0GrBdrc3271nM30ngsvBDoo2iqc+B7JCsDcC4QS/S/9S5jcsK
yQI54g0Na9mIffDVEj2U4bva0F1igRx15KTw8Q6JZJYsEjlCYYMM7wQSRcg7Ht05
PhNLx6pkleh+ypuc/j/PYnPq4DnHbY0Yi3j/haah9Dmy/j8oXqUNa4/g0e3YUBX1
V4VEByEBwQOLUAnxNRYZwXU/JIXSVj45z3txcizW5r847abK/wRHDP8IPcEEtmOR
fmKRwYHwmvyxO493BP6onA+VEKcoNsoO39UKedwst5cZcrMyeraI3v4S2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHpATXivamXsRmjivKcM0m3Ap0dqMB8GA1UdIwQY
MBaAFGtqNcww7DEWQgwP8ExZ5Hk+kZP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYt
NTFmYjgyZWZmM2Q2LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYtNTFmYjgyZWZmM2Q2
LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMQAFOIce
/tb42N1pv4thg5qdF6SF7kvBOqzJo5nnWieNZ/bGr2LKfsKWtzY8a3JXQbajpqfc
aplwrfX+7h9iNfKSeERxffd72zQUIBUkIIJGO/GXMUzbFk0IPZVVg8SgfhIlkjsx
oaV9vbHJodCvuSEe3MGa+ge1FgS+7XNvydcQ4hs1qqAQbBsStDrmARrJdvjALFuo
fG8tutBYK07rhFk/cZpjrQsa042FtjSb+A8Y48msaZrNER7OCxIelLapfIwBT2Zd
8Yk9Suy63g5Idp8HxUjsKd5CrwzFmmyb9CAlqYcmjbm0eeU222qAwKFhmbjnMPoh
mZYz5h+j0ajwIA==
-----END CERTIFICATE-----