Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          aoM/A83YB4M0B5kjImNpLgdXQ0dAbmhG2RSClm+4nYs=
Subject key identifier:   76:06:46:86:78:A2:BF:BB:C1:99:75:1D:A7:D8:51:C8:7E:68:FA:B4
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       0199FDDA2656EF9CDE542636DE0C7692F254
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          14FE
Signing time:             Sun 19 Oct 2025 19:02:36 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:36 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:36 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: ctU3JUvMdKC/8k3mnUu+gFMF/bUGyNcAf5Dx7sIvAu0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:26:56:ef:9c:de:54:26:36:de:0c:76:92:f2:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Oct 19 19:02:36 2025 GMT
            Not After : Oct 20 19:02:36 2025 GMT
        Subject: CN=7606468678a2bfbbc199751da7d851c87e68fab4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:73:d6:86:85:5c:b5:05:1f:5c:70:d6:04:27:
                    6c:d6:24:4b:a3:e5:2a:1d:a8:c9:f6:0c:86:68:cb:
                    97:d1:49:3b:1a:25:e4:29:4b:cc:ad:c9:1d:75:90:
                    66:4e:c4:41:83:dd:7f:41:ee:92:df:04:6e:89:89:
                    b7:f6:a5:e0:52:33:d8:46:f2:dd:02:9b:bb:04:a3:
                    07:7a:d6:cf:0b:21:0a:a4:99:11:89:42:6b:57:9b:
                    5d:8c:cc:bd:14:f7:1a:38:70:a4:58:db:46:d9:fd:
                    11:4b:34:be:a0:c0:14:b9:37:90:fe:f8:d6:dc:d0:
                    16:3d:7c:dc:4b:b3:06:f5:84:6b:03:f9:cd:93:c7:
                    3d:57:9f:99:bb:a5:b4:31:9c:af:86:2d:b1:62:d8:
                    d3:a9:93:66:ac:38:db:65:10:c2:77:5e:1a:57:ef:
                    9e:7e:ac:d7:c5:f2:a4:dd:47:c3:55:c3:f7:14:e0:
                    a4:5e:26:4d:a5:81:c1:7a:6d:ed:0d:57:4b:62:21:
                    ef:69:86:a9:7b:f8:59:2b:96:39:f9:8c:3b:10:fa:
                    9e:c9:39:05:aa:24:d3:5c:26:e7:ea:1c:ac:58:e1:
                    97:cf:58:78:36:10:a0:a9:40:b7:69:76:e3:44:58:
                    2c:b4:e9:7b:93:9d:10:31:6a:db:fa:14:34:39:cc:
                    aa:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:06:46:86:78:A2:BF:BB:C1:99:75:1D:A7:D8:51:C8:7E:68:FA:B4
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:a5:5a:c6:29:fc:21:6d:ce:b2:38:e6:3f:30:e1:b0:4c:cc:
         5f:dc:7d:3a:66:26:af:fd:ca:75:aa:85:8f:e7:3a:87:a2:26:
         d4:de:2c:58:6e:cb:1b:36:d8:21:a4:92:50:09:02:4c:7c:3f:
         c3:ac:14:19:2c:42:3a:11:1e:a3:5f:e6:97:3d:5a:e4:4d:4c:
         e7:d4:e3:09:11:cf:97:24:65:df:cd:9e:25:d3:9a:ec:1e:a9:
         0c:ce:9c:75:ab:3e:70:c0:0b:bc:9b:e0:75:4e:50:2d:bf:df:
         1b:67:a3:4e:68:26:c4:9c:89:92:2a:ac:7c:d3:32:f2:c1:8f:
         4b:74:36:59:bf:cd:a4:a0:a7:58:10:8c:57:bc:2b:1a:72:50:
         27:64:da:b7:e8:29:64:70:71:59:6d:93:7b:1f:8b:9e:bf:59:
         ec:c5:9c:f2:81:d8:98:c5:40:0e:1f:db:83:9d:4e:20:aa:d0:
         63:f4:1f:8f:b0:9d:5f:df:ce:cb:9c:14:69:4e:13:00:89:7b:
         3c:01:8a:03:89:47:23:3e:f0:2c:7c:bd:8f:0d:b7:de:18:82:
         2d:b3:65:ce:30:c8:e3:58:1f:08:75:53:5e:06:9e:ae:55:76:
         86:39:6e:a2:01:d9:1c:a2:0c:6d:ef:60:69:56:41:54:50:50:
         47:a3:32:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92iZW75zeVCY23gx2kvJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjUxMDE5MTkwMjM2WhcNMjUxMDIwMTkwMjM2WjAzMTEwLwYDVQQD
Eyg3NjA2NDY4Njc4YTJiZmJiYzE5OTc1MWRhN2Q4NTFjODdlNjhmYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHPWhoVctQUfXHDWBCds1iRLo+Uq
HajJ9gyGaMuX0Uk7GiXkKUvMrckddZBmTsRBg91/Qe6S3wRuiYm39qXgUjPYRvLd
Apu7BKMHetbPCyEKpJkRiUJrV5tdjMy9FPcaOHCkWNtG2f0RSzS+oMAUuTeQ/vjW
3NAWPXzcS7MG9YRrA/nNk8c9V5+Zu6W0MZyvhi2xYtjTqZNmrDjbZRDCd14aV++e
fqzXxfKk3UfDVcP3FOCkXiZNpYHBem3tDVdLYiHvaYape/hZK5Y5+Yw7EPqeyTkF
qiTTXCbn6hysWOGXz1h4NhCgqUC3aXbjRFgstOl7k50QMWrb+hQ0Ocyq2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYGRoZ4or+7wZl1HafYUch+aPq0MB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJKVaxin8
IW3OsjjmPzDhsEzMX9x9OmYmr/3KdaqFj+c6h6Im1N4sWG7LGzbYIaSSUAkCTHw/
w6wUGSxCOhEeo1/mlz1a5E1M59TjCRHPlyRl382eJdOa7B6pDM6cdas+cMALvJvg
dU5QLb/fG2ejTmgmxJyJkiqsfNMy8sGPS3Q2Wb/NpKCnWBCMV7wrGnJQJ2Tat+gp
ZHBxWW2Tex+Lnr9Z7MWc8oHYmMVADh/bg51OIKrQY/Qfj7CdX9/Oy5wUaU4TAIl7
PAGKA4lHIz7wLHy9jw233hiCLbNlzjDI41gfCHVTXgaerlV2hjluogHZHKIMbe9g
aVZBVFBQR6MysA==
-----END CERTIFICATE-----