Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
File:                     jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft (raw, json)
Hash identifier:          XegKlrRE0jGqlYZcJicdyCP6CbUfUNcSg5+EJBYK2QY=
Subject key identifier:   55:B1:F8:79:82:08:C9:3A:88:FB:15:28:13:CF:D0:53:E3:14:7F:C6
Authority key identifier: 8D:9C:07:E7:E8:DE:85:8B:2E:68:13:D0:0F:9B:39:92:DF:53:82:7F
Certificate issuer:       /CN=8d9c07e7e8de858b2e6813d00f9b3992df53827f
Certificate serial:       0199FAA0FE76F726A4A9F1AEFB415D0E9D33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
Manifest number:          0518
Signing time:             Sun 19 Oct 2025 04:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 04:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 04:01:18 +0000
Files and hashes:         1: jZwH5-jehYsuaBPQD5s5kt9Tgn8.crl (hash: nuIzuMHL4FkNIiJK3MTMQr9r25dsvqLDhb/W4dtIBNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 04:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:a0:fe:76:f7:26:a4:a9:f1:ae:fb:41:5d:0e:9d:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d9c07e7e8de858b2e6813d00f9b3992df53827f
        Validity
            Not Before: Oct 19 04:01:18 2025 GMT
            Not After : Oct 20 04:01:18 2025 GMT
        Subject: CN=55b1f8798208c93a88fb152813cfd053e3147fc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:94:4d:71:f2:2d:88:90:ce:42:e5:2d:4f:23:
                    26:54:df:e2:6f:ed:f2:8b:09:07:71:8b:a7:12:c0:
                    a5:0b:60:e2:81:14:75:ce:b3:7f:46:70:75:8d:ef:
                    48:47:31:64:53:26:42:0d:e2:76:ec:40:9e:d8:0c:
                    99:b5:ca:e1:c9:7c:7a:72:df:ea:71:36:fc:4b:f5:
                    66:05:56:ec:7d:77:ec:70:4f:c5:fd:9d:e9:ca:b5:
                    6d:c0:6b:b2:a5:cd:23:ab:c7:fd:52:0b:bc:36:7c:
                    90:04:02:a2:7f:c3:d1:38:be:c1:96:f6:2c:d6:cc:
                    6a:de:4c:ad:92:c4:79:da:b2:96:54:f3:c5:ac:2c:
                    7a:24:1f:9c:7c:db:62:a3:f9:da:d7:bb:bb:60:71:
                    3c:81:63:fc:09:90:8e:e8:1a:ef:de:03:cc:72:67:
                    80:59:c5:ec:48:22:cc:4b:73:04:fe:2c:7b:eb:c7:
                    39:97:ee:f1:40:f3:3c:d1:95:4a:35:d0:2f:59:aa:
                    48:35:5e:52:df:47:94:e8:b3:c3:b6:cc:44:88:e5:
                    fe:b0:80:f4:8f:dd:29:a6:32:7d:3f:c4:49:8e:c3:
                    5f:83:03:e6:c9:06:4d:f2:99:b1:f6:c7:f8:a5:c5:
                    d9:6a:da:53:0a:be:4a:bd:3c:99:22:e9:0a:ab:96:
                    fb:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:B1:F8:79:82:08:C9:3A:88:FB:15:28:13:CF:D0:53:E3:14:7F:C6
            X509v3 Authority Key Identifier:
                keyid:8D:9C:07:E7:E8:DE:85:8B:2E:68:13:D0:0F:9B:39:92:DF:53:82:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jZwH5-jehYsuaBPQD5s5kt9Tgn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e14e2a-a0ea-43d9-b05f-f363c5138702/1/jZwH5-jehYsuaBPQD5s5kt9Tgn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:ea:1e:c8:9c:5c:72:c5:f4:06:54:fd:2d:30:95:07:e4:4e:
         ec:e4:a8:5e:6f:20:48:e3:46:06:ca:67:f6:1d:f2:51:6c:ab:
         af:7f:ac:30:0e:d9:cf:3c:fe:b6:03:12:e8:dc:67:b2:79:d8:
         5a:d7:91:32:78:b1:21:55:09:e5:39:a4:68:3a:b3:cc:ea:25:
         a1:a0:12:f1:9a:0c:06:11:5e:6e:d6:da:6e:b6:7c:dd:df:57:
         d2:cd:6c:85:bd:e2:c7:0a:e7:44:ba:48:74:b6:2a:9b:10:c9:
         75:1b:32:a5:77:83:77:68:02:6e:f6:45:3e:5f:41:4a:b8:4e:
         71:ef:c8:f4:3e:ec:92:43:48:fd:c1:79:5d:4b:b8:8a:d2:79:
         00:a8:fc:8a:d7:6e:a2:27:11:64:59:d8:b8:47:f9:a3:ac:05:
         86:a2:e6:a4:b9:27:1a:59:80:48:17:54:0b:09:bf:a9:90:93:
         0e:c3:2d:ab:48:0a:2d:79:a0:84:9c:7b:5e:51:14:d4:06:0a:
         7d:6c:b2:05:11:b2:36:1c:b2:f5:e0:0a:b2:aa:65:41:38:ee:
         23:ce:bd:53:b7:82:9d:01:4c:6d:a7:e5:ad:9b:05:cb:32:3c:
         84:ac:a6:39:2e:3c:ba:32:f6:43:0c:cb:c2:da:bc:ba:e5:18:
         61:fb:6c:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oP529yakqfGu+0FdDp0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkOWMwN2U3ZThkZTg1OGIyZTY4MTNkMDBmOWIzOTkyZGY1
MzgyN2YwHhcNMjUxMDE5MDQwMTE4WhcNMjUxMDIwMDQwMTE4WjAzMTEwLwYDVQQD
Eyg1NWIxZjg3OTgyMDhjOTNhODhmYjE1MjgxM2NmZDA1M2UzMTQ3ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZRNcfItiJDOQuUtTyMmVN/ib+3y
iwkHcYunEsClC2DigRR1zrN/RnB1je9IRzFkUyZCDeJ27ECe2AyZtcrhyXx6ct/q
cTb8S/VmBVbsfXfscE/F/Z3pyrVtwGuypc0jq8f9Ugu8NnyQBAKif8PROL7BlvYs
1sxq3kytksR52rKWVPPFrCx6JB+cfNtio/na17u7YHE8gWP8CZCO6Brv3gPMcmeA
WcXsSCLMS3ME/ix768c5l+7xQPM80ZVKNdAvWapINV5S30eU6LPDtsxEiOX+sID0
j90ppjJ9P8RJjsNfgwPmyQZN8pmx9sf4pcXZatpTCr5KvTyZIukKq5b7UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWx+HmCCMk6iPsVKBPP0FPjFH/GMB8GA1UdIwQY
MBaAFI2cB+fo3oWLLmgT0A+bOZLfU4J/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalp3SDUtamVoWXN1YUJQUUQ1czVrdDlUZ244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lMTRlMmEtYTBlYS00M2Q5LWIwNWYt
ZjM2M2M1MTM4NzAyLzEvalp3SDUtamVoWXN1YUJQUUQ1czVrdDlUZ244Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lMTRlMmEtYTBlYS00M2Q5LWIwNWYtZjM2M2M1MTM4NzAy
LzEvalp3SDUtamVoWXN1YUJQUUQ1czVrdDlUZ244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAruoeyJxc
csX0BlT9LTCVB+RO7OSoXm8gSONGBspn9h3yUWyrr3+sMA7Zzzz+tgMS6NxnsnnY
WteRMnixIVUJ5TmkaDqzzOoloaAS8ZoMBhFebtbabrZ83d9X0s1shb3ixwrnRLpI
dLYqmxDJdRsypXeDd2gCbvZFPl9BSrhOce/I9D7skkNI/cF5XUu4itJ5AKj8itdu
oicRZFnYuEf5o6wFhqLmpLknGlmASBdUCwm/qZCTDsMtq0gKLXmghJx7XlEU1AYK
fWyyBRGyNhyy9eAKsqplQTjuI869U7eCnQFMbaflrZsFyzI8hKymOS48ujL2QwzL
wtq8uuUYYftsuw==
-----END CERTIFICATE-----