Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
File:                     ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft (raw, json)
Hash identifier:          K5loU/63W0/Wj9zpuxiDYUm9nExK3LmgUPPa26pnpqk=
Subject key identifier:   32:5D:A8:77:D2:BC:B2:73:CE:7C:8D:2C:94:DB:D1:27:F8:25:60:37
Authority key identifier: 66:83:A9:6C:F5:11:A6:79:19:D9:00:F3:FC:93:40:99:34:1F:87:D8
Certificate issuer:       /CN=6683a96cf511a67919d900f3fc934099341f87d8
Certificate serial:       019A0591CA123A295DF97645AFEDC71120D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
Manifest number:          0EC6
Signing time:             Tue 21 Oct 2025 07:00:31 +0000
Manifest this update:     Tue 21 Oct 2025 07:00:31 +0000
Manifest next update:     Wed 22 Oct 2025 07:00:31 +0000
Files and hashes:         1: ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl (hash: GIDXijNd2NJNayA1aVzbJpYfoTM2AxlJS2+8O1xgHSw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 Oct 2025 07:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:05:91:ca:12:3a:29:5d:f9:76:45:af:ed:c7:11:20:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6683a96cf511a67919d900f3fc934099341f87d8
        Validity
            Not Before: Oct 21 07:00:31 2025 GMT
            Not After : Oct 22 07:00:31 2025 GMT
        Subject: CN=325da877d2bcb273ce7c8d2c94dbd127f8256037
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:e5:ce:8f:58:43:c3:dc:fe:e6:90:be:4f:d9:
                    6a:70:8c:59:5f:12:86:dc:9d:ce:72:f4:58:5a:53:
                    3e:91:24:e8:d3:a4:63:83:c6:f7:6e:5f:2d:f5:ad:
                    ed:ca:86:b4:56:25:42:23:49:ac:57:c3:f3:a7:4a:
                    e0:a6:f2:64:89:7d:ea:a1:55:a6:4e:2a:0d:86:95:
                    8e:e1:f4:a1:b6:3e:de:10:10:6e:72:6f:6c:18:20:
                    f4:a1:a8:ed:a8:7a:db:c5:42:de:e5:ca:d2:b2:26:
                    51:c0:87:96:f2:75:c4:f2:da:a4:46:ee:3f:8f:b7:
                    08:c6:08:c9:b4:b2:5d:7e:11:37:57:11:1c:8e:8c:
                    d4:c2:99:eb:f3:a1:87:87:8c:5e:69:bb:e2:65:9b:
                    0f:f9:6f:19:dc:25:66:3f:4b:88:1a:63:be:e4:57:
                    f8:73:56:a6:0b:10:d6:8a:a4:2b:ef:69:59:30:3c:
                    78:66:44:a2:12:05:66:d5:95:1c:31:40:cb:a0:0d:
                    f8:a4:c3:c7:e2:70:c4:d2:e3:76:80:13:69:c7:78:
                    de:55:0f:75:8f:2c:08:47:d6:04:b8:e4:51:95:56:
                    9a:a2:d9:26:c8:75:5e:8c:9e:b2:c9:d7:5b:d2:f3:
                    6f:c6:1f:eb:71:99:c4:d3:32:da:09:63:a5:16:4e:
                    29:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:5D:A8:77:D2:BC:B2:73:CE:7C:8D:2C:94:DB:D1:27:F8:25:60:37
            X509v3 Authority Key Identifier:
