Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
File:                     ZYzRSR-oTUghjThg8zI9ybhoV4w.mft (raw, json)
Hash identifier:          JRUYD46vVYkG45n2vpZW/RopIlWkHDHVvh3uYARUugc=
Subject key identifier:   76:6E:72:92:40:B4:2F:4C:A1:94:5E:EF:D0:FB:8C:76:E1:26:AF:39
Authority key identifier: 65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C
Certificate issuer:       /CN=658cd1491fa84d48218d3860f3323dc9b868578c
Certificate serial:       0198D661528DCAA254CE1E5F2989A7E3C52E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
Manifest number:          0EB2
Signing time:             Sat 23 Aug 2025 10:02:38 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:38 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:38 +0000
Files and hashes:         1: ZYzRSR-oTUghjThg8zI9ybhoV4w.crl (hash: CuxIDsSAaQQhY+Fv6zM8In0dY4f+DF8uccn0DMLRDkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:52:8d:ca:a2:54:ce:1e:5f:29:89:a7:e3:c5:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658cd1491fa84d48218d3860f3323dc9b868578c
        Validity
            Not Before: Aug 23 10:02:38 2025 GMT
            Not After : Aug 24 10:02:38 2025 GMT
        Subject: CN=766e729240b42f4ca1945eefd0fb8c76e126af39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:45:25:93:12:86:ef:25:24:fa:18:40:01:b3:
                    89:ef:7b:ce:41:66:22:cc:78:42:d7:91:2b:21:05:
                    86:f4:94:bc:eb:ba:fd:c6:31:0e:d4:eb:6a:b8:d9:
                    62:d9:2e:56:19:10:06:16:9b:e4:ad:45:c9:ca:98:
                    63:94:b3:53:2e:5a:a6:5b:9f:33:7a:b9:36:74:4c:
                    ed:22:a1:98:84:53:40:19:63:64:a1:de:92:11:07:
                    b1:34:ef:45:a6:5f:3f:a1:3b:3c:49:d7:e4:58:34:
                    26:3d:08:b5:64:7e:71:09:c3:74:f5:6f:9a:bd:07:
                    75:04:59:a5:87:11:f8:ea:b5:99:60:fb:a8:e8:d0:
                    d8:59:95:fe:56:15:21:3b:9b:31:be:da:6e:13:c8:
                    7f:5b:03:cd:98:9f:25:a1:c4:70:02:14:96:ff:19:
                    16:94:11:bb:4f:ea:36:92:f7:3e:e2:94:f3:eb:64:
                    c0:cb:9a:61:88:60:30:73:02:26:1c:13:5d:dd:90:
                    9d:2b:53:5d:91:91:3a:cd:67:99:18:e3:30:4e:b0:
                    2e:9e:6e:26:3f:9a:b8:2b:83:95:f3:fe:f7:79:ea:
                    1a:cf:3e:b8:e4:6a:09:7f:c7:b6:c5:0d:8b:b7:97:
                    98:47:70:20:29:5a:03:70:b8:ad:57:50:88:88:96:
                    42:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:6E:72:92:40:B4:2F:4C:A1:94:5E:EF:D0:FB:8C:76:E1:26:AF:39
            X509v3 Authority Key Identifier:
                keyid:65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:d9:23:cc:1b:c4:7e:88:77:a5:65:f6:bd:81:9a:b1:e8:12:
         a7:16:fc:c0:86:fe:30:ac:ef:a4:5a:54:3c:88:78:ec:ee:56:
         b6:ca:bf:7e:13:19:66:81:0b:78:70:60:3b:72:6d:d7:c7:1a:
         2b:07:5d:93:ef:77:ef:65:df:9b:7b:81:d2:a1:57:82:86:d6:
         e8:54:ab:f9:0d:df:3e:0f:fa:3e:56:6c:f2:07:39:dd:66:16:
         fb:66:c3:63:81:78:a1:55:ca:2d:78:a3:c4:de:68:7e:63:00:
         37:d8:9d:e1:99:c9:a6:15:04:6e:15:ef:7a:17:10:6e:c3:60:
         2e:5e:07:f5:b9:06:5b:35:ff:49:89:a8:3c:b1:28:57:3a:71:
         eb:9f:35:64:e6:12:30:94:58:cd:a0:02:aa:bc:3e:12:69:cd:
         7d:af:35:0d:a9:68:a3:e6:2d:7f:1d:2d:54:49:c8:b9:18:2b:
         c9:51:8c:ec:a8:d5:11:86:43:ed:a0:c1:9a:6b:16:7f:c1:b1:
         85:eb:b7:52:d4:f0:3f:e3:b3:1e:a9:fe:20:9a:09:b1:7b:a0:
         a4:70:f4:d9:6b:54:56:b4:0b:92:20:e0:fa:9a:f3:cf:13:8d:
         ee:9e:e6:b7:96:d6:6a:89:02:38:a2:4e:35:eb:e6:93:e0:59:
         5f:47:1c:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYVKNyqJUzh5fKYmn48UuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGNkMTQ5MWZhODRkNDgyMThkMzg2MGYzMzIzZGM5Yjg2
ODU3OGMwHhcNMjUwODIzMTAwMjM4WhcNMjUwODI0MTAwMjM4WjAzMTEwLwYDVQQD
Eyg3NjZlNzI5MjQwYjQyZjRjYTE5NDVlZWZkMGZiOGM3NmUxMjZhZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUUlkxKG7yUk+hhAAbOJ73vOQWYi
zHhC15ErIQWG9JS867r9xjEO1OtquNli2S5WGRAGFpvkrUXJyphjlLNTLlqmW58z
erk2dEztIqGYhFNAGWNkod6SEQexNO9Fpl8/oTs8SdfkWDQmPQi1ZH5xCcN09W+a
vQd1BFmlhxH46rWZYPuo6NDYWZX+VhUhO5sxvtpuE8h/WwPNmJ8locRwAhSW/xkW
lBG7T+o2kvc+4pTz62TAy5phiGAwcwImHBNd3ZCdK1NdkZE6zWeZGOMwTrAunm4m
P5q4K4OV8/73eeoazz645GoJf8e2xQ2Lt5eYR3AgKVoDcLitV1CIiJZCtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZucpJAtC9MoZRe79D7jHbhJq85MB8GA1UdIwQY
MBaAFGWM0UkfqE1IIY04YPMyPcm4aFeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQt
NDBhYTgzNDg2ZjhmLzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQtNDBhYTgzNDg2Zjhm
LzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPtkjzBvE
foh3pWX2vYGasegSpxb8wIb+MKzvpFpUPIh47O5Wtsq/fhMZZoELeHBgO3Jt18ca
Kwddk+9372Xfm3uB0qFXgobW6FSr+Q3fPg/6PlZs8gc53WYW+2bDY4F4oVXKLXij
xN5ofmMAN9id4ZnJphUEbhXvehcQbsNgLl4H9bkGWzX/SYmoPLEoVzpx6581ZOYS
MJRYzaACqrw+EmnNfa81Daloo+Ytfx0tVEnIuRgryVGM7KjVEYZD7aDBmmsWf8Gx
heu3UtTwP+OzHqn+IJoJsXugpHD02WtUVrQLkiDg+przzxON7p7mt5bWaokCOKJO
Nevmk+BZX0ccpQ==
-----END CERTIFICATE-----