Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
File:                     ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft (raw, json)
Hash identifier:          Ic3lYNu+URJ+gHxU2jSHupww/VtM13/VKl5gaYdAi7k=
Subject key identifier:   03:C9:8C:D3:B4:9A:DA:EC:9C:13:53:7D:76:F4:8E:A2:76:36:9F:9E
Authority key identifier: 65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57
Certificate issuer:       /CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
Certificate serial:       0198D515C8BBFF3AD0205459E92CC6CDAE4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
Manifest number:          FC
Signing time:             Sat 23 Aug 2025 04:00:31 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:31 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:31 +0000
Files and hashes:         1: ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl (hash: UQYQOkc6FVr71tXoPYG7BXpRbCwxZd6ePAa/BJQmT+U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:c8:bb:ff:3a:d0:20:54:59:e9:2c:c6:cd:ae:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
        Validity
            Not Before: Aug 23 04:00:31 2025 GMT
            Not After : Aug 24 04:00:31 2025 GMT
        Subject: CN=03c98cd3b49adaec9c13537d76f48ea276369f9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f3:5a:1e:91:a2:b6:db:23:2f:59:94:f1:49:
                    57:66:94:36:a0:fa:8f:1c:d1:73:a3:6a:9f:fe:3f:
                    a2:df:15:a3:35:bb:2d:09:4a:eb:0d:e5:ea:a6:39:
                    30:03:d2:5f:64:49:34:d0:fc:c1:f5:eb:bc:91:42:
                    5f:86:f7:17:c9:1c:8a:5b:bb:8d:2f:3a:26:54:da:
                    f4:dc:50:eb:50:0d:52:a4:8d:00:78:37:a8:77:4d:
                    66:ef:2e:d2:a8:00:b4:6c:a5:54:a2:d5:ad:98:41:
                    00:b5:a7:0f:bd:79:8f:1f:e8:8e:44:7b:3f:a1:0e:
                    84:a9:8b:2b:67:81:cc:cd:e7:33:19:77:f6:81:4b:
                    4e:67:ba:c6:e3:08:47:ba:80:b0:71:df:99:42:54:
                    12:43:8f:8f:55:5c:ec:91:b7:76:9d:01:79:9c:e8:
                    18:59:ed:84:db:b3:e5:ac:44:59:2c:d8:24:6a:c5:
                    b8:e6:0c:52:30:75:a5:cc:e6:6f:bd:d6:4d:a2:57:
                    cb:be:ca:45:72:4b:52:7e:73:78:74:5f:8e:b5:42:
                    a0:1a:49:1c:a8:17:20:06:22:c5:7f:0e:da:01:7c:
                    be:fd:b2:0c:cf:bc:4f:6b:98:68:a2:13:6f:29:e2:
                    42:93:a9:10:82:19:4b:9b:bd:fa:47:8d:2e:aa:1d:
                    04:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:C9:8C:D3:B4:9A:DA:EC:9C:13:53:7D:76:F4:8E:A2:76:36:9F:9E
            X509v3 Authority Key Identifier:
                keyid:65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:71:5f:02:16:c1:5c:d8:96:0e:b5:f8:5b:84:d9:d8:92:b9:
         de:05:55:66:2f:90:13:98:e8:28:63:a1:7c:83:7c:a8:a1:9d:
         64:2b:c9:42:d3:c7:5b:48:3d:df:32:f6:35:19:bd:b7:98:0c:
         cf:7c:d4:87:bf:a1:4c:70:b9:5b:91:e9:c8:89:e2:27:dc:26:
         90:aa:1b:8d:7d:5f:c2:48:f4:0a:d9:41:17:b3:65:00:4d:05:
         9f:3d:b9:a2:4b:a4:41:bf:de:a0:2d:c9:e0:50:bc:c8:65:93:
         28:c7:71:04:1a:0e:48:7d:04:29:30:72:22:49:7a:e0:f7:6f:
         89:c1:a3:15:d1:d2:d1:77:4b:c1:86:0d:e5:0d:d6:37:01:52:
         43:70:55:6c:4f:48:b3:80:c7:da:f3:b0:59:90:c7:3d:df:a5:
         99:60:b3:7d:92:b7:42:f4:e8:6d:6a:64:47:6c:09:aa:87:3a:
         51:86:8d:ae:f1:85:87:3f:13:78:43:4d:e1:b8:46:c3:2a:94:
         ec:38:e0:e6:18:d9:4a:55:08:94:e5:0d:5c:eb:43:4d:ae:ab:
         cd:a8:04:63:02:87:90:b0:49:b3:b2:0e:07:8e:9a:5a:b0:9a:
         1f:29:7a:47:a7:ac:4e:5a:4a:56:c4:77:df:35:54:19:f4:7c:
         ef:18:f1:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFci7/zrQIFRZ6SzGza5MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDA5MzIxNzJhYTJkMWM3N2M0YmI5ODM3MGFhYjNkZTZh
YzM0NTcwHhcNMjUwODIzMDQwMDMxWhcNMjUwODI0MDQwMDMxWjAzMTEwLwYDVQQD
EygwM2M5OGNkM2I0OWFkYWVjOWMxMzUzN2Q3NmY0OGVhMjc2MzY5ZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/NaHpGittsjL1mU8UlXZpQ2oPqP
HNFzo2qf/j+i3xWjNbstCUrrDeXqpjkwA9JfZEk00PzB9eu8kUJfhvcXyRyKW7uN
LzomVNr03FDrUA1SpI0AeDeod01m7y7SqAC0bKVUotWtmEEAtacPvXmPH+iORHs/
oQ6EqYsrZ4HMzeczGXf2gUtOZ7rG4whHuoCwcd+ZQlQSQ4+PVVzskbd2nQF5nOgY
We2E27PlrERZLNgkasW45gxSMHWlzOZvvdZNolfLvspFcktSfnN4dF+OtUKgGkkc
qBcgBiLFfw7aAXy+/bIMz7xPa5hoohNvKeJCk6kQghlLm736R40uqh0ErwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAPJjNO0mtrsnBNTfXb0jqJ2Np+eMB8GA1UdIwQY
MBaAFGXQkyFyqi0cd8S7mDcKqz3mrDRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMt
MWVkZGU2YzlkOTZhLzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMtMWVkZGU2YzlkOTZh
LzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMnFfAhbB
XNiWDrX4W4TZ2JK53gVVZi+QE5joKGOhfIN8qKGdZCvJQtPHW0g93zL2NRm9t5gM
z3zUh7+hTHC5W5HpyIniJ9wmkKobjX1fwkj0CtlBF7NlAE0Fnz25okukQb/eoC3J
4FC8yGWTKMdxBBoOSH0EKTByIkl64PdvicGjFdHS0XdLwYYN5Q3WNwFSQ3BVbE9I
s4DH2vOwWZDHPd+lmWCzfZK3QvTobWpkR2wJqoc6UYaNrvGFhz8TeENN4bhGwyqU
7Djg5hjZSlUIlOUNXOtDTa6rzagEYwKHkLBJs7IOB46aWrCaHyl6R6esTlpKVsR3
3zVUGfR87xjxVA==
-----END CERTIFICATE-----