Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
File:                     zsUHpaHlUBp61jVTNazf5j2ryQs.mft (raw, json)
Hash identifier:          YclnOyeF8mJWnqqa0YmI+6aVZ3UfibSzs6KGmsdfzuY=
Subject key identifier:   8E:5B:FA:82:56:51:55:CC:A5:54:D6:B7:1B:78:24:C1:68:F9:83:93
Authority key identifier: CE:C5:07:A5:A1:E5:50:1A:7A:D6:35:53:35:AC:DF:E6:3D:AB:C9:0B
Certificate issuer:       /CN=cec507a5a1e5501a7ad6355335acdfe63dabc90b
Certificate serial:       0198D5BC59A20B94EEB15D4DF4C7EF628000
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 07:02:27 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:27 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:27 +0000
Files and hashes:         1: zsUHpaHlUBp61jVTNazf5j2ryQs.crl (hash: xNvQmNaVoajhkhtywbl7ni0udadOFGP1LmDNcANcVHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:59:a2:0b:94:ee:b1:5d:4d:f4:c7:ef:62:80:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec507a5a1e5501a7ad6355335acdfe63dabc90b
        Validity
            Not Before: Aug 23 07:02:27 2025 GMT
            Not After : Aug 24 07:02:27 2025 GMT
        Subject: CN=8e5bfa82565155cca554d6b71b7824c168f98393
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:00:60:8c:4b:ca:c8:11:1e:2d:26:92:1e:c6:
                    2b:ea:d4:c6:e0:82:e8:32:38:6d:5d:cc:fc:bc:2d:
                    17:27:39:6f:09:8a:c5:1f:a9:c0:74:98:cc:86:02:
                    b0:7b:93:71:21:db:5c:ea:88:ef:05:f5:4e:37:be:
                    82:24:17:b0:f6:ca:e0:f5:be:14:24:bd:05:98:d9:
                    06:fd:98:c5:c7:d8:20:43:25:96:bf:c3:45:96:d6:
                    dc:ff:6b:dc:bf:5e:61:3a:6a:c3:ed:ff:fa:d4:54:
                    dc:a9:20:e3:a8:ce:1e:5f:2e:b1:eb:22:9f:92:ef:
                    4c:27:e0:c2:a3:38:f2:ad:07:ee:0d:98:3f:e1:d2:
                    ee:3b:ed:a1:2b:31:39:b3:ca:c1:a7:74:9b:75:e9:
                    6e:63:4d:f3:e7:f0:de:82:f5:ca:33:50:0e:f2:0b:
                    86:54:f6:b5:56:05:55:fc:b5:99:51:af:ba:9f:83:
                    82:32:9c:b4:74:b6:42:b9:33:05:04:71:d2:83:16:
                    7f:03:63:de:6c:08:12:ae:f8:d4:0d:89:aa:09:95:
                    67:71:65:35:03:34:c1:8a:26:21:fe:81:83:28:41:
                    d3:ec:e9:6c:44:16:80:af:20:87:c6:e6:c8:5e:40:
                    c4:ef:5e:69:62:ff:52:23:09:55:ae:d6:63:45:b8:
                    27:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:5B:FA:82:56:51:55:CC:A5:54:D6:B7:1B:78:24:C1:68:F9:83:93
            X509v3 Authority Key Identifier:
                keyid:CE:C5:07:A5:A1:E5:50:1A:7A:D6:35:53:35:AC:DF:E6:3D:AB:C9:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:c3:60:17:99:d9:5d:14:0e:53:0b:7e:28:06:ce:5b:b5:4e:
         6d:76:70:90:c5:98:36:9a:84:6c:dc:27:a7:a5:5d:66:88:d3:
         e5:94:d5:af:1a:59:c5:ee:c8:a5:2d:78:ce:b9:6c:5e:d5:28:
         59:26:57:5e:5c:01:a9:ce:f6:b6:f6:0f:31:48:94:52:7b:36:
         93:f3:bb:ee:cc:6d:2f:98:f8:b1:94:28:7e:00:03:81:95:c1:
         c2:fe:2f:ee:76:cd:39:d1:51:bc:2c:9c:90:9f:24:24:85:41:
         a1:cb:8a:71:27:1e:98:50:07:a3:90:d6:bc:d3:11:af:e7:52:
         01:f8:44:ae:c9:81:97:de:89:62:41:e4:4d:6d:69:23:58:a1:
         10:93:9d:3d:89:bd:36:58:c2:fe:d6:00:c4:a8:5c:dd:49:01:
         f5:12:24:a4:60:0b:0c:c2:4b:2a:d9:7d:e7:e6:53:05:85:24:
         85:e6:1a:86:d9:43:c5:92:e2:2e:04:a1:2c:30:57:cb:8b:7f:
         aa:73:50:71:21:6d:ef:cf:2a:4d:19:87:e9:6f:3e:5b:70:0d:
         fa:4f:71:a4:7d:01:6d:03:02:d3:0f:25:9b:10:a8:50:7a:65:
         7d:f1:6c:f8:31:27:13:3d:26:bd:37:b5:ec:8b:1e:d5:f8:30:
         48:f7:45:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvFmiC5TusV1N9MfvYoAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzUwN2E1YTFlNTUwMWE3YWQ2MzU1MzM1YWNkZmU2M2Rh
YmM5MGIwHhcNMjUwODIzMDcwMjI3WhcNMjUwODI0MDcwMjI3WjAzMTEwLwYDVQQD
Eyg4ZTViZmE4MjU2NTE1NWNjYTU1NGQ2YjcxYjc4MjRjMTY4Zjk4MzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ABgjEvKyBEeLSaSHsYr6tTG4ILo
MjhtXcz8vC0XJzlvCYrFH6nAdJjMhgKwe5NxIdtc6ojvBfVON76CJBew9srg9b4U
JL0FmNkG/ZjFx9ggQyWWv8NFltbc/2vcv15hOmrD7f/61FTcqSDjqM4eXy6x6yKf
ku9MJ+DCozjyrQfuDZg/4dLuO+2hKzE5s8rBp3SbdeluY03z5/DegvXKM1AO8guG
VPa1VgVV/LWZUa+6n4OCMpy0dLZCuTMFBHHSgxZ/A2PebAgSrvjUDYmqCZVncWU1
AzTBiiYh/oGDKEHT7OlsRBaAryCHxubIXkDE715pYv9SIwlVrtZjRbgnlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5b+oJWUVXMpVTWtxt4JMFo+YOTMB8GA1UdIwQY
MBaAFM7FB6Wh5VAaetY1UzWs3+Y9q8kLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wYjIyYmEtNDkxMS00ZmJlLTg0N2Mt
ZDI0YWE1Nzk0ZDhiLzEvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8wYjIyYmEtNDkxMS00ZmJlLTg0N2MtZDI0YWE1Nzk0ZDhi
LzEvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFsNgF5nZ
XRQOUwt+KAbOW7VObXZwkMWYNpqEbNwnp6VdZojT5ZTVrxpZxe7IpS14zrlsXtUo
WSZXXlwBqc72tvYPMUiUUns2k/O77sxtL5j4sZQofgADgZXBwv4v7nbNOdFRvCyc
kJ8kJIVBocuKcScemFAHo5DWvNMRr+dSAfhErsmBl96JYkHkTW1pI1ihEJOdPYm9
NljC/tYAxKhc3UkB9RIkpGALDMJLKtl95+ZTBYUkheYahtlDxZLiLgShLDBXy4t/
qnNQcSFt788qTRmH6W8+W3AN+k9xpH0BbQMC0w8lmxCoUHplffFs+DEnEz0mvTe1
7Ise1fgwSPdFGw==
-----END CERTIFICATE-----