Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
File:                     ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft (raw, json)
Hash identifier:          i5N8OL+JuB+LEYHOWdxBWKXHrO4T+D5Xa9YbMKFJhsc=
Subject key identifier:   BE:6D:F4:47:38:D2:7B:72:30:3C:6F:68:4C:97:53:3E:B3:48:07:61
Authority key identifier: 64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92
Certificate issuer:       /CN=64b90f34525f80025ea77cb618e7519982ab8592
Certificate serial:       0199FDD90E63460C9EE8B997E7DBC03CFA3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
Manifest number:          16E1
Signing time:             Sun 19 Oct 2025 19:01:24 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:24 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:24 +0000
Files and hashes:         1: ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl (hash: 1aNeZzzMbao+9QjIo/gUTzudDGOxZAcqLpBGQEb8Eus=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:0e:63:46:0c:9e:e8:b9:97:e7:db:c0:3c:fa:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b90f34525f80025ea77cb618e7519982ab8592
        Validity
            Not Before: Oct 19 19:01:24 2025 GMT
            Not After : Oct 20 19:01:24 2025 GMT
        Subject: CN=be6df44738d27b72303c6f684c97533eb3480761
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:0d:5d:22:a9:b8:aa:bd:1a:8f:dc:ff:26:71:
                    09:97:47:c8:57:12:b6:09:7a:72:03:a5:0b:5c:b2:
                    bd:89:f2:6c:a0:f9:cc:8b:5d:63:59:ff:bb:2e:06:
                    f0:fe:2f:37:3a:78:b5:64:f5:ad:6a:9b:51:33:e4:
                    21:ab:dd:c0:9e:37:df:71:ec:57:04:b6:d4:62:fe:
                    d1:c5:3c:d8:36:64:e0:9c:7b:5a:7b:78:fc:5a:72:
                    8d:c3:07:41:3e:ee:2c:63:08:6f:d3:8e:71:a9:9f:
                    54:a6:76:de:66:0e:b9:70:d0:ba:0a:61:a9:86:63:
                    35:13:d8:df:56:62:be:b0:c8:61:dc:0f:b6:f9:cc:
                    c8:43:50:26:6a:3c:32:94:91:bb:8c:34:f6:fb:65:
                    af:23:cb:19:3f:ab:50:b0:1b:b4:ab:f1:6b:e0:6e:
                    39:84:86:1c:3a:9d:12:31:41:82:53:51:5b:cd:60:
                    ec:83:3d:dc:99:22:29:3f:22:1c:24:5d:30:e7:04:
                    4b:83:f2:39:a3:98:7d:e5:fd:0f:96:f9:41:81:5c:
                    09:9b:db:fe:5b:74:f3:7c:7c:31:61:06:cb:dc:25:
                    e9:eb:35:00:fb:46:47:19:f6:53:c6:e9:14:96:50:
                    78:e1:14:bb:36:fd:e6:83:c4:3d:b3:fe:18:a3:83:
                    12:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:6D:F4:47:38:D2:7B:72:30:3C:6F:68:4C:97:53:3E:B3:48:07:61
            X509v3 Authority Key Identifier:
                keyid:64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:24:e3:ed:4d:d5:74:df:3b:21:3f:db:aa:ed:86:d5:dc:30:
         28:3d:1d:b9:af:d1:4e:13:b7:37:36:93:53:7f:52:24:82:7b:
         13:dc:8e:3a:f6:f9:13:83:5e:12:92:46:ab:83:31:db:ab:83:
         59:ff:aa:93:71:48:02:2e:f5:01:ba:f7:7f:4c:3f:23:8c:f8:
         e2:8b:84:e9:ae:68:38:ed:bf:59:9b:9b:d0:d5:d3:a9:3a:1c:
         f8:03:a8:56:39:28:ce:9f:d8:9b:8d:ef:8b:4d:d9:d9:7c:b4:
         ec:51:a3:c6:fa:1c:63:83:0d:86:40:c6:64:46:4f:f3:86:a8:
         25:4d:e1:5d:19:6f:fe:8c:62:19:a8:bf:d9:9a:eb:ea:47:ce:
         a9:12:1a:ad:5a:3c:e0:c4:34:bc:a0:9c:2c:f4:2c:af:5c:2e:
         fc:35:0d:8c:7b:b7:41:73:0d:53:20:4a:ed:40:4b:dd:a9:05:
         5d:7a:44:73:cf:75:5d:b0:22:8e:f7:f8:7c:ac:7a:f3:9b:c8:
         ae:da:f9:c6:8f:93:cf:c1:e0:a7:31:c9:77:15:d5:f0:ff:2b:
         6d:85:7e:bf:89:dc:13:11:83:59:1a:1d:dd:9f:fc:22:19:0f:
         56:de:cb:aa:09:97:88:d5:31:72:95:74:c7:b4:47:0d:79:54:
         03:5b:ea:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92Q5jRgye6LmX59vAPPo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjkwZjM0NTI1ZjgwMDI1ZWE3N2NiNjE4ZTc1MTk5ODJh
Yjg1OTIwHhcNMjUxMDE5MTkwMTI0WhcNMjUxMDIwMTkwMTI0WjAzMTEwLwYDVQQD
EyhiZTZkZjQ0NzM4ZDI3YjcyMzAzYzZmNjg0Yzk3NTMzZWIzNDgwNzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA1dIqm4qr0aj9z/JnEJl0fIVxK2
CXpyA6ULXLK9ifJsoPnMi11jWf+7Lgbw/i83Oni1ZPWtaptRM+Qhq93AnjffcexX
BLbUYv7RxTzYNmTgnHtae3j8WnKNwwdBPu4sYwhv045xqZ9UpnbeZg65cNC6CmGp
hmM1E9jfVmK+sMhh3A+2+czIQ1AmajwylJG7jDT2+2WvI8sZP6tQsBu0q/Fr4G45
hIYcOp0SMUGCU1FbzWDsgz3cmSIpPyIcJF0w5wRLg/I5o5h95f0PlvlBgVwJm9v+
W3TzfHwxYQbL3CXp6zUA+0ZHGfZTxukUllB44RS7Nv3mg8Q9s/4Yo4MS6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5t9Ec40ntyMDxvaEyXUz6zSAdhMB8GA1UdIwQY
MBaAFGS5DzRSX4ACXqd8thjnUZmCq4WSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQt
N2JkYjY3MmUwYzU0LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQtN2JkYjY3MmUwYzU0
LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOyTj7U3V
dN87IT/bqu2G1dwwKD0dua/RThO3NzaTU39SJIJ7E9yOOvb5E4NeEpJGq4Mx26uD
Wf+qk3FIAi71Abr3f0w/I4z44ouE6a5oOO2/WZub0NXTqToc+AOoVjkozp/Ym43v
i03Z2Xy07FGjxvocY4MNhkDGZEZP84aoJU3hXRlv/oxiGai/2Zrr6kfOqRIarVo8
4MQ0vKCcLPQsr1wu/DUNjHu3QXMNUyBK7UBL3akFXXpEc891XbAijvf4fKx685vI
rtr5xo+Tz8HgpzHJdxXV8P8rbYV+v4ncExGDWRod3Z/8IhkPVt7LqgmXiNUxcpV0
x7RHDXlUA1vqmg==
-----END CERTIFICATE-----