Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
File:                     z9rC7BEEwkXZyrqOthY46drxADk.mft (raw, json)
Hash identifier:          XxsO3+X6Hx7k4lqWczA0bNZmgLfv0e7Cl4upsx8Lh2k=
Subject key identifier:   B0:02:70:22:54:78:0A:18:35:35:F6:76:36:8D:B1:8F:7D:6C:F1:34
Authority key identifier: CF:DA:C2:EC:11:04:C2:45:D9:CA:BA:8E:B6:16:38:E9:DA:F1:00:39
Certificate issuer:       /CN=cfdac2ec1104c245d9caba8eb61638e9daf10039
Certificate serial:       0199FBEACB84B754610E0B105B715C6144D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
Manifest number:          121F
Signing time:             Sun 19 Oct 2025 10:01:32 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:32 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:32 +0000
Files and hashes:         1: z9rC7BEEwkXZyrqOthY46drxADk.crl (hash: jf/MpMfkTMiDunN4IctdiJepjeY3zeRQsvOvNa0JAmU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:cb:84:b7:54:61:0e:0b:10:5b:71:5c:61:44:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfdac2ec1104c245d9caba8eb61638e9daf10039
        Validity
            Not Before: Oct 19 10:01:32 2025 GMT
            Not After : Oct 20 10:01:32 2025 GMT
        Subject: CN=b002702254780a183535f676368db18f7d6cf134
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:b2:31:b3:d6:86:65:a4:53:84:52:f0:07:71:
                    67:cd:03:98:1c:90:fd:64:7a:78:86:08:07:ab:6e:
                    02:21:99:d5:85:fb:08:29:04:47:62:e3:d8:4e:1a:
                    bc:61:79:20:de:01:6b:2f:09:f5:e5:dc:ac:a0:3b:
                    07:4d:a1:5a:5d:e0:d7:00:c1:c5:b8:a6:38:9e:d8:
                    f8:45:f9:1e:f6:5a:71:af:b7:8d:d6:f0:fd:e0:17:
                    ba:a1:41:a6:4f:e0:8b:f1:2b:df:d5:c6:f7:9c:18:
                    57:fb:97:cf:1a:a2:5b:72:41:42:2d:9e:69:7d:e5:
                    17:47:24:bf:f5:a6:36:44:ba:88:dc:92:c2:93:bd:
                    bc:d6:52:e5:2e:fd:47:1c:86:5b:b2:c0:b2:97:1b:
                    54:1d:86:0b:21:80:15:0e:5b:5d:b1:89:44:87:fc:
                    88:18:a8:9a:5b:4d:1e:fb:43:67:5f:2e:27:7d:47:
                    54:a2:69:f2:22:1c:46:62:ce:ba:c8:4d:67:a6:20:
                    e5:02:e0:d6:52:f9:41:f3:33:2a:eb:49:dc:d7:a5:
                    59:54:7d:07:25:1a:05:10:95:2b:c2:94:94:64:9d:
                    b1:81:09:c1:7e:c5:89:04:26:45:43:ab:52:fe:65:
                    38:02:65:b1:13:c7:18:8a:5c:c9:0b:b3:9b:a9:98:
                    16:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:02:70:22:54:78:0A:18:35:35:F6:76:36:8D:B1:8F:7D:6C:F1:34
