Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
File:                     zrxhguhz_3oDHIiV79xXw2hx3XI.mft (raw, json)
Hash identifier:          tscrUi54meonSGJTmSZ39UzDQTpOIVI0zI9QVch1wm4=
Subject key identifier:   80:8C:7A:EA:2A:37:54:A2:6D:A7:72:56:A7:12:F7:0C:B9:65:EA:A4
Authority key identifier: CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72
Certificate issuer:       /CN=cebc6182e873ff7a031c8895efdc57c36871dd72
Certificate serial:       0199FBEC0C4E257301CA0945EE0052575117
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
Manifest number:          0276
Signing time:             Sun 19 Oct 2025 10:02:54 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:54 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:54 +0000
Files and hashes:         1: zrxhguhz_3oDHIiV79xXw2hx3XI.crl (hash: kfvx6kW79oZFtdO6Qh0LtrTglHKs6QUxQCt7Mzkh5Iw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:0c:4e:25:73:01:ca:09:45:ee:00:52:57:51:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cebc6182e873ff7a031c8895efdc57c36871dd72
        Validity
            Not Before: Oct 19 10:02:54 2025 GMT
            Not After : Oct 20 10:02:54 2025 GMT
        Subject: CN=808c7aea2a3754a26da77256a712f70cb965eaa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a9:1c:c1:60:21:4a:e8:9e:c8:d2:21:5a:58:
                    cb:e0:ff:36:0e:07:e8:66:e7:91:03:a0:ee:26:7f:
                    f5:bc:be:76:50:af:74:a2:b9:68:b5:d6:e5:cd:25:
                    34:90:d4:a1:ba:b6:72:e6:4a:c5:1a:d7:48:0b:00:
                    e4:33:38:59:d1:ed:b2:30:e4:42:52:7d:42:2d:6b:
                    87:36:e3:6b:c0:7b:cf:dd:38:4c:02:4e:bd:01:6d:
                    05:1b:59:73:26:ff:6e:ec:51:0e:40:8f:f5:2f:52:
                    7e:87:52:a3:b8:81:2e:8d:b6:98:b5:87:9f:80:24:
                    96:60:ac:11:5a:e4:cd:ae:0b:10:42:48:40:ef:fc:
                    9f:f4:9d:2b:f3:f6:33:26:1f:c4:4e:e2:b5:da:35:
                    c2:f8:bd:29:73:00:60:2e:51:9b:64:9c:2d:57:10:
                    ca:f4:0a:9a:49:5e:63:27:e2:45:0b:5f:e2:bd:bb:
                    a6:7c:30:44:b2:20:b4:13:32:39:cd:28:37:e7:06:
                    02:6c:10:53:66:fc:fc:41:0d:24:be:c5:15:6b:3c:
                    25:54:db:ae:48:df:bf:04:1f:bd:9b:4e:e9:a7:e3:
                    e9:23:a4:fb:d7:a6:47:f4:57:52:74:42:a4:bd:cf:
                    de:c3:bc:e5:7e:9c:43:0a:f5:44:87:02:06:b6:66:
                    83:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:8C:7A:EA:2A:37:54:A2:6D:A7:72:56:A7:12:F7:0C:B9:65:EA:A4
            X509v3 Authority Key Identifier:
                keyid:CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:89:ad:31:fd:98:1b:5c:1a:5a:e3:45:4f:db:c0:a1:42:c7:
         a1:a4:d9:b8:5a:70:9a:ad:72:5a:82:64:c9:d6:99:01:b4:57:
         8c:75:6b:80:b2:50:cd:0b:3f:78:ce:36:bf:8f:b4:85:56:21:
         49:b2:a8:8d:14:42:70:24:c8:48:ec:76:4d:15:31:c3:c0:e1:
         09:95:94:4f:85:13:db:01:b6:80:21:17:c2:37:0c:fc:de:1b:
         a1:6e:af:4b:23:7c:9a:87:75:db:4a:d0:2a:4c:a1:2f:0c:41:
         13:8b:e6:cd:70:11:d9:d8:38:a3:07:dd:c1:5b:0d:a9:95:00:
         fe:a0:20:a0:9f:e1:a1:61:59:6a:c0:9c:00:e7:27:14:98:54:
         f0:c0:18:83:2f:1d:40:a6:37:b2:92:e4:86:09:f0:bc:3f:92:
         3a:22:8e:f3:54:a5:f4:3a:1a:b7:6a:31:9b:d6:d5:de:af:19:
         73:59:b9:53:aa:dd:4d:88:77:bd:65:de:36:34:01:b8:77:e6:
         11:64:ed:6f:a1:cc:79:f2:0b:66:e2:66:d0:69:05:2f:b7:85:
         ac:8f:a9:79:45:28:4b:e8:f2:c4:13:17:5f:58:ed:99:59:22:
         83:6b:80:d7:f3:fb:a4:05:35:95:60:a8:cb:54:bc:67:da:42:
         fc:13:4c:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77AxOJXMByglF7gBSV1EXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmM2MTgyZTg3M2ZmN2EwMzFjODg5NWVmZGM1N2MzNjg3
MWRkNzIwHhcNMjUxMDE5MTAwMjU0WhcNMjUxMDIwMTAwMjU0WjAzMTEwLwYDVQQD
Eyg4MDhjN2FlYTJhMzc1NGEyNmRhNzcyNTZhNzEyZjcwY2I5NjVlYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6kcwWAhSuieyNIhWljL4P82Dgfo
ZueRA6DuJn/1vL52UK90orlotdblzSU0kNShurZy5krFGtdICwDkMzhZ0e2yMORC
Un1CLWuHNuNrwHvP3ThMAk69AW0FG1lzJv9u7FEOQI/1L1J+h1KjuIEujbaYtYef
gCSWYKwRWuTNrgsQQkhA7/yf9J0r8/YzJh/ETuK12jXC+L0pcwBgLlGbZJwtVxDK
9AqaSV5jJ+JFC1/ivbumfDBEsiC0EzI5zSg35wYCbBBTZvz8QQ0kvsUVazwlVNuu
SN+/BB+9m07pp+PpI6T716ZH9FdSdEKkvc/ew7zlfpxDCvVEhwIGtmaDcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICMeuoqN1SibadyVqcS9wy5ZeqkMB8GA1UdIwQY
MBaAFM68YYLoc/96AxyIle/cV8Nocd1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEt
MmIzNjkxNThhOGIzLzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEtMmIzNjkxNThhOGIz
LzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxYmtMf2Y
G1waWuNFT9vAoULHoaTZuFpwmq1yWoJkydaZAbRXjHVrgLJQzQs/eM42v4+0hVYh
SbKojRRCcCTISOx2TRUxw8DhCZWUT4UT2wG2gCEXwjcM/N4boW6vSyN8mod120rQ
KkyhLwxBE4vmzXAR2dg4owfdwVsNqZUA/qAgoJ/hoWFZasCcAOcnFJhU8MAYgy8d
QKY3spLkhgnwvD+SOiKO81Sl9Doat2oxm9bV3q8Zc1m5U6rdTYh3vWXeNjQBuHfm
EWTtb6HMefILZuJm0GkFL7eFrI+peUUoS+jyxBMXX1jtmVkig2uA1/P7pAU1lWCo
y1S8Z9pC/BNMVg==
-----END CERTIFICATE-----