Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
File:                     ZLPjZgb6UsOkchyMoPszCZU0GVo.mft (raw, json)
Hash identifier:          w72Lb8TSQ7cvuVybVLQDkdAnOH14zV7vMfsEK56ZUBA=
Subject key identifier:   A0:35:47:13:1A:6D:44:3C:BD:BA:D1:78:0B:8C:28:4B:94:F8:47:97
Authority key identifier: 64:B3:E3:66:06:FA:52:C3:A4:72:1C:8C:A0:FB:33:09:95:34:19:5A
Certificate issuer:       /CN=64b3e36606fa52c3a4721c8ca0fb33099534195a
Certificate serial:       0199FBEBD67CE060423134E87D77C8E43AB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:41 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:41 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:41 +0000
Files and hashes:         1: ZLPjZgb6UsOkchyMoPszCZU0GVo.crl (hash: rMFADdIUWgVm/Z0t6mUZqGf+TGfVXI/Oo9kVzh+qDJ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:d6:7c:e0:60:42:31:34:e8:7d:77:c8:e4:3a:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b3e36606fa52c3a4721c8ca0fb33099534195a
        Validity
            Not Before: Oct 19 10:02:41 2025 GMT
            Not After : Oct 20 10:02:41 2025 GMT
        Subject: CN=a03547131a6d443cbdbad1780b8c284b94f84797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:97:2c:f5:35:0c:bc:10:b6:9e:ca:04:2d:6d:
                    09:20:56:e6:7b:f3:ed:d7:3e:c3:8a:5d:f7:e3:1e:
                    41:93:91:3e:eb:4a:d0:05:ba:cb:23:e9:95:a0:46:
                    9f:03:27:16:77:30:b5:92:c7:62:3f:19:63:43:56:
                    38:e8:85:2d:ff:89:b9:95:16:f8:dd:ff:f6:09:40:
                    a1:15:48:59:74:ba:f8:8c:da:19:c6:63:85:3c:95:
                    25:04:2b:d3:d0:01:87:17:60:89:bb:96:7e:9b:80:
                    fa:b6:63:ee:22:15:04:22:5e:57:f2:df:19:40:b2:
                    61:81:f6:e2:82:31:36:c7:66:63:5b:74:39:97:d0:
                    ab:fa:3c:6e:69:9f:26:e5:3a:0c:b9:a2:5b:dc:e5:
                    1d:d0:2d:bd:a9:89:c8:20:68:91:93:40:36:23:73:
                    a7:9d:2f:59:68:59:26:0b:16:39:9b:2d:8e:2e:ad:
                    d4:d7:00:0f:5b:7e:d1:39:70:30:e6:98:ac:7f:3b:
                    9a:08:e9:a8:7d:bb:18:4d:df:fc:13:70:31:a5:e0:
                    c0:c8:a6:8a:99:7b:e2:8c:48:f6:8d:6e:6b:e4:09:
                    c9:f5:2d:b7:65:ef:da:c2:c6:f0:13:42:89:2c:14:
                    34:c6:56:2a:b1:de:b5:45:27:99:72:86:63:8f:6f:
                    3c:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:35:47:13:1A:6D:44:3C:BD:BA:D1:78:0B:8C:28:4B:94:F8:47:97
            X509v3 Authority Key Identifier:
