Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
File:                     zsUHpaHlUBp61jVTNazf5j2ryQs.mft (raw, json)
Hash identifier:          Tp8EdfJtWbhXvZgZeA7tr66DXJLPZPw3KC5CHVW/pnw=
Subject key identifier:   4B:7C:03:0C:D0:E1:B7:AB:53:E7:CC:4D:8D:93:91:9F:B4:98:5A:79
Authority key identifier: CE:C5:07:A5:A1:E5:50:1A:7A:D6:35:53:35:AC:DF:E6:3D:AB:C9:0B
Certificate issuer:       /CN=cec507a5a1e5501a7ad6355335acdfe63dabc90b
Certificate serial:       0199FD343DFE012A5E6917EF9B743B17B572
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 16:01:23 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:23 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:23 +0000
Files and hashes:         1: zsUHpaHlUBp61jVTNazf5j2ryQs.crl (hash: CuQtoCS+LZApvq4npwEvekCPVnS/RplWHZ3J2WAtZLI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:3d:fe:01:2a:5e:69:17:ef:9b:74:3b:17:b5:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec507a5a1e5501a7ad6355335acdfe63dabc90b
        Validity
            Not Before: Oct 19 16:01:23 2025 GMT
            Not After : Oct 20 16:01:23 2025 GMT
        Subject: CN=4b7c030cd0e1b7ab53e7cc4d8d93919fb4985a79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f8:1b:63:91:3c:99:1a:93:84:80:cb:3a:ce:
                    07:80:76:42:06:4a:01:99:c3:f5:43:96:c1:12:61:
                    0f:c7:0c:35:90:ed:85:44:a8:f6:3b:e3:a4:2a:16:
                    2e:c7:34:46:6e:a3:43:bb:6c:89:44:49:7e:45:7c:
                    9f:50:19:61:d6:ef:88:27:b6:ff:7c:3c:1a:46:91:
                    54:1b:c0:26:35:e8:47:74:ed:66:ad:6c:56:69:44:
                    ad:79:87:4f:30:5c:fb:d5:60:d6:20:11:d4:e8:0c:
                    4d:76:b5:de:d8:3f:19:e0:c9:48:64:25:89:33:b0:
                    f6:8e:20:0e:ae:f9:ed:ca:df:45:5f:4f:b9:83:c2:
                    2c:2b:f0:0f:4d:a9:83:8b:fe:f4:45:65:d8:32:c2:
                    45:74:a3:80:78:fa:ca:bf:c5:e2:49:b3:89:a1:3a:
                    ca:d1:36:b6:7b:32:b2:aa:e5:97:f7:ef:34:76:f0:
                    55:1f:07:1a:e6:44:05:47:79:ad:d4:91:e0:fa:7b:
                    ee:f6:31:de:dd:ab:aa:c2:dd:12:a5:bf:76:00:8d:
                    a2:4e:ca:b8:30:ac:27:91:da:5c:d3:6a:27:61:6a:
                    74:ab:e8:c4:fe:85:3f:a0:c8:58:d4:3f:68:a7:61:
                    7c:a6:8f:a4:24:b4:55:4d:6f:a9:9a:8c:de:70:76:
                    69:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:7C:03:0C:D0:E1:B7:AB:53:E7:CC:4D:8D:93:91:9F:B4:98:5A:79
            X509v3 Authority Key Identifier:
