Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft
File:                     zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft (raw, json)
Hash identifier:          whyQvS2mstB23ofWDwlKz+45vAshdxLmYxGvwMTQfaM=
Subject key identifier:   98:2C:B2:65:EF:C4:E4:02:E1:5C:B7:C7:95:94:D4:51:4B:A6:FD:21
Authority key identifier: CD:A0:54:47:4F:AF:D9:0B:0E:A4:7C:55:76:5B:BE:6F:37:63:75:31
Certificate issuer:       /CN=cda054474fafd90b0ea47c55765bbe6f37637531
Certificate serial:       0199FB7C8E90B746D8412B3AEBC6BFE1002D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaBUR0-v2QsOpHxVdlu-bzdjdTE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft
Manifest number:          0196
Signing time:             Sun 19 Oct 2025 08:01:08 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:08 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:08 +0000
Files and hashes:         1: zaBUR0-v2QsOpHxVdlu-bzdjdTE.crl (hash: J8YVdynX2ar8iE3B4C0D6F1xFevkzC8BJX1/JqQXw2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zaBUR0-v2QsOpHxVdlu-bzdjdTE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:8e:90:b7:46:d8:41:2b:3a:eb:c6:bf:e1:00:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cda054474fafd90b0ea47c55765bbe6f37637531
        Validity
            Not Before: Oct 19 08:01:08 2025 GMT
            Not After : Oct 20 08:01:08 2025 GMT
        Subject: CN=982cb265efc4e402e15cb7c79594d4514ba6fd21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a0:6f:a9:5d:9f:6c:33:4c:de:e3:77:ea:b9:
                    6f:58:5e:7d:25:5b:d3:ab:02:0a:e2:58:be:50:bf:
                    c3:ff:5a:05:94:9b:17:8d:1f:4f:8b:6a:42:7f:f2:
                    aa:94:94:87:7c:e7:35:0a:fa:e4:35:65:cb:74:9f:
                    4f:33:a4:36:37:fc:f2:fc:58:0e:24:40:71:08:55:
                    2d:82:32:72:c6:54:b4:29:28:0a:8d:2a:98:e6:93:
                    42:a0:37:61:32:a0:8d:d5:d5:dd:ce:38:df:d8:f3:
                    1f:40:83:eb:d9:2f:62:79:6f:3b:56:f0:15:f6:4c:
                    ab:17:2b:db:51:58:ef:d1:fe:aa:f3:6b:42:d1:6b:
                    8a:30:9d:45:0d:0b:46:b8:01:be:ee:ac:02:5d:8a:
                    32:f1:bd:6a:b6:ec:b0:ef:14:21:91:d0:70:0a:43:
                    07:fc:19:e4:95:af:75:c1:0f:25:c5:73:28:58:41:
                    45:5a:2c:46:6d:ff:57:9e:b1:29:76:92:dd:35:f9:
                    18:48:07:45:73:76:4b:c9:17:71:67:52:6d:eb:d2:
                    0e:90:d1:9f:8a:7a:13:c1:6a:3f:f3:4a:9c:90:34:
                    ec:99:9d:e5:ba:a0:83:cd:01:86:8d:1d:6c:de:f5:
                    10:9f:2e:9b:38:73:bf:3e:17:3f:bb:4f:ba:39:20:
                    5c:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:2C:B2:65:EF:C4:E4:02:E1:5C:B7:C7:95:94:D4:51:4B:A6:FD:21
            X509v3 Authority Key Identifier:
