Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft
File:                     zEH27mce6lNY5xzn_BHJNsw3bGE.mft (raw, json)
Hash identifier:          CnWg/1ip9EOzpcod7rvEPaLDempRsmgrILiFS2zZEK0=
Subject key identifier:   51:A9:00:20:F5:72:E3:B8:9F:A3:F5:2F:21:5A:D1:43:E9:8E:1A:FE
Authority key identifier: CC:41:F6:EE:67:1E:EA:53:58:E7:1C:E7:FC:11:C9:36:CC:37:6C:61
Certificate issuer:       /CN=cc41f6ee671eea5358e71ce7fc11c936cc376c61
Certificate serial:       0199FB459241B9642679735FACCD94C694F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zEH27mce6lNY5xzn_BHJNsw3bGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft
Manifest number:          110E
Signing time:             Sun 19 Oct 2025 07:01:04 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:04 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:04 +0000
Files and hashes:         1: zEH27mce6lNY5xzn_BHJNsw3bGE.crl (hash: y8QUzHB/kWz3+hOKG6DvpB0gD7GzBG6wJdVQxDNBs5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zEH27mce6lNY5xzn_BHJNsw3bGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:92:41:b9:64:26:79:73:5f:ac:cd:94:c6:94:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc41f6ee671eea5358e71ce7fc11c936cc376c61
        Validity
            Not Before: Oct 19 07:01:04 2025 GMT
            Not After : Oct 20 07:01:04 2025 GMT
        Subject: CN=51a90020f572e3b89fa3f52f215ad143e98e1afe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:92:72:cd:5a:cc:42:6f:7d:84:a7:a7:71:ed:
                    43:f5:86:12:3c:d8:d3:07:a4:d2:d5:e8:28:cf:47:
                    01:11:ed:f6:93:5c:3b:e9:e2:4d:c9:15:46:51:65:
                    3c:0a:6c:93:73:23:e1:40:ea:69:72:41:9b:6a:5a:
                    49:4e:d0:d6:da:62:31:2e:af:22:35:f7:64:04:cf:
                    da:a9:a8:87:f0:76:5f:61:a9:18:42:b1:3c:f6:b8:
                    a8:ec:ba:c2:ab:56:2a:b0:70:31:7b:37:c7:a2:87:
                    5e:22:5a:8e:dc:bf:dd:20:ee:f6:f0:d7:c7:c1:9b:
                    25:ff:f9:e8:df:85:55:2a:3d:cf:15:7f:a5:20:58:
                    33:95:18:13:a6:8f:ec:fe:5e:99:9d:61:96:4c:37:
                    50:04:c4:2d:24:81:07:24:e0:e7:80:74:68:37:8f:
                    52:ad:20:27:9f:83:6b:c1:09:fb:3d:e6:0f:8f:59:
                    b6:98:2c:bf:e3:24:af:5e:44:01:c8:63:3f:cc:59:
                    43:7d:b0:25:22:98:85:e5:3f:d3:52:27:d7:df:fd:
                    02:49:56:ba:6f:56:94:16:d0:49:99:26:af:7a:b5:
                    31:bd:96:96:ca:81:85:f1:36:57:d5:bb:a1:0a:77:
                    d5:4a:79:c0:63:61:be:af:b3:5f:55:6f:d7:2d:89:
                    a5:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:A9:00:20:F5:72:E3:B8:9F:A3:F5:2F:21:5A:D1:43:E9:8E:1A:FE
            X509v3 Authority Key Identifier:
