Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.mft
File:                     ZNf34XQXmhM-MMZg7fqG50pA3ZU.mft (raw, json)
Hash identifier:          TSHAwWQ7nM44GFlT+wkkLGrNbjmDtTrBR9inMwTsb4c=
Subject key identifier:   C5:C6:4D:80:14:83:27:F9:69:C9:A2:B9:11:1B:43:DA:55:AE:9D:71
Authority key identifier: 64:D7:F7:E1:74:17:9A:13:3E:30:C6:60:ED:FA:86:E7:4A:40:DD:95
Certificate issuer:       /CN=64d7f7e174179a133e30c660edfa86e74a40dd95
Certificate serial:       019A0111159C5353B43EBC0566CEBE32A5EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZNf34XQXmhM-MMZg7fqG50pA3ZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.mft
Manifest number:          16E0
Signing time:             Mon 20 Oct 2025 10:01:28 +0000
Manifest this update:     Mon 20 Oct 2025 10:01:28 +0000
Manifest next update:     Tue 21 Oct 2025 10:01:28 +0000
Files and hashes:         1: ZNf34XQXmhM-MMZg7fqG50pA3ZU.crl (hash: mx+hIRuspvEe7jE2WKqmZ02sHGjzM8hoyc2vzUh/pAQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZNf34XQXmhM-MMZg7fqG50pA3ZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:11:15:9c:53:53:b4:3e:bc:05:66:ce:be:32:a5:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64d7f7e174179a133e30c660edfa86e74a40dd95
        Validity
            Not Before: Oct 20 10:01:28 2025 GMT
            Not After : Oct 21 10:01:28 2025 GMT
        Subject: CN=c5c64d80148327f969c9a2b9111b43da55ae9d71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:22:49:b1:e6:52:2b:20:1c:6c:02:17:4b:c8:
                    56:e2:53:d2:06:da:3c:04:91:d7:5c:3e:c5:dc:c4:
                    4f:3c:53:99:1f:ec:14:f7:5c:07:f0:3f:ec:63:aa:
                    68:b0:f0:07:df:32:44:45:f7:16:69:bf:8a:2c:19:
                    00:06:79:63:6b:af:25:c4:a2:06:83:2b:db:1d:6c:
                    90:37:77:e1:cb:eb:63:9e:a5:8a:ce:c0:1c:de:4b:
                    16:19:d6:cf:1b:01:21:2a:e6:c1:c1:f8:2d:da:67:
                    d3:45:67:7c:d6:a0:15:a3:c3:fd:80:aa:4f:25:36:
                    6a:85:e3:16:7a:bc:90:ee:17:cd:d5:71:9c:65:e9:
                    94:f9:53:ea:1b:5c:09:5b:6f:31:37:43:b1:1b:9c:
                    c7:a4:cf:25:75:eb:05:0a:bf:4f:23:b1:ec:cc:f4:
                    da:f0:9c:3a:11:9c:65:25:6a:dd:d0:6e:45:0f:8a:
                    1d:6a:5f:f9:3b:88:85:52:f5:ae:37:7c:7c:ed:64:
                    90:ca:9b:be:4b:8f:42:51:91:09:2b:19:41:3f:03:
                    7a:dc:4f:3e:5d:9a:c9:03:c9:65:17:d2:2d:05:21:
                    da:ac:c6:fa:1d:7e:d2:e9:75:4a:3e:58:03:ea:75:
                    f3:8f:0e:ec:87:90:bb:61:7b:c7:8e:12:39:00:5e:
                    11:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:C6:4D:80:14:83:27:F9:69:C9:A2:B9:11:1B:43:DA:55:AE:9D:71
            X509v3 Authority Key Identifier:
