Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
File:                     ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft (raw, json)
Hash identifier:          nGyUs6OHsJ6zI8MNvaES/m3FbdSBiEP9YpBNqjlnXgY=
Subject key identifier:   BD:F6:8B:43:D2:05:70:EA:4A:64:77:94:B0:2C:3D:40:19:BF:2B:49
Authority key identifier: 64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92
Certificate issuer:       /CN=64b90f34525f80025ea77cb618e7519982ab8592
Certificate serial:       0198D6603668BF6F13D7E174ABB8327BEFD9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 10:01:26 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:26 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:26 +0000
Files and hashes:         1: ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl (hash: ISYQH/5VsWDDtR18AsVfMhkYecLi8kS7Vm8NiAkH1aI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:36:68:bf:6f:13:d7:e1:74:ab:b8:32:7b:ef:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b90f34525f80025ea77cb618e7519982ab8592
        Validity
            Not Before: Aug 23 10:01:26 2025 GMT
            Not After : Aug 24 10:01:26 2025 GMT
        Subject: CN=bdf68b43d20570ea4a647794b02c3d4019bf2b49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3f:8e:4c:f0:ea:80:f2:13:63:eb:81:f8:29:
                    45:b7:0f:ec:c4:d4:e0:85:2b:13:9e:7f:69:17:e7:
                    9e:6c:e9:ad:4c:32:84:9f:dc:13:8f:49:ff:4e:7a:
                    2d:ec:be:4e:15:97:fe:8b:f6:40:35:53:90:b7:b8:
                    84:d0:45:53:e1:db:1f:24:ca:b0:29:41:7c:04:33:
                    55:7b:9d:b1:62:12:fa:af:2f:c9:dc:34:2e:68:4f:
                    ce:13:f4:71:56:4f:2b:dd:e9:e5:85:a9:5d:08:c2:
                    bb:0c:1f:81:fa:71:78:39:09:32:42:d6:57:73:62:
                    bc:5c:20:f2:0f:19:c3:c4:a9:11:ca:ff:c0:28:9a:
                    0d:a3:11:67:41:ac:d5:0a:d4:10:83:e7:73:ec:f7:
                    d1:a3:d1:4c:77:36:6e:08:a0:89:df:dd:e8:7a:48:
                    c0:66:f9:d1:75:d5:bb:af:26:bf:8c:b8:ef:cc:32:
                    70:01:f1:fe:f2:6f:d2:96:d1:a6:58:46:f8:d9:14:
                    ca:c9:ac:2f:70:1d:c9:1c:7c:09:07:64:64:01:c4:
                    b0:c5:08:36:a4:5b:a9:15:41:00:50:14:95:af:c0:
                    d5:be:e5:7d:83:25:96:f2:9b:b7:8f:70:3b:3c:3b:
                    bc:8f:6f:92:3a:af:99:0b:42:16:eb:10:78:97:b7:
                    26:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:F6:8B:43:D2:05:70:EA:4A:64:77:94:B0:2C:3D:40:19:BF:2B:49
            X509v3 Authority Key Identifier:
                keyid:64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:76:4d:bd:76:c3:42:1b:84:4a:46:b5:56:c2:0a:87:81:29:
         67:70:2e:b0:de:66:f7:1c:b4:29:00:0c:47:c1:78:b5:56:86:
         26:a7:a6:09:95:4f:3f:79:c9:e2:bc:75:e9:73:d4:8c:9f:a0:
         1c:60:fe:08:16:7e:44:6e:b6:36:fb:1f:0e:78:bb:05:4a:50:
         3a:8d:ec:9c:2b:35:bf:29:c8:b1:f6:af:f3:73:b3:e1:8d:97:
         71:61:5b:e9:f4:26:72:b8:02:e8:43:9f:a0:31:75:25:c9:7b:
         cc:c0:91:56:00:26:54:1c:78:d8:19:6e:bc:63:77:86:41:46:
         26:e9:38:a6:92:15:36:59:9a:01:40:14:4f:9f:64:06:64:43:
         29:cd:65:d4:9a:d6:06:4b:2c:a0:6c:99:9f:5d:64:20:38:df:
         85:72:3a:a6:d8:74:02:50:04:23:9f:4d:85:0a:09:55:6c:7b:
         e3:aa:e8:ea:9a:3e:4e:44:c8:12:ef:79:6d:e4:49:f0:db:65:
         b0:05:d5:dc:f7:68:7d:4c:d2:8b:a3:85:8b:24:a1:6d:a9:8e:
         48:89:d0:45:23:79:8f:ac:bf:69:28:fa:99:0a:8a:93:8c:d7:
         25:86:a1:87:28:8e:4c:3c:b4:f3:d1:28:6e:aa:77:5d:0f:f8:
         c4:45:93:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYDZov28T1+F0q7gye+/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjkwZjM0NTI1ZjgwMDI1ZWE3N2NiNjE4ZTc1MTk5ODJh
Yjg1OTIwHhcNMjUwODIzMTAwMTI2WhcNMjUwODI0MTAwMTI2WjAzMTEwLwYDVQQD
EyhiZGY2OGI0M2QyMDU3MGVhNGE2NDc3OTRiMDJjM2Q0MDE5YmYyYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyD+OTPDqgPITY+uB+ClFtw/sxNTg
hSsTnn9pF+eebOmtTDKEn9wTj0n/Tnot7L5OFZf+i/ZANVOQt7iE0EVT4dsfJMqw
KUF8BDNVe52xYhL6ry/J3DQuaE/OE/RxVk8r3enlhaldCMK7DB+B+nF4OQkyQtZX
c2K8XCDyDxnDxKkRyv/AKJoNoxFnQazVCtQQg+dz7PfRo9FMdzZuCKCJ393oekjA
ZvnRddW7rya/jLjvzDJwAfH+8m/SltGmWEb42RTKyawvcB3JHHwJB2RkAcSwxQg2
pFupFUEAUBSVr8DVvuV9gyWW8pu3j3A7PDu8j2+SOq+ZC0IW6xB4l7cmTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL32i0PSBXDqSmR3lLAsPUAZvytJMB8GA1UdIwQY
MBaAFGS5DzRSX4ACXqd8thjnUZmCq4WSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQt
N2JkYjY3MmUwYzU0LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQtN2JkYjY3MmUwYzU0
LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwnZNvXbD
QhuESka1VsIKh4EpZ3AusN5m9xy0KQAMR8F4tVaGJqemCZVPP3nJ4rx16XPUjJ+g
HGD+CBZ+RG62NvsfDni7BUpQOo3snCs1vynIsfav83Oz4Y2XcWFb6fQmcrgC6EOf
oDF1Jcl7zMCRVgAmVBx42BluvGN3hkFGJuk4ppIVNlmaAUAUT59kBmRDKc1l1JrW
BkssoGyZn11kIDjfhXI6pth0AlAEI59NhQoJVWx746ro6po+TkTIEu95beRJ8Ntl
sAXV3PdofUzSi6OFiyShbamOSInQRSN5j6y/aSj6mQqKk4zXJYahhyiOTDy089Eo
bqp3XQ/4xEWThg==
-----END CERTIFICATE-----