Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
File:                     ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft (raw, json)
Hash identifier:          ubBigUuRwHcsrTbjkZYIhbzYx2hxTx5unbTuqX8A+hs=
Subject key identifier:   25:B0:44:83:97:17:69:A9:3F:B3:22:41:D4:5D:99:D9:77:F7:08:F2
Authority key identifier: 66:83:A9:6C:F5:11:A6:79:19:D9:00:F3:FC:93:40:99:34:1F:87:D8
Certificate issuer:       /CN=6683a96cf511a67919d900f3fc934099341f87d8
Certificate serial:       0198D661136F9E9AB92BE4818A295EAEB237
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
Manifest number:          0E29
Signing time:             Sat 23 Aug 2025 10:02:22 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:22 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:22 +0000
Files and hashes:         1: ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl (hash: Is8lsO/z2CuTCY+3Wuw3XjgGGl3bFBVWJie1aeXdJaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:13:6f:9e:9a:b9:2b:e4:81:8a:29:5e:ae:b2:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6683a96cf511a67919d900f3fc934099341f87d8
        Validity
            Not Before: Aug 23 10:02:22 2025 GMT
            Not After : Aug 24 10:02:22 2025 GMT
        Subject: CN=25b04483971769a93fb32241d45d99d977f708f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4b:30:2c:a8:3c:36:cd:e3:75:97:4e:ce:3f:
                    5a:d4:0e:fb:47:db:34:ca:05:cf:51:30:24:11:34:
                    f8:b3:ef:5a:c3:1a:83:2d:a1:e9:91:df:f1:09:a7:
                    53:cc:d4:35:a0:15:e9:9b:7b:87:bc:4f:af:9d:2f:
                    30:f0:18:bb:ec:b3:47:68:f8:65:de:b8:76:f4:f8:
                    73:4c:fe:2a:0f:5c:47:14:60:fa:7e:25:ed:62:a6:
                    cd:e5:da:0e:55:fd:71:e4:22:60:72:46:3b:55:5b:
                    a8:75:97:95:1e:76:46:39:ce:19:bf:77:c3:76:6a:
                    9d:36:4c:1a:1e:42:77:d8:f8:1a:06:3c:30:30:ba:
                    58:ef:20:c3:29:2c:ff:c3:83:d2:fd:40:cf:e3:cd:
                    8c:7d:b4:1b:1b:4a:b8:8e:ca:9c:25:54:ca:3d:1f:
                    cd:2e:78:82:e5:25:25:cd:22:b3:50:bd:6d:9a:c2:
                    dc:3c:4d:8c:13:46:de:f1:f1:d7:21:8c:a4:6e:0d:
                    84:5a:4a:d6:0c:01:ae:11:50:07:71:c6:10:35:d0:
                    85:7b:6f:0a:22:41:8f:0a:ee:da:d6:64:99:16:1f:
                    00:3e:5d:61:7a:ba:cb:3e:d9:c6:57:2c:a9:e2:fa:
                    68:60:d7:fd:c4:78:1a:5c:dd:43:f2:a6:71:b1:ec:
                    5c:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:B0:44:83:97:17:69:A9:3F:B3:22:41:D4:5D:99:D9:77:F7:08:F2
