Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
File:                     ZYzRSR-oTUghjThg8zI9ybhoV4w.mft (raw, json)
Hash identifier:          FaAT7MC/YybG0LBdPycSovvN1oDHtjXKy8ZEXRkg1x0=
Subject key identifier:   4E:80:FF:FD:F0:E7:7B:CB:1C:7F:97:35:EE:19:A9:0D:12:35:54:29
Authority key identifier: 65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C
Certificate issuer:       /CN=658cd1491fa84d48218d3860f3323dc9b868578c
Certificate serial:       0199FBEBAA6DF9075AEEC41C7F9A65EBB68D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
Manifest number:          0F4A
Signing time:             Sun 19 Oct 2025 10:02:29 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:29 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:29 +0000
Files and hashes:         1: ZYzRSR-oTUghjThg8zI9ybhoV4w.crl (hash: RR/+4PU6sXQL0JsqHGO4ULnFzgpkSpLNkv8FVN3I0GU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:aa:6d:f9:07:5a:ee:c4:1c:7f:9a:65:eb:b6:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658cd1491fa84d48218d3860f3323dc9b868578c
        Validity
            Not Before: Oct 19 10:02:29 2025 GMT
            Not After : Oct 20 10:02:29 2025 GMT
        Subject: CN=4e80fffdf0e77bcb1c7f9735ee19a90d12355429
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:e4:84:d5:47:bf:a9:ae:c1:50:cc:68:d8:21:
                    5b:d9:b1:a6:1e:a7:b2:7f:ea:c9:ff:30:51:3e:9f:
                    8e:d1:03:c4:98:da:8c:55:8f:65:4d:66:77:49:0e:
                    7b:b2:f4:fd:c5:35:e5:2f:20:a1:0d:e9:a2:cc:fa:
                    9d:63:1c:48:e1:12:42:a3:f2:c4:a1:c1:09:de:33:
                    01:58:b6:85:e4:b7:f5:c4:5e:cf:2d:7d:db:96:5c:
                    ee:ba:ad:28:c8:c2:39:6c:74:1d:82:7b:12:f2:3f:
                    75:f5:01:2b:64:f9:16:41:51:d5:b4:d9:18:d0:4c:
                    7b:69:21:2e:c6:42:bb:82:f6:2f:1e:b9:4f:f3:8e:
                    71:4e:2e:a0:fd:68:14:fe:bd:07:cb:ea:ff:8f:7a:
                    1a:6c:18:76:23:4d:fa:61:4b:8c:f3:7f:e1:96:f4:
                    92:08:1d:8c:b6:19:04:d1:1c:34:11:72:09:3f:21:
                    fe:04:cb:dd:80:ca:45:32:bb:eb:af:67:76:e0:65:
                    2b:92:da:b5:29:d9:d2:41:17:b0:0b:1e:c7:58:46:
                    7c:f3:6a:01:ee:46:e8:4d:5a:fd:43:bc:31:c5:d9:
                    2e:8d:c1:3e:86:47:58:f1:05:bc:fa:e1:d5:7d:86:
                    f1:71:35:85:e0:11:15:81:b3:25:ca:11:c5:09:b1:
                    87:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:80:FF:FD:F0:E7:7B:CB:1C:7F:97:35:EE:19:A9:0D:12:35:54:29
            X509v3 Authority Key Identifier:
                keyid:65:8C:D1:49:1F:A8:4D:48:21:8D:38:60:F3:32:3D:C9:B8:68:57:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYzRSR-oTUghjThg8zI9ybhoV4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3ad935-63a7-434f-b69d-40aa83486f8f/1/ZYzRSR-oTUghjThg8zI9ybhoV4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:37:18:78:95:8e:bb:9e:93:77:bb:e2:46:08:23:67:b3:8e:
         20:d1:77:d2:0f:b0:8c:ae:56:41:db:42:d6:b3:5b:c3:58:c4:
         6b:df:3d:a0:37:c0:36:3c:91:24:b8:b9:0a:26:56:2f:fd:86:
         73:fc:11:21:a2:2a:a8:63:c3:69:73:ec:fb:c9:1a:e3:99:25:
         82:b9:2f:98:5e:d9:9a:3c:c1:4c:32:53:24:6f:21:ad:4b:53:
         da:dc:4d:77:ea:fa:86:a7:60:29:e5:c5:3a:88:2d:c8:f1:47:
         8f:04:da:f0:ce:b5:98:60:4d:ff:61:49:2a:7d:e4:d2:9a:63:
         23:26:88:17:f0:37:96:11:2f:66:88:76:bb:44:79:2d:e4:3a:
         6a:ad:8f:ea:6b:af:13:44:75:f7:7e:1c:7b:0c:1b:a7:92:17:
         38:cb:a7:84:da:44:42:31:de:51:30:2d:b7:3c:bb:37:0f:ab:
         42:c0:41:65:ac:c2:ce:d4:76:1b:49:4a:76:7b:e1:d1:cf:89:
         a3:74:0f:9a:2d:e2:e7:9b:bf:d9:89:54:f7:a2:98:0f:bf:d9:
         85:34:b6:4a:68:ff:39:33:89:fd:6a:30:51:5e:be:6c:cf:d3:
         0c:e1:d5:26:84:b3:15:43:51:fe:66:2d:52:18:b0:e6:94:2a:
         6d:27:a8:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn766pt+Qda7sQcf5pl67aNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGNkMTQ5MWZhODRkNDgyMThkMzg2MGYzMzIzZGM5Yjg2
ODU3OGMwHhcNMjUxMDE5MTAwMjI5WhcNMjUxMDIwMTAwMjI5WjAzMTEwLwYDVQQD
Eyg0ZTgwZmZmZGYwZTc3YmNiMWM3Zjk3MzVlZTE5YTkwZDEyMzU1NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+SE1Ue/qa7BUMxo2CFb2bGmHqey
f+rJ/zBRPp+O0QPEmNqMVY9lTWZ3SQ57svT9xTXlLyChDemizPqdYxxI4RJCo/LE
ocEJ3jMBWLaF5Lf1xF7PLX3bllzuuq0oyMI5bHQdgnsS8j919QErZPkWQVHVtNkY
0Ex7aSEuxkK7gvYvHrlP845xTi6g/WgU/r0Hy+r/j3oabBh2I036YUuM83/hlvSS
CB2MthkE0Rw0EXIJPyH+BMvdgMpFMrvrr2d24GUrktq1KdnSQRewCx7HWEZ882oB
7kboTVr9Q7wxxdkujcE+hkdY8QW8+uHVfYbxcTWF4BEVgbMlyhHFCbGH5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6A//3w53vLHH+XNe4ZqQ0SNVQpMB8GA1UdIwQY
MBaAFGWM0UkfqE1IIY04YPMyPcm4aFeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQt
NDBhYTgzNDg2ZjhmLzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zYWQ5MzUtNjNhNy00MzRmLWI2OWQtNDBhYTgzNDg2Zjhm
LzEvWll6UlNSLW9UVWdoalRoZzh6STl5YmhvVjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAozcYeJWO
u56Td7viRggjZ7OOINF30g+wjK5WQdtC1rNbw1jEa989oDfANjyRJLi5CiZWL/2G
c/wRIaIqqGPDaXPs+8ka45klgrkvmF7ZmjzBTDJTJG8hrUtT2txNd+r6hqdgKeXF
OogtyPFHjwTa8M61mGBN/2FJKn3k0ppjIyaIF/A3lhEvZoh2u0R5LeQ6aq2P6muv
E0R1934cewwbp5IXOMunhNpEQjHeUTAttzy7Nw+rQsBBZazCztR2G0lKdnvh0c+J
o3QPmi3i55u/2YlU96KYD7/ZhTS2Smj/OTOJ/WowUV6+bM/TDOHVJoSzFUNR/mYt
Uhiw5pQqbSeoDg==
-----END CERTIFICATE-----