                keyid:CC:41:F6:EE:67:1E:EA:53:58:E7:1C:E7:FC:11:C9:36:CC:37:6C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zEH27mce6lNY5xzn_BHJNsw3bGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/8857a3-da1e-4549-aec0-6f2e79d827e0/1/zEH27mce6lNY5xzn_BHJNsw3bGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:b6:8f:0b:04:78:64:19:84:22:25:4e:1e:94:04:80:e8:76:
         c1:ac:3b:3b:47:d9:c2:58:4f:7c:fc:76:b3:75:c6:24:1a:fc:
         08:10:17:4c:76:87:4c:62:6f:f1:0a:74:f7:b9:d0:bc:be:80:
         67:09:cb:44:71:c2:f0:30:f0:59:37:90:36:7d:c7:ea:78:cd:
         c8:4e:3b:1f:53:8d:d1:d4:03:1b:9f:29:e5:93:9a:90:57:51:
         c0:4d:a3:f5:0e:67:04:c4:c1:cf:66:0a:fc:fc:81:d4:30:22:
         39:6f:73:64:6f:3d:d9:3b:81:5b:a0:b0:7e:5e:4c:47:b8:b0:
         7a:94:1f:d0:33:bd:90:7b:02:a7:df:aa:a2:f9:48:dc:d0:e9:
         17:b5:58:0a:13:38:71:95:ac:50:66:e5:6e:b3:02:92:d6:40:
         d1:f0:58:40:73:b1:f8:c2:9e:0a:d6:b0:94:3c:9f:cb:cf:cf:
         86:83:cb:52:68:86:bc:bc:f6:ff:79:13:0a:c5:f1:d7:80:df:
         dd:f4:5c:4d:62:25:43:b4:55:b8:85:94:f2:1c:68:f7:f0:22:
         1e:85:f1:03:23:84:bf:2d:14:b1:05:ac:5d:6f:0e:26:16:89:
         c2:00:ae:d9:22:bc:3e:8b:e0:e0:0c:91:98:d2:e8:d1:02:fc:
         ee:ec:4e:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RZJBuWQmeXNfrM2UxpT2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNDFmNmVlNjcxZWVhNTM1OGU3MWNlN2ZjMTFjOTM2Y2Mz
NzZjNjEwHhcNMjUxMDE5MDcwMTA0WhcNMjUxMDIwMDcwMTA0WjAzMTEwLwYDVQQD
Eyg1MWE5MDAyMGY1NzJlM2I4OWZhM2Y1MmYyMTVhZDE0M2U5OGUxYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJJyzVrMQm99hKence1D9YYSPNjT
B6TS1egoz0cBEe32k1w76eJNyRVGUWU8CmyTcyPhQOppckGbalpJTtDW2mIxLq8i
NfdkBM/aqaiH8HZfYakYQrE89rio7LrCq1YqsHAxezfHoodeIlqO3L/dIO728NfH
wZsl//no34VVKj3PFX+lIFgzlRgTpo/s/l6ZnWGWTDdQBMQtJIEHJODngHRoN49S
rSAnn4NrwQn7PeYPj1m2mCy/4ySvXkQByGM/zFlDfbAlIpiF5T/TUifX3/0CSVa6
b1aUFtBJmSaverUxvZaWyoGF8TZX1buhCnfVSnnAY2G+r7NfVW/XLYml+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFGpACD1cuO4n6P1LyFa0UPpjhr+MB8GA1UdIwQY
MBaAFMxB9u5nHupTWOcc5/wRyTbMN2xhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekVIMjdtY2U2bE5ZNXh6bl9CSEpOc3czYkdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC84ODU3YTMtZGExZS00NTQ5LWFlYzAt
NmYyZTc5ZDgyN2UwLzEvekVIMjdtY2U2bE5ZNXh6bl9CSEpOc3czYkdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC84ODU3YTMtZGExZS00NTQ5LWFlYzAtNmYyZTc5ZDgyN2Uw
LzEvekVIMjdtY2U2bE5ZNXh6bl9CSEpOc3czYkdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATbaPCwR4
ZBmEIiVOHpQEgOh2waw7O0fZwlhPfPx2s3XGJBr8CBAXTHaHTGJv8Qp097nQvL6A
ZwnLRHHC8DDwWTeQNn3H6njNyE47H1ON0dQDG58p5ZOakFdRwE2j9Q5nBMTBz2YK
/PyB1DAiOW9zZG892TuBW6Cwfl5MR7iwepQf0DO9kHsCp9+qovlI3NDpF7VYChM4
cZWsUGblbrMCktZA0fBYQHOx+MKeCtawlDyfy8/PhoPLUmiGvLz2/3kTCsXx14Df
3fRcTWIlQ7RVuIWU8hxo9/AiHoXxAyOEvy0UsQWsXW8OJhaJwgCu2SK8Povg4AyR
mNLo0QL87uxOHA==
-----END CERTIFICATE-----