                keyid:64:B3:E3:66:06:FA:52:C3:A4:72:1C:8C:A0:FB:33:09:95:34:19:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLPjZgb6UsOkchyMoPszCZU0GVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/b70e07-11b2-4a2a-8955-0e381bd413d3/1/ZLPjZgb6UsOkchyMoPszCZU0GVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:a7:2d:f9:63:2c:35:b4:96:09:5a:ee:7a:ce:54:cd:e6:23:
         48:0d:3d:6f:5c:d3:ca:92:aa:1b:64:fb:d9:3c:c7:8c:bf:ec:
         36:85:ea:73:01:ac:ff:8e:b9:a6:2e:db:b7:b3:0e:d5:6b:04:
         3b:79:5d:40:63:8b:45:36:1d:b0:cc:27:a5:df:76:60:18:b0:
         fa:15:78:0e:76:be:f8:75:74:73:f7:08:e8:3e:1b:e0:1f:a5:
         e3:fe:55:48:f5:cd:77:2b:c6:6b:2f:6b:02:63:6e:78:fe:ca:
         43:e0:17:12:81:9b:7a:5f:3f:4b:b2:3d:0c:15:83:72:24:d1:
         ef:a4:35:9a:00:ee:77:48:56:68:54:f9:2b:c5:8d:81:c2:5c:
         18:ee:92:31:a2:0b:21:66:4c:83:17:68:42:6c:64:79:d8:a3:
         ab:5a:71:4e:3d:f8:f8:2a:e5:b7:22:29:19:34:45:de:a9:dc:
         d3:67:49:33:0a:dc:02:25:a3:6f:1f:ac:5f:3a:56:4d:de:4a:
         ed:92:21:99:25:7a:b9:4d:6f:7b:2e:6e:e3:0e:e2:a0:ea:34:
         92:fe:47:bb:2a:ee:f9:6f:7b:c6:3a:ff:ad:5f:d1:67:75:dc:
         99:7c:df:48:47:91:99:b1:8e:ce:d9:67:dc:fc:0e:c1:13:a1:
         e5:6a:55:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn769Z84GBCMTTofXfI5Dq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjNlMzY2MDZmYTUyYzNhNDcyMWM4Y2EwZmIzMzA5OTUz
NDE5NWEwHhcNMjUxMDE5MTAwMjQxWhcNMjUxMDIwMTAwMjQxWjAzMTEwLwYDVQQD
EyhhMDM1NDcxMzFhNmQ0NDNjYmRiYWQxNzgwYjhjMjg0Yjk0Zjg0Nzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05cs9TUMvBC2nsoELW0JIFbme/Pt
1z7Dil334x5Bk5E+60rQBbrLI+mVoEafAycWdzC1ksdiPxljQ1Y46IUt/4m5lRb4
3f/2CUChFUhZdLr4jNoZxmOFPJUlBCvT0AGHF2CJu5Z+m4D6tmPuIhUEIl5X8t8Z
QLJhgfbigjE2x2ZjW3Q5l9Cr+jxuaZ8m5ToMuaJb3OUd0C29qYnIIGiRk0A2I3On
nS9ZaFkmCxY5my2OLq3U1wAPW37ROXAw5pisfzuaCOmofbsYTd/8E3AxpeDAyKaK
mXvijEj2jW5r5AnJ9S23Ze/awsbwE0KJLBQ0xlYqsd61RSeZcoZjj288FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKA1RxMabUQ8vbrReAuMKEuU+EeXMB8GA1UdIwQY
MBaAFGSz42YG+lLDpHIcjKD7MwmVNBlaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iNzBlMDctMTFiMi00YTJhLTg5NTUt
MGUzODFiZDQxM2QzLzEvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iNzBlMDctMTFiMi00YTJhLTg5NTUtMGUzODFiZDQxM2Qz
LzEvWkxQalpnYjZVc09rY2h5TW9Qc3pDWlUwR1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQqct+WMs
NbSWCVrues5UzeYjSA09b1zTypKqG2T72TzHjL/sNoXqcwGs/465pi7bt7MO1WsE
O3ldQGOLRTYdsMwnpd92YBiw+hV4Dna++HV0c/cI6D4b4B+l4/5VSPXNdyvGay9r
AmNueP7KQ+AXEoGbel8/S7I9DBWDciTR76Q1mgDud0hWaFT5K8WNgcJcGO6SMaIL
IWZMgxdoQmxkedijq1pxTj34+CrltyIpGTRF3qnc02dJMwrcAiWjbx+sXzpWTd5K
7ZIhmSV6uU1vey5u4w7ioOo0kv5Huyru+W97xjr/rV/RZ3XcmXzfSEeRmbGOztln
3PwOwROh5WpVhA==
-----END CERTIFICATE-----