Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          iTA94yqD21klHgnRqaTEocUk/1xadLFhKe670Y0n7ok=
Subject key identifier:   F6:EC:34:6A:50:1B:FE:63:AF:99:8F:A8:1D:B3:9C:C6:28:1D:54:3A
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       0199FC8F28A00DA673215F8A5428607389F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          154F
Signing time:             Sun 19 Oct 2025 13:01:04 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:04 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:04 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: BS5zR7PesnkKofG8iTdLs9oEEcVzng5pB8uVTNEwcJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:28:a0:0d:a6:73:21:5f:8a:54:28:60:73:89:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Oct 19 13:01:04 2025 GMT
            Not After : Oct 20 13:01:04 2025 GMT
        Subject: CN=f6ec346a501bfe63af998fa81db39cc6281d543a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:db:e7:0a:c7:be:12:94:f2:3b:b5:b5:f5:79:
                    c1:d6:17:37:9b:15:0d:f8:cf:18:b8:4c:39:ba:53:
                    05:e2:d6:54:34:04:08:3e:4d:33:b1:de:e9:e9:a3:
                    05:fa:43:62:bc:1e:53:28:aa:be:98:dc:63:6d:da:
                    ba:47:1e:79:64:32:d7:f0:f1:c7:82:11:09:25:10:
                    2e:c0:31:35:6e:d2:42:90:46:90:1d:04:10:81:74:
                    97:a7:12:af:4b:13:f3:88:f0:42:d7:04:73:c6:71:
                    a6:99:76:5a:84:0a:25:4d:49:ff:7b:d4:98:20:6a:
                    b0:5f:60:23:c9:df:f7:70:0a:e1:1c:74:e7:35:d2:
                    9d:9e:d5:7e:44:45:d3:dc:49:16:b0:9d:e3:f7:1b:
                    45:36:1b:96:87:ce:ca:26:63:67:aa:90:a1:54:11:
                    15:19:0c:51:37:6c:f0:6b:17:c3:d3:b0:69:ad:69:
                    d9:34:47:59:0d:4a:8e:56:e8:77:0a:7a:99:b7:9d:
                    5f:27:71:12:49:b7:5f:31:93:56:f8:ff:5c:a8:a3:
                    2f:d8:77:97:18:35:1e:0c:4f:cb:82:a4:bd:de:ef:
                    29:34:01:3d:19:a5:43:05:54:c6:fd:e7:99:51:70:
                    5a:0a:0c:42:f9:6d:54:a9:43:79:0c:63:2a:69:8f:
                    78:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:EC:34:6A:50:1B:FE:63:AF:99:8F:A8:1D:B3:9C:C6:28:1D:54:3A
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:f9:44:7f:ae:1f:df:2c:65:77:21:8e:33:08:c2:bf:97:08:
         28:cf:9c:22:ea:5f:f4:b9:8d:4f:3e:3d:a6:38:5f:26:7b:ce:
         93:cf:80:b8:78:f5:bc:b8:18:07:2a:2f:36:e3:9e:26:d6:9b:
         2d:85:88:4f:bf:7c:2f:12:4b:6f:93:b3:12:c6:ce:34:aa:bc:
         02:6a:e7:96:e9:bf:df:a7:3c:86:66:dd:00:ae:b2:75:b5:9d:
         a8:21:4e:9b:71:91:a4:f6:35:0a:eb:f9:af:dd:60:5b:f2:9f:
         3d:66:58:17:d2:83:11:05:20:15:fd:d8:52:3c:64:88:22:17:
         78:32:4a:6a:66:c2:b9:e0:a9:40:47:5c:cd:58:cb:05:ef:67:
         3a:b1:f6:da:11:eb:b1:59:ca:c3:31:dc:b4:92:76:f5:40:82:
         d6:3c:ef:4d:19:95:88:2d:07:30:00:fc:86:9d:f3:9c:9c:4c:
         ee:1b:27:60:c7:76:f1:93:af:ad:00:59:e4:9d:5d:89:1b:57:
         1e:36:7c:44:97:4d:3c:28:51:94:8f:0c:aa:00:c0:98:d7:e5:
         b5:44:3c:31:43:87:e7:a6:6f:cc:f9:05:92:69:8e:9f:69:6e:
         db:1a:8a:b4:6a:bf:b7:d2:85:fd:f4:19:95:13:f0:4c:5b:c1:
         1d:7d:97:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jyigDaZzIV+KVChgc4n2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUxMDE5MTMwMTA0WhcNMjUxMDIwMTMwMTA0WjAzMTEwLwYDVQQD
EyhmNmVjMzQ2YTUwMWJmZTYzYWY5OThmYTgxZGIzOWNjNjI4MWQ1NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9vnCse+EpTyO7W19XnB1hc3mxUN
+M8YuEw5ulMF4tZUNAQIPk0zsd7p6aMF+kNivB5TKKq+mNxjbdq6Rx55ZDLX8PHH
ghEJJRAuwDE1btJCkEaQHQQQgXSXpxKvSxPziPBC1wRzxnGmmXZahAolTUn/e9SY
IGqwX2Ajyd/3cArhHHTnNdKdntV+REXT3EkWsJ3j9xtFNhuWh87KJmNnqpChVBEV
GQxRN2zwaxfD07BprWnZNEdZDUqOVuh3CnqZt51fJ3ESSbdfMZNW+P9cqKMv2HeX
GDUeDE/LgqS93u8pNAE9GaVDBVTG/eeZUXBaCgxC+W1UqUN5DGMqaY94owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPbsNGpQG/5jr5mPqB2znMYoHVQ6MB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjPlEf64f
3yxldyGOMwjCv5cIKM+cIupf9LmNTz49pjhfJnvOk8+AuHj1vLgYByovNuOeJtab
LYWIT798LxJLb5OzEsbONKq8Amrnlum/36c8hmbdAK6ydbWdqCFOm3GRpPY1Cuv5
r91gW/KfPWZYF9KDEQUgFf3YUjxkiCIXeDJKambCueCpQEdczVjLBe9nOrH22hHr
sVnKwzHctJJ29UCC1jzvTRmViC0HMAD8hp3znJxM7hsnYMd28ZOvrQBZ5J1diRtX
HjZ8RJdNPChRlI8MqgDAmNfltUQ8MUOH56ZvzPkFkmmOn2lu2xqKtGq/t9KF/fQZ
lRPwTFvBHX2XBw==
-----END CERTIFICATE-----