Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
File:                     ZLPjZgb6UsOkchyMoPszCZU0GVo.mft (raw, json)
Hash identifier:          ATwVVgEIXyxQg02g7RloSkZrMpxfugv9ouUTu8qJg6c=
Subject key identifier:   7E:28:28:DB:66:36:EC:55:FE:F5:C4:D9:77:F5:D7:AD:13:99:64:B3
Authority key identifier: 64:B3:E3:66:06:FA:52:C3:A4:72:1C:8C:A0:FB:33:09:95:34:19:5A
Certificate issuer:       /CN=64b3e36606fa52c3a4721c8ca0fb33099534195a
Certificate serial:       0198D6602EFA5CAF9CF254A8A21F3ED23EA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:01:24 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:24 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:24 +0000
Files and hashes:         1: ZLPjZgb6UsOkchyMoPszCZU0GVo.crl (hash: lGuJyYHibmfly0vMZzZp5Own3qn6UjXrLyoVtlkdCC4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:2e:fa:5c:af:9c:f2:54:a8:a2:1f:3e:d2:3e:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b3e36606fa52c3a4721c8ca0fb33099534195a
        Validity
            Not Before: Aug 23 10:01:24 2025 GMT
            Not After : Aug 24 10:01:24 2025 GMT
        Subject: CN=7e2828db6636ec55fef5c4d977f5d7ad139964b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a4:f1:bc:2f:d8:69:62:1a:b6:aa:82:07:0d:
                    1e:3c:c5:f4:0a:65:fc:27:87:8e:9f:c0:f3:a8:73:
                    b6:00:f4:99:2e:5c:8d:36:bb:99:4f:45:4f:d8:ab:
                    02:5c:2b:e4:09:47:12:50:5a:fe:4f:98:72:ab:b1:
                    1a:d5:ac:a2:f2:f3:8e:63:b4:17:71:fe:30:3e:8c:
                    36:a8:04:27:70:47:8d:bb:0a:12:0e:17:13:25:d5:
                    09:61:8e:02:10:99:e4:a6:5b:0f:88:5c:fa:46:58:
                    62:aa:c5:84:1f:d9:52:58:7b:a2:07:f0:15:d6:3b:
                    83:b1:b7:30:93:62:c5:5e:27:7f:a3:04:90:c2:c5:
                    64:46:c2:52:f2:5d:8f:68:cb:68:c1:43:31:e4:4f:
                    3b:6b:2f:56:63:d5:dc:6e:3b:0a:0e:9d:b6:fe:c5:
                    6e:79:a6:01:c7:4d:3f:32:7d:d4:9f:81:4e:52:c2:
                    00:9c:57:e0:b7:3b:52:8a:a8:d5:15:67:f5:78:56:
                    90:9f:d4:e4:c1:f8:fc:7b:57:b4:38:c1:94:d8:26:
                    bd:bd:89:fb:f6:e1:68:ab:d4:41:9e:77:80:f3:4f:
                    3f:b8:18:15:45:4f:99:53:23:90:0d:72:d0:62:df:
                    8e:07:08:ec:8e:ec:19:08:9e:3a:25:95:c2:db:3c:
                    d6:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:28:28:DB:66:36:EC:55:FE:F5:C4:D9:77:F5:D7:AD:13:99:64:B3
            X509v3 Authority Key Identifier:
