Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          U4wovUa5wdISJNG4JVGMtBXgiLgLYhXKJfFAxn3ZDDM=
Subject key identifier:   9C:B4:EF:A4:8A:A1:49:0F:EC:53:A7:83:F7:66:C7:36:2A:5A:1E:9B
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       0198D6CDD279453A8BFED259CFC4F08CD077
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          0A6E
Signing time:             Sat 23 Aug 2025 12:01:09 +0000
Manifest this update:     Sat 23 Aug 2025 12:01:09 +0000
Manifest next update:     Sun 24 Aug 2025 12:01:09 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: bFb9J+P9eebteXtVWT+oJeDRJZCcLMdokMH03j3SQKI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:d2:79:45:3a:8b:fe:d2:59:cf:c4:f0:8c:d0:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: Aug 23 12:01:09 2025 GMT
            Not After : Aug 24 12:01:09 2025 GMT
        Subject: CN=9cb4efa48aa1490fec53a783f766c7362a5a1e9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:7e:56:fa:47:7a:3b:5c:d9:85:66:b8:d4:07:
                    c7:61:7a:09:73:0b:cf:36:5b:a4:d1:aa:b0:4f:eb:
                    9b:28:5d:d4:5a:29:0c:fa:1e:2b:af:6d:88:2a:02:
                    0d:fc:4a:24:4b:df:31:59:e6:47:46:8a:ee:1b:2e:
                    c3:8f:72:d5:ac:bd:70:fb:90:f6:b7:26:79:db:77:
                    1e:34:84:28:39:a5:da:18:c3:26:f8:79:90:04:98:
                    96:ec:01:7e:9e:78:d7:47:8f:d9:5b:e4:73:fc:e3:
                    84:33:7b:4f:90:84:34:ae:87:40:e9:44:82:96:1f:
                    be:fc:4d:23:0f:49:75:f4:e9:78:18:3c:53:9e:dc:
                    21:ed:7c:8b:e3:19:3c:1d:2d:20:ce:71:03:f4:39:
                    75:b9:95:ce:06:55:23:c7:d7:2e:0d:2c:d5:2e:1a:
                    c3:0b:31:2e:9e:60:fe:79:04:a1:2e:92:88:31:4e:
                    42:9c:75:6e:eb:4d:cd:7a:9f:1a:81:31:e7:20:35:
                    b8:39:be:ae:a2:3b:bb:36:cf:e4:0b:15:3d:51:5c:
                    a5:38:35:23:d3:4a:6b:0c:1d:4d:6c:6e:cd:f9:8b:
                    0b:79:9e:a8:67:1b:91:e3:d2:54:98:e5:62:55:45:
                    fb:38:e0:91:af:b4:37:b8:3f:e2:e9:43:0e:1f:e9:
                    93:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:B4:EF:A4:8A:A1:49:0F:EC:53:A7:83:F7:66:C7:36:2A:5A:1E:9B
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:9f:68:bf:2c:e0:5b:0f:77:71:e5:91:65:c3:85:a6:99:a9:
         c6:fd:61:7a:64:d1:22:a6:67:84:1d:79:67:5a:fb:e5:e1:97:
         f6:3e:0e:04:12:f0:05:f2:a2:e5:01:ae:07:b0:c0:53:e5:2f:
         90:4d:f3:7d:ca:ed:27:b4:a7:e1:7a:49:8b:fd:af:fd:93:ce:
         1f:20:ba:97:5d:9d:d4:1c:60:a5:ed:49:8e:90:5d:8f:46:07:
         16:ae:42:3e:c2:e6:ea:6d:c0:97:5b:26:59:ac:f8:5d:24:81:
         e9:fd:1d:f3:34:f3:28:45:fc:ac:03:c2:1c:91:56:da:df:67:
         66:de:94:da:5e:36:04:04:cb:2c:2c:68:11:be:66:fd:d6:4c:
         91:e0:1c:5c:4b:f5:d9:99:06:a6:8f:b8:64:17:7b:cf:a4:81:
         43:2a:53:23:0d:d3:5c:9d:16:0a:e6:3d:e5:6d:b9:35:43:e6:
         7c:d0:dc:d6:b2:25:9c:5d:f8:64:de:63:71:08:fa:0a:f2:24:
         b4:13:5c:19:2d:1f:e7:c5:7c:b7:0c:d5:17:81:a1:8d:e1:27:
         23:5d:ef:97:b1:c4:7a:76:7a:25:08:bc:36:65:af:03:f2:d7:
         eb:69:99:28:97:6c:aa:a5:fd:20:37:a7:c3:b0:40:24:e6:9b:
         33:b1:01:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzdJ5RTqL/tJZz8TwjNB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjUwODIzMTIwMTA5WhcNMjUwODI0MTIwMTA5WjAzMTEwLwYDVQQD
Eyg5Y2I0ZWZhNDhhYTE0OTBmZWM1M2E3ODNmNzY2YzczNjJhNWExZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxn5W+kd6O1zZhWa41AfHYXoJcwvP
Nluk0aqwT+ubKF3UWikM+h4rr22IKgIN/EokS98xWeZHRoruGy7Dj3LVrL1w+5D2
tyZ523ceNIQoOaXaGMMm+HmQBJiW7AF+nnjXR4/ZW+Rz/OOEM3tPkIQ0rodA6USC
lh++/E0jD0l19Ol4GDxTntwh7XyL4xk8HS0gznED9Dl1uZXOBlUjx9cuDSzVLhrD
CzEunmD+eQShLpKIMU5CnHVu603Nep8agTHnIDW4Ob6uoju7Ns/kCxU9UVylODUj
00prDB1NbG7N+YsLeZ6oZxuR49JUmOViVUX7OOCRr7Q3uD/i6UMOH+mTkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJy076SKoUkP7FOng/dmxzYqWh6bMB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMJ9ovyzg
Ww93ceWRZcOFppmpxv1hemTRIqZnhB15Z1r75eGX9j4OBBLwBfKi5QGuB7DAU+Uv
kE3zfcrtJ7Sn4XpJi/2v/ZPOHyC6l12d1Bxgpe1JjpBdj0YHFq5CPsLm6m3Al1sm
Waz4XSSB6f0d8zTzKEX8rAPCHJFW2t9nZt6U2l42BATLLCxoEb5m/dZMkeAcXEv1
2ZkGpo+4ZBd7z6SBQypTIw3TXJ0WCuY95W25NUPmfNDc1rIlnF34ZN5jcQj6CvIk
tBNcGS0f58V8twzVF4GhjeEnI13vl7HEenZ6JQi8NmWvA/LX62mZKJdsqqX9IDen
w7BAJOabM7EBTw==
-----END CERTIFICATE-----