            X509v3 Authority Key Identifier:
                keyid:CF:DA:C2:EC:11:04:C2:45:D9:CA:BA:8E:B6:16:38:E9:DA:F1:00:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:90:22:40:6b:44:8e:07:24:10:1f:27:b5:d0:08:7a:de:26:
         bd:86:5e:a3:51:e6:f6:b0:00:ab:63:64:9a:11:ad:0a:ed:cd:
         6d:e9:3c:8d:de:3b:a8:2f:87:d8:e9:fe:a3:c7:d5:f8:32:e5:
         15:5c:62:d7:6e:74:1d:b4:d2:4a:6b:b3:e7:cd:2b:76:52:73:
         b0:d8:93:63:b8:3a:5a:02:4f:73:00:d5:73:c9:39:fc:93:79:
         ca:1a:0b:d8:b1:61:61:05:8b:1b:4e:4d:52:af:76:49:32:53:
         25:ae:80:2a:ab:ad:07:94:ba:cf:39:bb:44:e2:d7:fa:a9:a4:
         cd:d0:a3:c5:eb:33:40:e9:fd:9b:f9:30:f6:c9:7d:15:37:08:
         ba:f0:89:4c:21:98:76:b4:bd:56:d9:d9:2c:49:c2:90:23:38:
         c2:73:29:8a:7e:cf:36:7c:a9:ce:a0:69:6d:0e:6f:4f:ec:17:
         4c:ab:00:c9:bf:74:47:00:dc:b7:7e:65:c7:d0:9d:fc:51:c6:
         14:5a:26:a6:77:4b:ca:ce:e4:d3:74:fe:2f:b5:b4:c8:81:04:
         0c:60:7d:8e:62:55:e5:6d:9f:5a:99:cf:c7:94:9a:14:7d:b4:
         d1:cf:f0:eb:18:d1:37:69:8d:90:50:4e:e6:b6:b3:8c:37:bf:
         8f:76:0d:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76suEt1RhDgsQW3FcYUTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGFjMmVjMTEwNGMyNDVkOWNhYmE4ZWI2MTYzOGU5ZGFm
MTAwMzkwHhcNMjUxMDE5MTAwMTMyWhcNMjUxMDIwMTAwMTMyWjAzMTEwLwYDVQQD
EyhiMDAyNzAyMjU0NzgwYTE4MzUzNWY2NzYzNjhkYjE4ZjdkNmNmMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrIxs9aGZaRThFLwB3FnzQOYHJD9
ZHp4hggHq24CIZnVhfsIKQRHYuPYThq8YXkg3gFrLwn15dysoDsHTaFaXeDXAMHF
uKY4ntj4Rfke9lpxr7eN1vD94Be6oUGmT+CL8Svf1cb3nBhX+5fPGqJbckFCLZ5p
feUXRyS/9aY2RLqI3JLCk7281lLlLv1HHIZbssCylxtUHYYLIYAVDltdsYlEh/yI
GKiaW00e+0NnXy4nfUdUomnyIhxGYs66yE1npiDlAuDWUvlB8zMq60nc16VZVH0H
JRoFEJUrwpSUZJ2xgQnBfsWJBCZFQ6tS/mU4AmWxE8cYilzJC7ObqZgWcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLACcCJUeAoYNTX2djaNsY99bPE0MB8GA1UdIwQY
MBaAFM/awuwRBMJF2cq6jrYWOOna8QA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lNmRlNjgtYTZlMi00YWRlLWEwOTYt
NTYwNzhjODRkYzE3LzEvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lNmRlNjgtYTZlMi00YWRlLWEwOTYtNTYwNzhjODRkYzE3
LzEvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEpAiQGtE
jgckEB8ntdAIet4mvYZeo1Hm9rAAq2NkmhGtCu3Nbek8jd47qC+H2On+o8fV+DLl
FVxi1250HbTSSmuz580rdlJzsNiTY7g6WgJPcwDVc8k5/JN5yhoL2LFhYQWLG05N
Uq92STJTJa6AKqutB5S6zzm7ROLX+qmkzdCjxeszQOn9m/kw9sl9FTcIuvCJTCGY
drS9VtnZLEnCkCM4wnMpin7PNnypzqBpbQ5vT+wXTKsAyb90RwDct35lx9Cd/FHG
FFompndLys7k03T+L7W0yIEEDGB9jmJV5W2fWpnPx5SaFH200c/w6xjRN2mNkFBO
5razjDe/j3YNuQ==
-----END CERTIFICATE-----