                keyid:64:D7:F7:E1:74:17:9A:13:3E:30:C6:60:ED:FA:86:E7:4A:40:DD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNf34XQXmhM-MMZg7fqG50pA3ZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:ff:5b:17:72:be:63:17:44:c7:81:ce:1b:46:74:6a:6e:de:
         73:00:94:58:65:de:38:b4:15:a7:38:d3:57:fd:13:48:45:19:
         42:ca:b4:c1:8b:57:91:4e:3d:5f:da:7d:5b:6d:4d:59:69:46:
         c6:88:7e:88:0c:37:2f:c0:b2:b7:76:ac:ee:00:bf:cf:16:dc:
         2f:44:be:d6:40:3b:af:b0:75:64:17:a6:66:6e:6f:c4:15:6d:
         f5:64:52:f2:e6:a8:95:c1:48:75:f2:03:a2:ee:cb:f9:23:0c:
         ae:c4:cd:d6:36:35:83:80:2a:aa:e5:81:6b:cd:29:c4:ed:a2:
         db:96:2e:b1:ee:d5:76:89:70:31:a0:d7:11:93:5f:4d:fa:bd:
         38:d2:7c:09:eb:0c:67:f0:00:36:d1:cc:70:83:34:77:1a:54:
         c7:a6:03:f6:b8:15:f0:ce:d6:14:7b:ea:4d:81:9d:0e:5c:92:
         91:c0:13:8e:74:6a:af:01:00:46:42:c0:11:9c:eb:f1:0f:3a:
         f3:46:9d:e6:1b:c9:e8:e4:c0:24:0d:f3:3e:b3:17:f1:18:67:
         cb:57:c6:a4:28:97:0f:9e:4a:10:34:87:7a:d0:e1:83:34:46:
         cd:a6:92:a6:ee:86:41:c8:ab:b0:f7:33:97:34:b1:2e:21:58:
         29:74:cc:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBERWcU1O0PrwFZs6+MqXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDdmN2UxNzQxNzlhMTMzZTMwYzY2MGVkZmE4NmU3NGE0
MGRkOTUwHhcNMjUxMDIwMTAwMTI4WhcNMjUxMDIxMTAwMTI4WjAzMTEwLwYDVQQD
EyhjNWM2NGQ4MDE0ODMyN2Y5NjljOWEyYjkxMTFiNDNkYTU1YWU5ZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCJJseZSKyAcbAIXS8hW4lPSBto8
BJHXXD7F3MRPPFOZH+wU91wH8D/sY6posPAH3zJERfcWab+KLBkABnlja68lxKIG
gyvbHWyQN3fhy+tjnqWKzsAc3ksWGdbPGwEhKubBwfgt2mfTRWd81qAVo8P9gKpP
JTZqheMWeryQ7hfN1XGcZemU+VPqG1wJW28xN0OxG5zHpM8ldesFCr9PI7HszPTa
8Jw6EZxlJWrd0G5FD4odal/5O4iFUvWuN3x87WSQypu+S49CUZEJKxlBPwN63E8+
XZrJA8llF9ItBSHarMb6HX7S6XVKPlgD6nXzjw7sh5C7YXvHjhI5AF4RsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXGTYAUgyf5acmiuREbQ9pVrp1xMB8GA1UdIwQY
MBaAFGTX9+F0F5oTPjDGYO36hudKQN2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5mMzRYUVhtaE0tTU1aZzdmcUc1MHBBM1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85ODNjYWEtZWYwNS00NjBmLWEyMGEt
NDE2MjQ2NWI5ODgwLzEvWk5mMzRYUVhtaE0tTU1aZzdmcUc1MHBBM1pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85ODNjYWEtZWYwNS00NjBmLWEyMGEtNDE2MjQ2NWI5ODgw
LzEvWk5mMzRYUVhtaE0tTU1aZzdmcUc1MHBBM1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv/9bF3K+
YxdEx4HOG0Z0am7ecwCUWGXeOLQVpzjTV/0TSEUZQsq0wYtXkU49X9p9W21NWWlG
xoh+iAw3L8Cyt3as7gC/zxbcL0S+1kA7r7B1ZBemZm5vxBVt9WRS8uaolcFIdfID
ou7L+SMMrsTN1jY1g4AqquWBa80pxO2i25Yuse7VdolwMaDXEZNfTfq9ONJ8CesM
Z/AANtHMcIM0dxpUx6YD9rgV8M7WFHvqTYGdDlySkcATjnRqrwEARkLAEZzr8Q86
80ad5hvJ6OTAJA3zPrMX8Rhny1fGpCiXD55KEDSHetDhgzRGzaaSpu6GQcirsPcz
lzSxLiFYKXTMRA==
-----END CERTIFICATE-----