Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
File:                     ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft (raw, json)
Hash identifier:          hI/WWA0dHuuLAP/2HyagcYWCKY8GHBZh8r7j29EwxVk=
Subject key identifier:   EB:7E:5D:87:1A:A9:D3:E9:94:71:1C:02:97:B9:E4:13:DF:ED:FB:2B
Authority key identifier: 65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57
Certificate issuer:       /CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
Certificate serial:       0199FC8F9F246FA95D7002E7AEB835117237
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
Manifest number:          0195
Signing time:             Sun 19 Oct 2025 13:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:34 +0000
Files and hashes:         1: ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl (hash: fPAoLnoYu6lugY8lL3e99Pu9/fagodXo+LsmUgRXnr4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:9f:24:6f:a9:5d:70:02:e7:ae:b8:35:11:72:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
        Validity
            Not Before: Oct 19 13:01:34 2025 GMT
            Not After : Oct 20 13:01:34 2025 GMT
        Subject: CN=eb7e5d871aa9d3e994711c0297b9e413dfedfb2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:26:83:1e:a0:02:82:c3:12:79:33:c6:38:29:
                    43:88:66:3c:7d:d4:08:ee:ae:aa:f1:af:d3:05:59:
                    ce:8a:b9:92:e4:7a:ff:93:8b:d0:fb:47:d5:94:d1:
                    9f:de:a5:83:34:66:6e:6d:dd:fc:ff:d5:19:c4:00:
                    db:61:6a:93:85:f3:6d:ef:69:5b:44:59:5c:9b:04:
                    ea:21:e7:ea:38:ed:88:ff:43:3f:b4:10:db:3a:bc:
                    fb:5a:2e:7f:75:ff:e5:1b:58:eb:e7:15:ab:e4:1d:
                    7a:2b:ed:b5:9d:aa:4a:fa:9f:e8:eb:5b:b0:b7:21:
                    e7:c9:e3:89:3e:57:c8:2b:63:4b:83:bf:9d:1e:aa:
                    43:b4:6a:e8:5a:23:e2:ff:f1:d3:2b:23:ab:65:1c:
                    9d:70:a8:07:71:40:75:63:89:af:f2:75:9b:94:83:
                    ed:c6:bc:ab:07:bc:cf:a4:02:ae:4b:e8:05:bc:78:
                    6e:bf:d2:50:59:dd:8f:91:e1:0d:3e:dd:60:f5:8a:
                    c6:38:df:85:89:56:30:64:8d:f8:68:2e:ea:d9:ef:
                    00:34:62:62:90:46:1a:0b:40:46:0c:39:c0:d4:29:
                    06:89:ac:1f:18:d8:9d:06:01:ae:9a:a6:b8:20:eb:
                    3f:dd:34:af:28:58:ea:b4:00:47:8f:b0:27:27:56:
                    ef:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:7E:5D:87:1A:A9:D3:E9:94:71:1C:02:97:B9:E4:13:DF:ED:FB:2B
            X509v3 Authority Key Identifier:
                keyid:65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:7a:cf:2d:f3:81:a6:cf:66:6e:e4:02:0b:0b:29:1d:79:e2:
         26:3d:dc:44:1e:4b:2e:4f:4a:95:d0:0b:a1:54:7c:86:ba:e4:
         ac:76:3d:75:7e:5d:95:a7:6c:a1:b2:f9:d3:ea:ea:9e:16:2f:
         e3:7d:87:83:ca:47:77:be:a2:89:75:62:13:df:ed:b9:68:ee:
         8f:e0:c0:7f:b6:2d:01:70:e7:ba:95:13:0d:4f:78:44:0e:e5:
         49:1c:ed:b2:f1:48:56:cd:20:3a:6b:1e:b1:76:d2:12:f6:11:
         08:d7:94:3b:98:7e:d8:03:46:d4:fd:c6:3f:ee:04:12:1d:3a:
         4f:be:b7:73:8c:79:e3:b4:4e:a7:92:51:d0:9e:f2:79:be:74:
         c4:ee:02:5b:20:3e:b5:7e:ef:68:8b:eb:18:fa:a3:04:cd:32:
         77:78:e0:28:78:50:89:4b:b1:84:fa:66:af:2b:c4:88:34:47:
         18:17:26:3d:c1:c7:1f:3c:39:38:7d:fb:84:89:e0:1b:71:82:
         58:c9:fa:30:74:0c:79:1c:59:3a:09:c6:b1:62:71:f3:62:48:
         83:af:ce:c7:e2:5d:aa:48:96:61:fa:63:6f:c6:0c:78:2e:ef:
         ef:b4:e1:e5:1d:89:db:95:03:8f:28:12:3d:93:38:9f:72:16:
         1e:86:74:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j58kb6ldcALnrrg1EXI3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDA5MzIxNzJhYTJkMWM3N2M0YmI5ODM3MGFhYjNkZTZh
YzM0NTcwHhcNMjUxMDE5MTMwMTM0WhcNMjUxMDIwMTMwMTM0WjAzMTEwLwYDVQQD
EyhlYjdlNWQ4NzFhYTlkM2U5OTQ3MTFjMDI5N2I5ZTQxM2RmZWRmYjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSaDHqACgsMSeTPGOClDiGY8fdQI
7q6q8a/TBVnOirmS5Hr/k4vQ+0fVlNGf3qWDNGZubd38/9UZxADbYWqThfNt72lb
RFlcmwTqIefqOO2I/0M/tBDbOrz7Wi5/df/lG1jr5xWr5B16K+21napK+p/o61uw
tyHnyeOJPlfIK2NLg7+dHqpDtGroWiPi//HTKyOrZRydcKgHcUB1Y4mv8nWblIPt
xryrB7zPpAKuS+gFvHhuv9JQWd2PkeENPt1g9YrGON+FiVYwZI34aC7q2e8ANGJi
kEYaC0BGDDnA1CkGiawfGNidBgGumqa4IOs/3TSvKFjqtABHj7AnJ1bvvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOt+XYcaqdPplHEcApe55BPf7fsrMB8GA1UdIwQY
MBaAFGXQkyFyqi0cd8S7mDcKqz3mrDRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMt
MWVkZGU2YzlkOTZhLzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMtMWVkZGU2YzlkOTZh
LzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdXrPLfOB
ps9mbuQCCwspHXniJj3cRB5LLk9KldALoVR8hrrkrHY9dX5dladsobL50+rqnhYv
432Hg8pHd76iiXViE9/tuWjuj+DAf7YtAXDnupUTDU94RA7lSRztsvFIVs0gOmse
sXbSEvYRCNeUO5h+2ANG1P3GP+4EEh06T763c4x547ROp5JR0J7yeb50xO4CWyA+
tX7vaIvrGPqjBM0yd3jgKHhQiUuxhPpmryvEiDRHGBcmPcHHHzw5OH37hIngG3GC
WMn6MHQMeRxZOgnGsWJx82JIg6/Ox+JdqkiWYfpjb8YMeC7v77Th5R2J25UDjygS
PZM4n3IWHoZ0sA==
-----END CERTIFICATE-----