Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft
File:                     Zhao67AREZsvaVMn-xblH4hwRHk.mft (raw, json)
Hash identifier:          AGK9djOn9TL4rvOlU+YsPh1cOYwe7TreMiT/8n2yvKk=
Subject key identifier:   DC:FF:87:D5:FF:A3:2F:61:AC:F3:87:A2:24:C7:76:EA:20:D7:48:AB
Authority key identifier: 66:16:A8:EB:B0:11:11:9B:2F:69:53:27:FB:16:E5:1F:88:70:44:79
Certificate issuer:       /CN=6616a8ebb011119b2f695327fb16e51f88704479
Certificate serial:       0199FC8FC09712C7EAEC29DB3CCE681EF55C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft
Manifest number:          019E
Signing time:             Sun 19 Oct 2025 13:01:43 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:43 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:43 +0000
Files and hashes:         1: Zhao67AREZsvaVMn-xblH4hwRHk.crl (hash: vFbuCClO3rqGxmjeK/rthVtWWPHKx8W/K9celdpXhNk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:c0:97:12:c7:ea:ec:29:db:3c:ce:68:1e:f5:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6616a8ebb011119b2f695327fb16e51f88704479
        Validity
            Not Before: Oct 19 13:01:43 2025 GMT
            Not After : Oct 20 13:01:43 2025 GMT
        Subject: CN=dcff87d5ffa32f61acf387a224c776ea20d748ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:52:53:80:78:69:37:2d:70:6b:0f:ca:37:02:
                    db:27:ef:62:72:63:28:ae:70:3e:97:ea:1c:28:ab:
                    ad:aa:6a:95:0a:19:10:85:8a:4b:f1:56:a6:4e:b1:
                    63:8c:3d:30:3f:f2:0d:a4:06:56:a9:2a:96:5f:db:
                    9e:b7:5c:4c:7e:b7:cc:fc:56:06:b3:92:35:2f:17:
                    79:af:91:ee:50:9f:42:4e:85:e5:4b:a1:a8:aa:69:
                    f8:e8:c1:0f:2c:18:28:d1:61:8e:e5:30:75:92:40:
                    b8:a8:e8:54:f1:81:b8:84:1d:a2:fe:43:a1:94:0d:
                    86:75:31:18:c8:22:52:e5:eb:41:ce:b3:dc:55:fc:
                    f7:5e:83:af:ee:fe:38:2c:9d:24:ea:db:14:ac:80:
                    ef:52:d3:29:c1:78:01:5b:60:e0:1a:3a:b2:7e:53:
                    52:dd:c9:28:60:f8:d5:75:77:c9:ea:9b:ed:b6:dc:
                    a3:f7:86:9d:b0:c6:0d:db:38:1a:32:15:d3:9e:5b:
                    b4:71:93:af:94:ba:00:98:71:ee:02:bf:af:bb:e8:
                    9a:ef:8c:c5:53:e8:8b:be:74:90:1c:c9:14:28:fc:
                    6d:06:92:b7:12:9e:1a:4e:05:41:f8:c8:38:c4:0a:
                    c9:c8:93:81:15:87:91:8e:b2:61:fb:14:e5:65:3a:
                    d6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:FF:87:D5:FF:A3:2F:61:AC:F3:87:A2:24:C7:76:EA:20:D7:48:AB