                keyid:CD:A0:54:47:4F:AF:D9:0B:0E:A4:7C:55:76:5B:BE:6F:37:63:75:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaBUR0-v2QsOpHxVdlu-bzdjdTE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:2d:84:cf:fc:f6:53:8f:84:f5:c1:d6:e6:2f:27:73:67:d7:
         dc:6f:35:2a:b6:de:58:cf:00:82:b2:5b:b2:32:b3:8a:76:4a:
         3e:07:6f:b9:0c:37:ab:ae:b8:4a:66:d9:d4:83:6e:ac:1c:ab:
         3c:33:42:b4:4e:f0:fd:22:c1:9f:94:cb:bc:3f:6b:b7:87:0e:
         34:fc:34:12:06:e0:67:0f:c1:be:0c:a7:59:7d:4b:43:1a:11:
         45:61:79:c1:10:85:0f:27:d7:13:3d:b5:c9:f2:19:18:bb:b0:
         25:9c:4e:7a:14:dd:b9:81:e9:a2:a6:2c:95:9d:cd:ba:d7:72:
         16:e6:e7:47:c8:a1:f7:0c:6a:92:e3:88:93:f1:7b:49:a0:84:
         d7:af:fe:69:ce:59:38:10:21:2b:5a:41:f4:f3:58:95:41:e9:
         aa:5e:26:b2:15:aa:02:82:76:c6:de:c8:b0:36:50:c3:27:0f:
         12:8c:c5:f7:64:a3:d8:04:b3:41:a1:c7:6b:19:86:34:2f:77:
         af:f5:65:93:9e:4c:73:9f:bb:a5:d2:07:73:9b:26:7b:8e:2a:
         76:61:8a:a8:a5:ec:4d:6a:c4:cb:89:e9:69:ef:c8:aa:66:e7:
         29:c9:8d:4c:13:ea:2f:05:8c:1d:26:73:32:c5:b6:d7:92:a0:
         44:86:07:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fI6Qt0bYQSs668a/4QAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYTA1NDQ3NGZhZmQ5MGIwZWE0N2M1NTc2NWJiZTZmMzc2
Mzc1MzEwHhcNMjUxMDE5MDgwMTA4WhcNMjUxMDIwMDgwMTA4WjAzMTEwLwYDVQQD
Eyg5ODJjYjI2NWVmYzRlNDAyZTE1Y2I3Yzc5NTk0ZDQ1MTRiYTZmZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6BvqV2fbDNM3uN36rlvWF59JVvT
qwIK4li+UL/D/1oFlJsXjR9Pi2pCf/KqlJSHfOc1CvrkNWXLdJ9PM6Q2N/zy/FgO
JEBxCFUtgjJyxlS0KSgKjSqY5pNCoDdhMqCN1dXdzjjf2PMfQIPr2S9ieW87VvAV
9kyrFyvbUVjv0f6q82tC0WuKMJ1FDQtGuAG+7qwCXYoy8b1qtuyw7xQhkdBwCkMH
/Bnkla91wQ8lxXMoWEFFWixGbf9XnrEpdpLdNfkYSAdFc3ZLyRdxZ1Jt69IOkNGf
inoTwWo/80qckDTsmZ3luqCDzQGGjR1s3vUQny6bOHO/Phc/u0+6OSBcbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgssmXvxOQC4Vy3x5WU1FFLpv0hMB8GA1UdIwQY
MBaAFM2gVEdPr9kLDqR8VXZbvm83Y3UxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFCVVIwLXYyUXNPcEh4VmRsdS1iemRqZFRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iYWM5MDQtMjgwMi00MzZlLWFiNDAt
ODEzN2M1Mjk5YWVlLzEvemFCVVIwLXYyUXNPcEh4VmRsdS1iemRqZFRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iYWM5MDQtMjgwMi00MzZlLWFiNDAtODEzN2M1Mjk5YWVl
LzEvemFCVVIwLXYyUXNPcEh4VmRsdS1iemRqZFRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACy2Ez/z2
U4+E9cHW5i8nc2fX3G81KrbeWM8AgrJbsjKzinZKPgdvuQw3q664SmbZ1INurByr
PDNCtE7w/SLBn5TLvD9rt4cONPw0EgbgZw/BvgynWX1LQxoRRWF5wRCFDyfXEz21
yfIZGLuwJZxOehTduYHpoqYslZ3NutdyFubnR8ih9wxqkuOIk/F7SaCE16/+ac5Z
OBAhK1pB9PNYlUHpql4mshWqAoJ2xt7IsDZQwycPEozF92Sj2ASzQaHHaxmGNC93
r/Vlk55Mc5+7pdIHc5sme44qdmGKqKXsTWrEy4npae/IqmbnKcmNTBPqLwWMHSZz
MsW215KgRIYHpA==
-----END CERTIFICATE-----