                keyid:66:83:A9:6C:F5:11:A6:79:19:D9:00:F3:FC:93:40:99:34:1F:87:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/c540e3-d2c7-4f08-9178-ae30686c8589/1/ZoOpbPURpnkZ2QDz_JNAmTQfh9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:63:6e:0b:ce:a8:24:de:8f:98:03:db:79:21:38:27:05:7f:
         29:a7:67:b2:58:d0:f4:1c:92:74:ab:a5:5a:ef:26:5c:6e:de:
         c2:fe:67:ce:a1:a1:cd:3b:ce:b2:43:20:44:3c:0a:8e:45:5e:
         a3:9e:14:bb:71:95:c8:3d:40:09:13:77:53:46:e5:14:30:32:
         55:4c:da:c1:54:a7:2b:08:f0:d5:7c:be:74:6c:2c:59:cf:41:
         7d:fc:d2:32:c9:35:9a:97:ff:3a:1c:07:b8:27:32:da:70:46:
         7f:03:12:1a:c7:7e:4d:67:58:29:3e:7e:4b:ff:1a:f7:10:4b:
         4b:d9:da:7b:ba:79:fd:c6:1d:84:05:7a:56:67:89:bd:3e:10:
         5b:de:9e:c4:7b:9d:34:ab:58:5d:9d:66:c2:39:29:92:4f:77:
         2b:0a:cf:71:b4:00:e7:fc:22:a2:d9:67:f4:27:cb:02:33:33:
         69:f9:5e:78:f1:c0:e3:f1:27:37:45:4a:42:ab:49:40:87:a4:
         26:15:a8:3b:27:ce:24:d5:0d:97:68:b2:81:72:ae:df:4f:17:
         e5:97:cf:b8:17:f9:29:00:a7:09:51:a4:1a:60:73:8c:eb:ad:
         e3:fb:08:c0:c9:2b:34:d4:80:0e:ef:35:84:86:42:6b:1a:76:
         45:2b:40:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoFkcoSOild+XZFr+3HESDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ODNhOTZjZjUxMWE2NzkxOWQ5MDBmM2ZjOTM0MDk5MzQx
Zjg3ZDgwHhcNMjUxMDIxMDcwMDMxWhcNMjUxMDIyMDcwMDMxWjAzMTEwLwYDVQQD
EygzMjVkYTg3N2QyYmNiMjczY2U3YzhkMmM5NGRiZDEyN2Y4MjU2MDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OXOj1hDw9z+5pC+T9lqcIxZXxKG
3J3OcvRYWlM+kSTo06Rjg8b3bl8t9a3tyoa0ViVCI0msV8Pzp0rgpvJkiX3qoVWm
TioNhpWO4fShtj7eEBBucm9sGCD0oajtqHrbxULe5crSsiZRwIeW8nXE8tqkRu4/
j7cIxgjJtLJdfhE3VxEcjozUwpnr86GHh4xeabviZZsP+W8Z3CVmP0uIGmO+5Ff4
c1amCxDWiqQr72lZMDx4ZkSiEgVm1ZUcMUDLoA34pMPH4nDE0uN2gBNpx3jeVQ91
jywIR9YEuORRlVaaotkmyHVejJ6yyddb0vNvxh/rcZnE0zLaCWOlFk4pLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJdqHfSvLJzznyNLJTb0Sf4JWA3MB8GA1UdIwQY
MBaAFGaDqWz1EaZ5GdkA8/yTQJk0H4fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9jNTQwZTMtZDJjNy00ZjA4LTkxNzgt
YWUzMDY4NmM4NTg5LzEvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9jNTQwZTMtZDJjNy00ZjA4LTkxNzgtYWUzMDY4NmM4NTg5
LzEvWm9PcGJQVVJwbmtaMlFEel9KTkFtVFFmaDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq2NuC86o
JN6PmAPbeSE4JwV/KadnsljQ9BySdKulWu8mXG7ewv5nzqGhzTvOskMgRDwKjkVe
o54Uu3GVyD1ACRN3U0blFDAyVUzawVSnKwjw1Xy+dGwsWc9BffzSMsk1mpf/OhwH
uCcy2nBGfwMSGsd+TWdYKT5+S/8a9xBLS9nae7p5/cYdhAV6VmeJvT4QW96exHud
NKtYXZ1mwjkpkk93KwrPcbQA5/wiotln9CfLAjMzafleePHA4/EnN0VKQqtJQIek
JhWoOyfOJNUNl2iygXKu308X5ZfPuBf5KQCnCVGkGmBzjOut4/sIwMkrNNSADu81
hIZCaxp2RStACQ==
-----END CERTIFICATE-----