            X509v3 Authority Key Identifier:
                keyid:66:16:A8:EB:B0:11:11:9B:2F:69:53:27:FB:16:E5:1F:88:70:44:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:0c:c0:5f:89:ab:3e:8b:5b:4b:c2:b6:69:fc:fd:53:70:e4:
         78:24:f7:b7:71:e2:d6:85:e5:9b:0f:20:4e:8f:91:cd:88:5e:
         99:df:34:e2:77:51:4b:c8:3e:a5:c4:f3:c7:5c:41:90:20:64:
         84:ef:7a:1f:4e:e8:c8:fe:f1:03:b9:c6:4a:30:25:c5:91:5e:
         c8:af:96:5b:53:6d:ed:90:cf:40:1c:67:9b:bb:c1:7f:64:14:
         7d:16:cf:5c:be:a5:32:b3:ea:95:26:f2:a0:c6:75:09:8e:6f:
         0b:d9:46:db:83:5f:82:fd:e9:18:fd:ac:7a:98:5f:37:c0:99:
         85:0a:d2:9a:1a:df:c9:cf:2f:5b:57:aa:33:dd:23:c8:5d:e7:
         b2:1e:c7:63:5e:23:6d:e5:bd:4c:70:cb:23:74:15:c2:38:b1:
         89:e3:d9:53:e3:56:43:a9:3b:0e:35:59:07:93:71:29:60:cd:
         ee:c2:c1:1f:cc:1e:db:b3:93:19:3b:41:60:66:33:13:ac:6a:
         89:1c:b0:c8:4c:1a:af:0c:50:6d:21:61:b9:b3:85:87:6a:bf:
         5a:a3:71:43:2f:3d:fe:52:fd:12:19:7c:e2:a3:c7:d0:a6:d7:
         d3:80:bf:07:d4:bc:52:64:2a:b8:b6:01:58:92:20:66:2f:d8:
         ba:91:4e:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j8CXEsfq7CnbPM5oHvVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTZhOGViYjAxMTExOWIyZjY5NTMyN2ZiMTZlNTFmODg3
MDQ0NzkwHhcNMjUxMDE5MTMwMTQzWhcNMjUxMDIwMTMwMTQzWjAzMTEwLwYDVQQD
EyhkY2ZmODdkNWZmYTMyZjYxYWNmMzg3YTIyNGM3NzZlYTIwZDc0OGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FJTgHhpNy1waw/KNwLbJ+9icmMo
rnA+l+ocKKutqmqVChkQhYpL8VamTrFjjD0wP/INpAZWqSqWX9uet1xMfrfM/FYG
s5I1Lxd5r5HuUJ9CToXlS6Goqmn46MEPLBgo0WGO5TB1kkC4qOhU8YG4hB2i/kOh
lA2GdTEYyCJS5etBzrPcVfz3XoOv7v44LJ0k6tsUrIDvUtMpwXgBW2DgGjqyflNS
3ckoYPjVdXfJ6pvtttyj94adsMYN2zgaMhXTnlu0cZOvlLoAmHHuAr+vu+ia74zF
U+iLvnSQHMkUKPxtBpK3Ep4aTgVB+Mg4xArJyJOBFYeRjrJh+xTlZTrWAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNz/h9X/oy9hrPOHoiTHduog10irMB8GA1UdIwQY
MBaAFGYWqOuwERGbL2lTJ/sW5R+IcER5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kY2Y0YTItYzM3NC00NTczLTk0MGEt
ZWQzZDI3MDU1MDIwLzEvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9kY2Y0YTItYzM3NC00NTczLTk0MGEtZWQzZDI3MDU1MDIw
LzEvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXwzAX4mr
PotbS8K2afz9U3DkeCT3t3Hi1oXlmw8gTo+RzYhemd804ndRS8g+pcTzx1xBkCBk
hO96H07oyP7xA7nGSjAlxZFeyK+WW1Nt7ZDPQBxnm7vBf2QUfRbPXL6lMrPqlSby
oMZ1CY5vC9lG24Nfgv3pGP2sephfN8CZhQrSmhrfyc8vW1eqM90jyF3nsh7HY14j
beW9THDLI3QVwjixiePZU+NWQ6k7DjVZB5NxKWDN7sLBH8we27OTGTtBYGYzE6xq
iRywyEwarwxQbSFhubOFh2q/WqNxQy89/lL9Ehl84qPH0KbX04C/B9S8UmQquLYB
WJIgZi/YupFOHQ==
-----END CERTIFICATE-----