                keyid:CE:C5:07:A5:A1:E5:50:1A:7A:D6:35:53:35:AC:DF:E6:3D:AB:C9:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:ee:da:ce:17:79:d9:ee:c3:4f:72:01:ec:d5:bb:d2:39:5b:
         6a:df:5f:8b:c2:16:7e:0e:8d:ec:9b:5f:60:9f:6c:98:e0:9f:
         8f:d6:ce:d5:9a:14:cb:b3:17:49:99:e1:03:8e:7a:12:af:4e:
         28:7f:67:9c:a6:7b:80:1b:85:80:80:3e:86:86:89:3a:bf:0d:
         a9:0d:f9:5a:c1:d6:f3:74:51:39:04:d7:a9:84:66:db:59:a8:
         1f:7e:25:bf:35:b3:3f:8a:e2:74:bf:9d:bc:44:91:5a:6c:3b:
         aa:aa:c1:34:01:fb:1d:da:8f:df:f5:e8:93:c1:02:a5:71:0e:
         22:41:07:19:e2:64:f0:83:ea:c2:27:57:e7:5f:14:40:c4:12:
         55:3d:54:d8:61:73:ef:d2:51:d9:49:b1:d2:79:b1:d2:63:68:
         a4:86:e0:9c:22:14:ba:15:c0:01:73:e7:bc:2e:f1:57:9b:cd:
         be:e8:13:18:c8:91:1e:b7:5b:91:7a:ef:28:3d:ba:c4:71:0a:
         4d:29:c9:d4:87:61:44:30:be:1c:73:33:98:91:80:95:53:52:
         ae:0a:da:d2:1b:38:c9:62:85:a9:29:da:95:60:63:b5:f8:b0:
         98:b9:03:b3:5e:7e:03:d4:0c:7a:fe:ab:0f:4e:c8:f8:56:f3:
         3d:27:fd:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9ND3+ASpeaRfvm3Q7F7VyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzUwN2E1YTFlNTUwMWE3YWQ2MzU1MzM1YWNkZmU2M2Rh
YmM5MGIwHhcNMjUxMDE5MTYwMTIzWhcNMjUxMDIwMTYwMTIzWjAzMTEwLwYDVQQD
Eyg0YjdjMDMwY2QwZTFiN2FiNTNlN2NjNGQ4ZDkzOTE5ZmI0OTg1YTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPgbY5E8mRqThIDLOs4HgHZCBkoB
mcP1Q5bBEmEPxww1kO2FRKj2O+OkKhYuxzRGbqNDu2yJREl+RXyfUBlh1u+IJ7b/
fDwaRpFUG8AmNehHdO1mrWxWaUSteYdPMFz71WDWIBHU6AxNdrXe2D8Z4MlIZCWJ
M7D2jiAOrvntyt9FX0+5g8IsK/APTamDi/70RWXYMsJFdKOAePrKv8XiSbOJoTrK
0Ta2ezKyquWX9+80dvBVHwca5kQFR3mt1JHg+nvu9jHe3auqwt0Spb92AI2iTsq4
MKwnkdpc02onYWp0q+jE/oU/oMhY1D9op2F8po+kJLRVTW+pmozecHZp6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEt8AwzQ4berU+fMTY2TkZ+0mFp5MB8GA1UdIwQY
MBaAFM7FB6Wh5VAaetY1UzWs3+Y9q8kLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wYjIyYmEtNDkxMS00ZmJlLTg0N2Mt
ZDI0YWE1Nzk0ZDhiLzEvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8wYjIyYmEtNDkxMS00ZmJlLTg0N2MtZDI0YWE1Nzk0ZDhi
LzEvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALu7azhd5
2e7DT3IB7NW70jlbat9fi8IWfg6N7JtfYJ9smOCfj9bO1ZoUy7MXSZnhA456Eq9O
KH9nnKZ7gBuFgIA+hoaJOr8NqQ35WsHW83RROQTXqYRm21moH34lvzWzP4ridL+d
vESRWmw7qqrBNAH7HdqP3/Xok8ECpXEOIkEHGeJk8IPqwidX518UQMQSVT1U2GFz
79JR2Umx0nmx0mNopIbgnCIUuhXAAXPnvC7xV5vNvugTGMiRHrdbkXrvKD26xHEK
TSnJ1IdhRDC+HHMzmJGAlVNSrgra0hs4yWKFqSnalWBjtfiwmLkDs15+A9QMev6r
D07I+FbzPSf9Ew==
-----END CERTIFICATE-----