Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
File:                     zdCuQc2rVZhilkF4v-rjaElrB9c.mft (raw, json)
Hash identifier:          4pEn3ADbwi/bdN/1hifBdCxAsk8wagSZS03vHIligro=
Subject key identifier:   B4:35:84:13:76:81:D3:26:E6:18:DE:3A:C6:6A:A6:70:E9:3E:7F:6E
Authority key identifier: CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7
Certificate issuer:       /CN=cdd0ae41cdab559862964178bfeae368496b07d7
Certificate serial:       0199FD3403C18F15BC9B61220B3FB690DA14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
Manifest number:          0DC2
Signing time:             Sun 19 Oct 2025 16:01:08 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:08 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:08 +0000
Files and hashes:         1: zdCuQc2rVZhilkF4v-rjaElrB9c.crl (hash: NZmi8U1wsRCKBbNnalItrk5sed7D7MG+GwqJ5pk0yMw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:03:c1:8f:15:bc:9b:61:22:0b:3f:b6:90:da:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdd0ae41cdab559862964178bfeae368496b07d7
        Validity
            Not Before: Oct 19 16:01:08 2025 GMT
            Not After : Oct 20 16:01:08 2025 GMT
        Subject: CN=b43584137681d326e618de3ac66aa670e93e7f6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:f6:63:ef:e9:8a:21:ee:67:e8:77:f4:76:37:
                    a2:40:8a:dd:2e:c1:dd:50:6d:fb:94:8c:63:37:b2:
                    0a:00:ab:27:02:fa:c5:ac:d8:17:96:79:c8:eb:e3:
                    86:ca:22:2b:e7:92:49:84:90:f9:a3:08:68:3d:e2:
                    12:63:5d:9c:04:cf:93:6d:60:56:5f:48:41:93:ac:
                    54:a7:07:fe:00:6a:3b:5e:f1:2d:00:64:2f:7e:6e:
                    95:93:76:2f:fa:9e:de:ea:8e:9b:14:a5:c7:c3:a7:
                    f5:6e:3c:0f:7a:91:b5:a7:0c:6e:0e:eb:2e:77:15:
                    32:54:cc:a5:79:b8:8e:57:52:4e:bb:5b:17:ab:e2:
                    2b:14:77:34:78:26:eb:16:84:4b:f4:50:63:ed:c6:
                    9c:2a:2b:89:84:19:a5:22:8f:3b:cd:1d:cf:d2:ce:
                    e4:fb:26:8f:cd:26:d6:8e:49:94:34:ae:35:2d:56:
                    29:52:3a:3c:1d:b2:3c:de:0e:4b:eb:cc:bc:51:b0:
                    d0:66:76:e8:56:09:9e:07:76:32:24:3f:8f:12:2a:
                    49:03:3e:52:08:7f:23:f3:df:2c:62:ed:87:73:dc:
                    6d:d0:52:7d:f7:b1:3b:4b:03:8c:42:a9:f1:67:ed:
                    91:ac:a2:f1:28:01:98:e4:35:45:25:14:ad:ed:6b:
                    95:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:35:84:13:76:81:D3:26:E6:18:DE:3A:C6:6A:A6:70:E9:3E:7F:6E
            X509v3 Authority Key Identifier:
                keyid:CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:af:f0:f8:cc:d5:ef:11:e5:cc:21:f6:4e:aa:64:e5:ea:04:
         1f:7b:98:70:26:0b:a4:83:a3:20:1d:c8:35:fa:a3:de:d1:11:
         e5:a4:fd:e2:25:4a:d4:da:3a:50:67:45:12:36:4b:ef:c4:ba:
         60:84:9d:4c:2a:a8:8a:bb:7c:bf:5d:86:2d:d8:6d:07:20:63:
         b7:67:f6:92:88:89:45:37:f2:67:e2:a7:21:66:ec:0e:d2:8e:
         4f:96:fb:a4:13:54:af:b6:24:cd:95:36:d4:0e:0e:c9:8f:2f:
         89:39:5a:58:d9:c8:4a:73:97:d3:fc:3f:6f:c9:9a:6c:ad:89:
         d2:31:04:17:65:55:7f:c2:ca:b2:10:3e:c5:41:85:fe:62:35:
         a3:7e:3f:df:48:e2:1b:e8:35:72:e4:21:b9:c8:f7:14:c2:4c:
         3f:38:38:50:18:40:da:3d:b6:ea:fb:fc:2f:e9:d9:6d:e6:77:
         f4:ad:21:21:93:ac:5c:f8:6a:ba:66:90:10:db:31:92:fd:9f:
         f0:b2:31:f2:72:11:a4:82:04:10:39:45:35:70:85:3f:e1:49:
         1b:b1:fb:f3:34:2b:89:ef:ac:c7:cd:13:23:f2:0f:43:de:68:
         ac:4d:a5:01:d4:bb:c9:53:ab:62:f0:ca:08:3c:a1:b9:18:64:
         06:75:30:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NAPBjxW8m2EiCz+2kNoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZDBhZTQxY2RhYjU1OTg2Mjk2NDE3OGJmZWFlMzY4NDk2
YjA3ZDcwHhcNMjUxMDE5MTYwMTA4WhcNMjUxMDIwMTYwMTA4WjAzMTEwLwYDVQQD
EyhiNDM1ODQxMzc2ODFkMzI2ZTYxOGRlM2FjNjZhYTY3MGU5M2U3ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfZj7+mKIe5n6Hf0djeiQIrdLsHd
UG37lIxjN7IKAKsnAvrFrNgXlnnI6+OGyiIr55JJhJD5owhoPeISY12cBM+TbWBW
X0hBk6xUpwf+AGo7XvEtAGQvfm6Vk3Yv+p7e6o6bFKXHw6f1bjwPepG1pwxuDusu
dxUyVMylebiOV1JOu1sXq+IrFHc0eCbrFoRL9FBj7cacKiuJhBmlIo87zR3P0s7k
+yaPzSbWjkmUNK41LVYpUjo8HbI83g5L68y8UbDQZnboVgmeB3YyJD+PEipJAz5S
CH8j898sYu2Hc9xt0FJ997E7SwOMQqnxZ+2RrKLxKAGY5DVFJRSt7WuV/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQ1hBN2gdMm5hjeOsZqpnDpPn9uMB8GA1UdIwQY
MBaAFM3QrkHNq1WYYpZBeL/q42hJawfXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEt
NDI4MzI0YTkyNDRlLzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEtNDI4MzI0YTkyNDRl
LzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAba/w+MzV
7xHlzCH2Tqpk5eoEH3uYcCYLpIOjIB3INfqj3tER5aT94iVK1No6UGdFEjZL78S6
YISdTCqoirt8v12GLdhtByBjt2f2koiJRTfyZ+KnIWbsDtKOT5b7pBNUr7YkzZU2
1A4OyY8viTlaWNnISnOX0/w/b8mabK2J0jEEF2VVf8LKshA+xUGF/mI1o34/30ji
G+g1cuQhucj3FMJMPzg4UBhA2j226vv8L+nZbeZ39K0hIZOsXPhqumaQENsxkv2f
8LIx8nIRpIIEEDlFNXCFP+FJG7H78zQrie+sx80TI/IPQ95orE2lAdS7yVOrYvDK
CDyhuRhkBnUwVw==
-----END CERTIFICATE-----