Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          AFrKFFTx1IpNF1BF/+qIfz3xLJiGkwUaQt+fVSK7A5Q=
Subject key identifier:   90:BD:67:62:25:68:A8:6D:78:25:07:5D:75:E8:6F:64:CF:20:AA:8F
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       0198D515A3666E31D4502DEBAD6BC5AC1CEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          14B6
Signing time:             Sat 23 Aug 2025 04:00:21 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:21 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:21 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: A02WJ8tJRahfiDrjFMmWRj1QsFNJkKx8eLYjCJ9xpAc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:a3:66:6e:31:d4:50:2d:eb:ad:6b:c5:ac:1c:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Aug 23 04:00:21 2025 GMT
            Not After : Aug 24 04:00:21 2025 GMT
        Subject: CN=90bd67622568a86d7825075d75e86f64cf20aa8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:62:d3:79:eb:e6:3b:00:95:0e:6e:09:f1:9c:
                    dc:46:1c:8f:e7:2b:67:98:67:05:ef:39:52:fc:b5:
                    e6:c1:25:b1:30:6f:17:8f:c3:fe:6e:a4:83:1b:4e:
                    68:7c:f6:00:83:09:61:83:a7:d2:43:ce:f2:34:20:
                    37:09:3b:2a:48:1a:e9:f4:86:cd:8e:90:ed:e1:ed:
                    bd:1d:72:8d:0d:bc:14:3f:cf:ce:ff:df:b8:00:40:
                    b2:af:23:da:0c:7a:15:7d:7d:9d:d4:0a:7f:da:e2:
                    c6:a2:f9:0f:61:de:81:e2:44:49:e6:9b:43:b8:04:
                    a9:cd:96:8c:b7:8a:40:53:67:91:8e:7d:4b:2e:cc:
                    43:aa:9c:f6:79:b3:b5:f0:0c:1d:7a:13:54:76:5b:
                    05:80:71:dd:ed:c5:52:ef:16:32:88:94:81:60:9f:
                    1b:b0:8d:ee:df:c6:5a:a8:4d:da:af:0d:c6:ce:b7:
                    40:bb:e3:94:87:4e:9a:50:a7:f5:f5:97:79:08:c4:
                    de:5f:e7:8d:d3:a3:9f:65:cd:da:56:0f:7c:cd:ca:
                    d4:6a:19:2a:cd:bd:50:9e:f2:72:a1:0f:08:51:13:
                    5a:2e:3f:8e:2c:d5:30:da:60:2b:d7:ac:f8:3f:d4:
                    9d:75:48:fa:7f:22:3f:8f:dd:59:33:7a:9f:23:23:
                    19:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:BD:67:62:25:68:A8:6D:78:25:07:5D:75:E8:6F:64:CF:20:AA:8F
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:af:dc:bf:4e:c5:b2:b6:78:a7:4f:30:f5:14:05:44:da:ea:
         2e:2c:a2:27:bd:3c:57:8c:f6:76:61:cd:d2:1c:c5:d0:e6:0a:
         0f:39:e3:10:7e:d0:6a:a5:3d:89:fc:cf:96:96:c4:ca:f3:58:
         80:b1:6c:93:ce:30:98:15:f2:8b:ab:b8:9a:50:09:fe:b7:0b:
         bf:5d:c4:51:9b:cd:0c:d2:93:04:31:9d:ba:bd:2a:8f:2c:cc:
         95:38:d3:97:43:43:f8:59:6f:ee:ea:1d:07:53:4f:90:f4:5e:
         eb:7d:b7:8f:46:91:2b:3f:51:52:bf:a4:c9:97:46:a9:49:79:
         01:8e:ab:56:e1:c2:d9:54:a6:af:87:dc:b1:75:56:1f:a8:77:
         6f:a8:e7:6e:f2:4f:76:09:94:a8:18:da:37:0d:0d:a0:f9:30:
         5b:02:24:c2:ed:9c:03:cc:3d:ed:c6:a2:a7:1e:f4:49:bb:9f:
         5c:99:70:d9:22:1f:db:91:c2:0f:91:78:4c:9b:4f:6e:e7:0a:
         b3:ef:4d:f1:fc:5d:11:e3:44:dc:13:f8:4b:27:5e:d3:31:3c:
         dd:2a:bd:ba:3f:de:58:77:e3:d4:28:92:5c:3d:0a:97:95:dc:
         fd:d3:73:f1:5b:a1:26:b6:68:72:c5:e3:f2:4c:4a:91:42:4e:
         8e:de:ec:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFaNmbjHUUC3rrWvFrBzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUwODIzMDQwMDIxWhcNMjUwODI0MDQwMDIxWjAzMTEwLwYDVQQD
Eyg5MGJkNjc2MjI1NjhhODZkNzgyNTA3NWQ3NWU4NmY2NGNmMjBhYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmLTeevmOwCVDm4J8ZzcRhyP5ytn
mGcF7zlS/LXmwSWxMG8Xj8P+bqSDG05ofPYAgwlhg6fSQ87yNCA3CTsqSBrp9IbN
jpDt4e29HXKNDbwUP8/O/9+4AECyryPaDHoVfX2d1Ap/2uLGovkPYd6B4kRJ5ptD
uASpzZaMt4pAU2eRjn1LLsxDqpz2ebO18AwdehNUdlsFgHHd7cVS7xYyiJSBYJ8b
sI3u38ZaqE3arw3GzrdAu+OUh06aUKf19Zd5CMTeX+eN06OfZc3aVg98zcrUahkq
zb1QnvJyoQ8IURNaLj+OLNUw2mAr16z4P9SddUj6fyI/j91ZM3qfIyMZlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJC9Z2IlaKhteCUHXXXob2TPIKqPMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADq/cv07F
srZ4p08w9RQFRNrqLiyiJ708V4z2dmHN0hzF0OYKDznjEH7QaqU9ifzPlpbEyvNY
gLFsk84wmBXyi6u4mlAJ/rcLv13EUZvNDNKTBDGdur0qjyzMlTjTl0ND+Flv7uod
B1NPkPRe6323j0aRKz9RUr+kyZdGqUl5AY6rVuHC2VSmr4fcsXVWH6h3b6jnbvJP
dgmUqBjaNw0NoPkwWwIkwu2cA8w97caipx70SbufXJlw2SIf25HCD5F4TJtPbucK
s+9N8fxdEeNE3BP4Syde0zE83Sq9uj/eWHfj1CiSXD0Kl5Xc/dNz8VuhJrZocsXj
8kxKkUJOjt7sWQ==
-----END CERTIFICATE-----