            X509v3 Authority Key Identifier:
                keyid:66:83:A9:6C:F5:11:A6:79:19:D9:00:F3:FC:93:40:99:34:1F:87:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:58:78:c3:41:a5:1a:1d:ba:3e:35:a9:5e:0b:13:68:6f:5b:
         2c:43:fd:1c:be:78:cd:61:25:57:2b:e3:d6:f9:bd:5e:f2:c4:
         6a:c4:f5:12:37:67:40:27:ef:aa:85:bf:9c:40:b7:63:65:a2:
         51:6b:c2:0e:e5:4d:a5:31:69:81:ff:2c:8e:ad:b3:78:d2:8b:
         86:da:66:9a:f4:b2:82:47:cf:72:e4:66:6c:8b:df:4b:89:b5:
         14:ea:86:52:e1:20:fc:25:f3:b9:06:d9:d4:f6:f4:32:12:2a:
         ea:b7:63:0e:d9:4c:ba:16:e7:c9:16:74:b8:a3:e2:ed:b1:ee:
         6d:74:66:23:fd:85:a7:be:9f:24:d5:eb:23:ae:ea:6b:8e:bc:
         1c:3f:7d:e9:64:d1:88:b2:9f:85:44:a9:38:f4:0b:65:10:9d:
         40:39:5c:ac:b4:df:26:b7:93:8e:09:a0:0d:0d:8c:18:d5:d8:
         d3:6f:98:1f:f7:d7:fd:0b:b9:2c:17:95:2b:7c:6b:d1:64:85:
         3c:47:6a:96:a0:02:19:37:93:f9:64:05:2a:05:5e:10:d3:af:
         ab:20:d3:df:8a:67:e8:29:b3:24:89:26:be:33:77:ae:fe:8e:
         9b:7c:ca:91:8e:33:4b:b1:33:8a:17:e8:7b:75:0b:57:09:52:
         9d:03:b8:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYRNvnpq5K+SBiilerrI3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ODNhOTZjZjUxMWE2NzkxOWQ5MDBmM2ZjOTM0MDk5MzQx
Zjg3ZDgwHhcNMjUwODIzMTAwMjIyWhcNMjUwODI0MTAwMjIyWjAzMTEwLwYDVQQD
EygyNWIwNDQ4Mzk3MTc2OWE5M2ZiMzIyNDFkNDVkOTlkOTc3ZjcwOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUswLKg8Ns3jdZdOzj9a1A77R9s0
ygXPUTAkETT4s+9awxqDLaHpkd/xCadTzNQ1oBXpm3uHvE+vnS8w8Bi77LNHaPhl
3rh29PhzTP4qD1xHFGD6fiXtYqbN5doOVf1x5CJgckY7VVuodZeVHnZGOc4Zv3fD
dmqdNkwaHkJ32PgaBjwwMLpY7yDDKSz/w4PS/UDP482MfbQbG0q4jsqcJVTKPR/N
LniC5SUlzSKzUL1tmsLcPE2ME0be8fHXIYykbg2EWkrWDAGuEVAHccYQNdCFe28K
IkGPCu7a1mSZFh8APl1herrLPtnGVyyp4vpoYNf9xHgaXN1D8qZxsexckQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWwRIOXF2mpP7MiQdRdmdl39wjyMB8GA1UdIwQY
MBaAFGaDqWz1EaZ5GdkA8/yTQJk0H4fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9jNTQwZTMtZDJjNy00ZjA4LTkxNzgt
YWUzMDY4NmM4NTg5LzEvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9jNTQwZTMtZDJjNy00ZjA4LTkxNzgtYWUzMDY4NmM4NTg5
LzEvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGVh4w0Gl
Gh26PjWpXgsTaG9bLEP9HL54zWElVyvj1vm9XvLEasT1EjdnQCfvqoW/nEC3Y2Wi
UWvCDuVNpTFpgf8sjq2zeNKLhtpmmvSygkfPcuRmbIvfS4m1FOqGUuEg/CXzuQbZ
1Pb0MhIq6rdjDtlMuhbnyRZ0uKPi7bHubXRmI/2Fp76fJNXrI67qa468HD996WTR
iLKfhUSpOPQLZRCdQDlcrLTfJreTjgmgDQ2MGNXY02+YH/fX/Qu5LBeVK3xr0WSF
PEdqlqACGTeT+WQFKgVeENOvqyDT34pn6CmzJIkmvjN3rv6Om3zKkY4zS7Ezihfo
e3ULVwlSnQO4TA==
-----END CERTIFICATE-----