Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
File:                     RZzMG7ARYGhoBts1qTNRshs-YNw.mft (raw, json)
Hash identifier:          3hXInrmuHX+swtfKFuJlFx1V5n+V5/yXs1L0bZbak1U=
Subject key identifier:   52:AB:F0:BB:F5:02:92:43:E5:91:77:53:96:FC:F7:EE:50:14:53:2E
Authority key identifier: 45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC
Certificate issuer:       /CN=459ccc1bb01160686806db35a93351b21b3e60dc
Certificate serial:       019A01114D0DE83568E612277A3273041043
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
Manifest number:          145A
Signing time:             Mon 20 Oct 2025 10:01:42 +0000
Manifest this update:     Mon 20 Oct 2025 10:01:42 +0000
Manifest next update:     Tue 21 Oct 2025 10:01:42 +0000
Files and hashes:         1: RZzMG7ARYGhoBts1qTNRshs-YNw.crl (hash: LST2ogVj9w5pz2jkSnPaHaotxGGm1dwIDaF82T9ZwAc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:11:4d:0d:e8:35:68:e6:12:27:7a:32:73:04:10:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=459ccc1bb01160686806db35a93351b21b3e60dc
        Validity
            Not Before: Oct 20 10:01:42 2025 GMT
            Not After : Oct 21 10:01:42 2025 GMT
        Subject: CN=52abf0bbf5029243e591775396fcf7ee5014532e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8d:c9:3b:61:d4:f9:34:aa:0e:92:7a:4d:81:
                    1c:8f:78:b0:ad:f8:3b:9c:f9:4b:51:ff:d7:a0:a5:
                    82:b3:96:f1:54:7d:bb:6b:f4:fe:33:b7:3e:06:e2:
                    e9:fb:cf:23:53:14:4f:b7:99:d2:32:04:e8:4c:3c:
                    90:bf:ce:cb:d2:1a:e9:1f:03:a7:aa:c6:e6:b1:6d:
                    20:e9:37:a7:9e:26:75:e5:f0:68:07:b4:d0:e0:ef:
                    42:79:65:7c:1d:9c:35:b2:5a:d0:50:45:cb:0f:38:
                    a9:47:9f:cd:cc:77:75:b2:5d:42:4d:d9:b1:d9:fa:
                    39:6a:25:dd:f5:47:57:44:be:60:27:bb:1d:cb:20:
                    9f:0d:d3:27:d0:c5:49:29:54:7b:22:c8:e7:c2:9f:
                    40:32:61:ab:73:98:d0:a6:8b:6a:01:01:cb:aa:4e:
                    a5:23:38:15:af:ee:28:3b:7d:3a:d9:29:a4:26:21:
                    37:13:c9:0c:e0:61:81:76:e3:21:6b:99:63:f8:54:
                    2b:38:48:0d:22:b6:05:2d:bf:91:bf:25:f1:5e:87:
                    e2:62:da:9f:a9:79:88:09:b4:02:46:7f:ee:65:3e:
                    83:08:9c:3d:08:cb:18:80:68:16:19:b5:47:3b:e2:
                    78:08:9a:5e:1b:76:29:31:e2:7c:78:fb:9c:73:08:
                    45:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:AB:F0:BB:F5:02:92:43:E5:91:77:53:96:FC:F7:EE:50:14:53:2E
            X509v3 Authority Key Identifier:
                keyid:45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:b6:ed:a0:c1:55:27:3d:88:d1:34:c9:43:b6:1e:65:66:23:
         18:5e:69:bb:45:72:16:be:d4:e1:26:22:e5:53:cd:f3:06:6a:
         9d:42:7f:3d:22:da:ac:05:19:36:66:29:e9:c7:9c:0b:1c:29:
         2c:e4:c5:72:27:6c:a6:06:4c:18:1e:ea:6e:0b:e2:c3:75:f9:
         73:38:a1:16:b8:55:1e:24:05:ad:f9:db:b7:c0:48:90:06:25:
         d3:25:86:18:23:d6:14:6c:42:8d:d7:89:2a:e0:75:3f:ac:40:
         9d:0f:d0:0a:b0:0c:6d:55:5d:a7:a4:96:bb:26:99:bb:d2:61:
         c7:8f:be:e6:44:53:dd:3d:03:a9:fc:8c:cd:00:5a:76:d4:52:
         1b:93:5e:de:77:17:21:3b:ba:79:83:6f:5e:38:3e:6e:88:14:
         56:58:ec:c8:b7:23:0d:49:11:42:67:e8:57:7e:73:55:09:3b:
         ef:cd:12:2f:a0:f9:af:c6:aa:5d:d7:3f:d6:9f:74:3d:bd:59:
         6a:9f:61:14:d5:2e:a4:31:95:5c:8d:65:4d:c5:05:3f:38:c0:
         e9:0c:1e:7c:2c:f9:04:4e:d0:00:88:e4:9a:21:83:bd:30:a0:
         cc:7d:5d:cd:98:48:05:a9:1d:7a:40:b2:ca:1e:c8:a6:d8:cd:
         c8:c9:1a:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBEU0N6DVo5hInejJzBBBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWNjYzFiYjAxMTYwNjg2ODA2ZGIzNWE5MzM1MWIyMWIz
ZTYwZGMwHhcNMjUxMDIwMTAwMTQyWhcNMjUxMDIxMTAwMTQyWjAzMTEwLwYDVQQD
Eyg1MmFiZjBiYmY1MDI5MjQzZTU5MTc3NTM5NmZjZjdlZTUwMTQ1MzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr43JO2HU+TSqDpJ6TYEcj3iwrfg7
nPlLUf/XoKWCs5bxVH27a/T+M7c+BuLp+88jUxRPt5nSMgToTDyQv87L0hrpHwOn
qsbmsW0g6TenniZ15fBoB7TQ4O9CeWV8HZw1slrQUEXLDzipR5/NzHd1sl1CTdmx
2fo5aiXd9UdXRL5gJ7sdyyCfDdMn0MVJKVR7Isjnwp9AMmGrc5jQpotqAQHLqk6l
IzgVr+4oO3062SmkJiE3E8kM4GGBduMha5lj+FQrOEgNIrYFLb+RvyXxXofiYtqf
qXmICbQCRn/uZT6DCJw9CMsYgGgWGbVHO+J4CJpeG3YpMeJ8ePuccwhFPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKr8Lv1ApJD5ZF3U5b89+5QFFMuMB8GA1UdIwQY
MBaAFEWczBuwEWBoaAbbNakzUbIbPmDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMt
NjQ3M2IwOTJhYWRkLzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMtNjQ3M2IwOTJhYWRk
LzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIrbtoMFV
Jz2I0TTJQ7YeZWYjGF5pu0VyFr7U4SYi5VPN8wZqnUJ/PSLarAUZNmYp6cecCxwp
LOTFcidspgZMGB7qbgviw3X5czihFrhVHiQFrfnbt8BIkAYl0yWGGCPWFGxCjdeJ
KuB1P6xAnQ/QCrAMbVVdp6SWuyaZu9Jhx4++5kRT3T0DqfyMzQBadtRSG5Ne3ncX
ITu6eYNvXjg+bogUVljsyLcjDUkRQmfoV35zVQk7780SL6D5r8aqXdc/1p90Pb1Z
ap9hFNUupDGVXI1lTcUFPzjA6QwefCz5BE7QAIjkmiGDvTCgzH1dzZhIBakdekCy
yh7IptjNyMkaug==
-----END CERTIFICATE-----