                keyid:64:B3:E3:66:06:FA:52:C3:A4:72:1C:8C:A0:FB:33:09:95:34:19:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:12:cb:0a:f4:5d:44:16:fe:32:e5:d2:f5:b3:3e:47:55:a7:
         3d:3f:d4:f3:56:30:96:e1:de:b9:32:4e:11:95:92:40:8d:fa:
         a0:22:40:04:f4:92:34:e9:a4:63:78:84:d3:38:27:a9:24:aa:
         2e:1f:ab:83:0f:2a:67:1a:21:3a:1e:ef:f2:b7:88:0c:aa:01:
         31:b5:c7:05:8c:38:16:95:5d:55:e2:8f:ef:4d:95:04:49:ab:
         20:1a:eb:2b:d8:a0:7c:0e:79:ad:bb:b3:5f:13:75:4c:5a:61:
         8d:98:7c:fd:38:06:12:cb:5d:a8:64:b1:77:85:27:86:4e:63:
         ab:d3:e9:e3:88:75:0a:8d:d5:54:88:c0:c3:8d:d0:a0:fb:8f:
         76:12:f9:7b:3e:69:82:ac:5f:6e:3a:f2:02:9a:48:68:04:f0:
         33:ef:ff:49:3f:c6:9c:5b:ff:e9:78:f4:1d:49:17:3b:50:83:
         f2:3d:37:b1:4f:47:a9:8d:ac:61:12:d0:63:8f:92:9f:1b:af:
         a2:c1:ab:91:b5:31:85:96:f0:b2:05:da:da:80:03:61:7a:cb:
         f8:0f:ae:85:80:87:52:06:92:46:8b:bd:19:57:74:8c:ad:5c:
         65:bc:19:d1:93:76:bb:3f:7f:42:d0:38:92:b7:22:f4:6d:c9:
         5c:88:cb:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYC76XK+c8lSooh8+0j6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjNlMzY2MDZmYTUyYzNhNDcyMWM4Y2EwZmIzMzA5OTUz
NDE5NWEwHhcNMjUwODIzMTAwMTI0WhcNMjUwODI0MTAwMTI0WjAzMTEwLwYDVQQD
Eyg3ZTI4MjhkYjY2MzZlYzU1ZmVmNWM0ZDk3N2Y1ZDdhZDEzOTk2NGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qTxvC/YaWIatqqCBw0ePMX0CmX8
J4eOn8DzqHO2APSZLlyNNruZT0VP2KsCXCvkCUcSUFr+T5hyq7Ea1ayi8vOOY7QX
cf4wPow2qAQncEeNuwoSDhcTJdUJYY4CEJnkplsPiFz6RlhiqsWEH9lSWHuiB/AV
1juDsbcwk2LFXid/owSQwsVkRsJS8l2PaMtowUMx5E87ay9WY9XcbjsKDp22/sVu
eaYBx00/Mn3Un4FOUsIAnFfgtztSiqjVFWf1eFaQn9Tkwfj8e1e0OMGU2Ca9vYn7
9uFoq9RBnneA808/uBgVRU+ZUyOQDXLQYt+OBwjsjuwZCJ46JZXC2zzWWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4oKNtmNuxV/vXE2Xf1160TmWSzMB8GA1UdIwQY
MBaAFGSz42YG+lLDpHIcjKD7MwmVNBlaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iNzBlMDctMTFiMi00YTJhLTg5NTUt
MGUzODFiZDQxM2QzLzEvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iNzBlMDctMTFiMi00YTJhLTg5NTUtMGUzODFiZDQxM2Qz
LzEvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRLLCvRd
RBb+MuXS9bM+R1WnPT/U81YwluHeuTJOEZWSQI36oCJABPSSNOmkY3iE0zgnqSSq
Lh+rgw8qZxohOh7v8reIDKoBMbXHBYw4FpVdVeKP702VBEmrIBrrK9igfA55rbuz
XxN1TFphjZh8/TgGEstdqGSxd4Unhk5jq9Pp44h1Co3VVIjAw43QoPuPdhL5ez5p
gqxfbjryAppIaATwM+//ST/GnFv/6Xj0HUkXO1CD8j03sU9HqY2sYRLQY4+Snxuv
osGrkbUxhZbwsgXa2oADYXrL+A+uhYCHUgaSRou9GVd0jK1cZbwZ0ZN2uz9/QtA4
krci9G3JXIjL5w==
-----END CERTIFICATE-----