Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          5vZRwsIMbkFfUUsnazVrpFQ31NS8KUQCcSUxEPQsAfk=
Subject key identifier:   F8:65:A7:7E:84:95:08:2A:7E:FC:FA:87:93:DE:96:51:DF:37:E0:17
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       0199FCC64EDB6D06A3B70AC2199BC1DBFA13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 14:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:18 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: js0XGffXFY2SqzttFSIfDrIDYiElyAuDKeIi/8K0KYQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:4e:db:6d:06:a3:b7:0a:c2:19:9b:c1:db:fa:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: Oct 19 14:01:18 2025 GMT
            Not After : Oct 20 14:01:18 2025 GMT
        Subject: CN=f865a77e8495082a7efcfa8793de9651df37e017
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:59:e4:b2:23:09:ea:2a:2c:40:a7:cf:a3:c6:
                    ef:46:9f:4a:68:3b:e1:94:cf:ee:5a:24:42:3f:83:
                    45:e4:9a:fd:9e:3a:44:e2:94:ae:64:d0:c9:34:91:
                    1c:14:10:96:cb:84:a3:32:58:ed:a8:0d:f7:cc:36:
                    b5:e0:80:32:91:a2:1f:4c:47:f0:97:e3:7a:b9:77:
                    84:86:e9:f4:69:fd:7e:3e:86:b9:72:6b:2b:41:f9:
                    15:2e:ee:fb:53:ae:69:27:11:93:3b:c1:74:78:9b:
                    c5:e2:3a:5f:cb:00:79:00:e1:0a:30:ba:80:a0:63:
                    7e:07:e8:8d:8b:0e:02:a4:7e:65:2b:88:cb:c0:c1:
                    fc:c5:63:e1:6a:7a:e0:7a:7e:34:d3:b6:3b:a0:76:
                    61:87:4c:ae:bc:4d:39:c2:59:ac:80:4a:f1:cd:06:
                    45:45:f1:9a:c1:5f:3f:41:24:2c:00:d0:5e:8e:01:
                    aa:7a:9b:03:79:d5:c3:b4:04:92:d7:d1:24:1f:cf:
                    10:b6:a9:10:a5:0c:5b:e5:7f:3c:41:52:a1:93:ba:
                    33:d3:0f:c3:74:5b:52:f8:99:f1:6c:a3:d0:0a:25:
                    4a:2f:b3:90:86:02:ac:46:be:13:fa:9d:ef:32:7f:
                    47:35:c2:fe:25:01:22:ec:d8:dc:ee:c3:fd:bc:d1:
                    ca:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:65:A7:7E:84:95:08:2A:7E:FC:FA:87:93:DE:96:51:DF:37:E0:17
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ca:00:dd:63:6d:17:c8:51:c1:5d:8c:34:e8:ed:21:ed:23:09:
         07:2b:96:32:c6:62:9f:ed:a2:9e:80:73:e5:18:36:bd:95:fd:
         3d:cb:49:0b:c6:dd:a2:7f:9d:8e:df:08:a9:2e:52:aa:4e:26:
         05:52:b4:db:9b:8d:b6:79:4f:24:32:e3:c7:d1:ae:81:38:34:
         ba:f6:00:ef:07:22:06:c1:60:26:35:d3:c3:dd:74:06:33:32:
         c9:48:93:22:cc:62:7b:ed:11:8a:b0:cc:94:0c:26:14:51:97:
         a5:b6:b7:b1:61:de:01:1b:a9:54:26:dc:37:a2:e5:96:e4:cd:
         f6:d8:70:86:0c:ff:8b:da:9f:38:54:29:34:f0:0f:71:7e:0f:
         3d:08:fb:fa:e5:8d:63:60:66:27:22:45:d1:c8:96:8e:6b:c4:
         00:d9:20:a9:7b:4a:ef:c2:15:c8:80:65:bf:87:e0:9d:d6:b1:
         48:9a:cf:c0:15:6a:ce:dd:f8:df:fe:64:80:f3:96:9e:89:f2:
         c7:30:20:be:cf:d7:7a:d4:29:81:9a:79:b7:da:03:2f:cb:bb:
         00:08:63:5e:36:de:b1:d2:a7:21:b4:00:a6:05:31:cf:5b:57:
         36:30:01:7a:2c:6b:ce:fe:3b:93:bc:7c:e0:e4:1d:f4:99:4c:
         b0:8f:3a:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xk7bbQajtwrCGZvB2/oTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjUxMDE5MTQwMTE4WhcNMjUxMDIwMTQwMTE4WjAzMTEwLwYDVQQD
EyhmODY1YTc3ZTg0OTUwODJhN2VmY2ZhODc5M2RlOTY1MWRmMzdlMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVnksiMJ6iosQKfPo8bvRp9KaDvh
lM/uWiRCP4NF5Jr9njpE4pSuZNDJNJEcFBCWy4SjMljtqA33zDa14IAykaIfTEfw
l+N6uXeEhun0af1+Poa5cmsrQfkVLu77U65pJxGTO8F0eJvF4jpfywB5AOEKMLqA
oGN+B+iNiw4CpH5lK4jLwMH8xWPhanrgen4007Y7oHZhh0yuvE05wlmsgErxzQZF
RfGawV8/QSQsANBejgGqepsDedXDtASS19EkH88QtqkQpQxb5X88QVKhk7oz0w/D
dFtS+JnxbKPQCiVKL7OQhgKsRr4T+p3vMn9HNcL+JQEi7Njc7sP9vNHKEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhlp36ElQgqfvz6h5PellHfN+AXMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAygDdY20X
yFHBXYw06O0h7SMJByuWMsZin+2inoBz5Rg2vZX9PctJC8bdon+djt8IqS5Sqk4m
BVK025uNtnlPJDLjx9GugTg0uvYA7wciBsFgJjXTw910BjMyyUiTIsxie+0RirDM
lAwmFFGXpba3sWHeARupVCbcN6LlluTN9thwhgz/i9qfOFQpNPAPcX4PPQj7+uWN
Y2BmJyJF0ciWjmvEANkgqXtK78IVyIBlv4fgndaxSJrPwBVqzt343/5kgPOWnony
xzAgvs/XetQpgZp5t9oDL8u7AAhjXjbesdKnIbQApgUxz1tXNjABeixrzv47k7x8
4OQd9JlMsI86QQ==
-----END CERTIFICATE-----