Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          U/+scF/Q296dMxsnrFSiE+u/pxkAqi0JUGNm3El1mbc=
Subject key identifier:   20:CF:84:E3:56:36:80:52:F0:27:B7:AE:8D:A1:3E:B8:28:CD:D2:FB
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       0199FE474BE80046BBC67CC6C67BFC8446F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          0B07
Signing time:             Sun 19 Oct 2025 21:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:49 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: fuBWgiWvIPJVJSXP2Vg5AnDqz2w3v9Cp5oWsI7NYSbQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:4b:e8:00:46:bb:c6:7c:c6:c6:7b:fc:84:46:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: Oct 19 21:01:49 2025 GMT
            Not After : Oct 20 21:01:49 2025 GMT
        Subject: CN=20cf84e356368052f027b7ae8da13eb828cdd2fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ee:d8:d9:d7:69:83:b6:5b:46:61:5d:8c:fe:
                    a4:4b:c8:9a:bf:ef:08:60:b0:fb:00:b6:72:55:e1:
                    d6:10:51:64:95:75:a8:0c:05:b8:78:52:0f:be:a1:
                    e5:1c:cc:16:9c:72:95:7e:16:46:c1:4d:aa:62:08:
                    e6:5c:ad:39:2e:f8:34:3a:f4:3e:4c:f2:2a:e4:05:
                    ec:9b:92:a1:4d:c2:c0:50:f7:96:1b:bc:d8:d7:ed:
                    fc:5b:d0:1b:06:f3:73:f8:ec:cb:88:28:19:9e:0e:
                    f9:f2:1c:60:3c:94:49:80:ea:0a:cc:70:d9:84:0d:
                    ed:50:d3:b2:36:17:9e:e8:da:db:52:85:ea:16:55:
                    75:bd:47:c6:23:81:3b:09:52:be:18:26:1c:b5:cd:
                    02:d8:41:ea:16:91:f1:77:95:82:31:8d:fb:76:a3:
                    66:d1:1d:e1:4d:11:1b:cd:64:bb:fb:d1:58:a0:42:
                    64:65:c2:21:cd:33:22:27:38:45:bc:ac:a9:34:b6:
                    9c:57:86:77:f9:d8:bc:2a:c0:be:ef:90:2f:d0:6d:
                    2c:8a:72:ca:f2:33:75:f1:55:e9:b4:d1:09:f8:10:
                    d7:b0:cb:61:64:1c:f2:8b:24:4c:02:55:a4:db:8b:
                    09:5d:34:af:5a:66:77:ca:02:be:6e:75:34:34:a3:
                    16:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:CF:84:E3:56:36:80:52:F0:27:B7:AE:8D:A1:3E:B8:28:CD:D2:FB
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:ad:47:fe:10:85:53:4a:64:75:24:c0:09:7e:0c:64:f6:d8:
         af:9e:29:a3:62:22:e8:e8:ae:25:51:94:f9:91:31:19:4e:61:
         91:21:d3:54:86:7a:17:00:e0:1f:c5:31:2d:ad:24:94:4d:77:
         73:b6:76:ac:1c:11:d8:5b:90:89:bc:46:01:97:e7:f3:f2:ab:
         c3:e5:2f:e2:82:40:a8:07:7d:58:aa:17:eb:c9:f0:5c:f9:05:
         a3:04:9c:28:d1:87:e8:8c:d7:64:d2:fa:55:d2:30:cb:a1:96:
         15:ed:fa:1b:e1:dc:35:45:41:86:98:29:e4:78:06:15:e6:8f:
         b1:22:c3:e6:54:00:69:b5:18:c9:7a:f1:5f:13:e1:08:ee:a1:
         99:4d:2b:5f:0e:42:7f:58:ff:2b:8b:8d:49:da:40:bd:bd:73:
         89:32:c2:4e:0c:40:56:cd:db:11:e4:d6:60:5c:ba:7b:21:cf:
         40:24:68:c8:dc:c9:aa:b1:2c:11:60:f3:bf:a0:fc:96:56:79:
         c6:68:0c:ab:53:24:44:33:4c:ec:93:35:d9:e9:76:e7:7f:7b:
         46:95:e5:09:14:87:c1:9c:a3:87:82:bf:54:85:da:8b:e5:e3:
         60:1e:e8:f2:b3:21:6b:f3:95:3f:ae:c4:d1:ea:98:d3:8e:dc:
         08:fd:e2:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+R0voAEa7xnzGxnv8hEbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjUxMDE5MjEwMTQ5WhcNMjUxMDIwMjEwMTQ5WjAzMTEwLwYDVQQD
EygyMGNmODRlMzU2MzY4MDUyZjAyN2I3YWU4ZGExM2ViODI4Y2RkMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO7Y2ddpg7ZbRmFdjP6kS8iav+8I
YLD7ALZyVeHWEFFklXWoDAW4eFIPvqHlHMwWnHKVfhZGwU2qYgjmXK05Lvg0OvQ+
TPIq5AXsm5KhTcLAUPeWG7zY1+38W9AbBvNz+OzLiCgZng758hxgPJRJgOoKzHDZ
hA3tUNOyNhee6NrbUoXqFlV1vUfGI4E7CVK+GCYctc0C2EHqFpHxd5WCMY37dqNm
0R3hTREbzWS7+9FYoEJkZcIhzTMiJzhFvKypNLacV4Z3+di8KsC+75Av0G0sinLK
8jN18VXptNEJ+BDXsMthZBzyiyRMAlWk24sJXTSvWmZ3ygK+bnU0NKMWrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDPhONWNoBS8Ce3ro2hPrgozdL7MB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh61H/hCF
U0pkdSTACX4MZPbYr54po2Ii6OiuJVGU+ZExGU5hkSHTVIZ6FwDgH8UxLa0klE13
c7Z2rBwR2FuQibxGAZfn8/Krw+Uv4oJAqAd9WKoX68nwXPkFowScKNGH6IzXZNL6
VdIwy6GWFe36G+HcNUVBhpgp5HgGFeaPsSLD5lQAabUYyXrxXxPhCO6hmU0rXw5C
f1j/K4uNSdpAvb1ziTLCTgxAVs3bEeTWYFy6eyHPQCRoyNzJqrEsEWDzv6D8llZ5
xmgMq1MkRDNM7JM12el25397RpXlCRSHwZyjh4K/VIXai+XjYB7o8rMha/OVP67E
0eqY047cCP3igQ==
-----END CERTIFICATE-----