Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft
File:                     zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft (raw, json)
Hash identifier:          +YMaZU050Q9jx5PyJJfQJDTj4y6CfQEl46y7T9/48OM=
Subject key identifier:   FF:35:18:A8:CE:FE:27:39:6F:08:BE:2B:4A:85:86:5E:FA:8E:BD:72
Authority key identifier: CD:A0:54:47:4F:AF:D9:0B:0E:A4:7C:55:76:5B:BE:6F:37:63:75:31
Certificate issuer:       /CN=cda054474fafd90b0ea47c55765bbe6f37637531
Certificate serial:       0198D7E11E45A59EA5631F33F959FD309164
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaBUR0-v2QsOpHxVdlu-bzdjdTE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft
Manifest number:          FF
Signing time:             Sat 23 Aug 2025 17:01:51 +0000
Manifest this update:     Sat 23 Aug 2025 17:01:51 +0000
Manifest next update:     Sun 24 Aug 2025 17:01:51 +0000
Files and hashes:         1: zaBUR0-v2QsOpHxVdlu-bzdjdTE.crl (hash: GxLNtJ5pMlmhFDMqR+MxTQqHNKFj7dfQRu4s8U9O6f0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zaBUR0-v2QsOpHxVdlu-bzdjdTE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:e1:1e:45:a5:9e:a5:63:1f:33:f9:59:fd:30:91:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cda054474fafd90b0ea47c55765bbe6f37637531
        Validity
            Not Before: Aug 23 17:01:51 2025 GMT
            Not After : Aug 24 17:01:51 2025 GMT
        Subject: CN=ff3518a8cefe27396f08be2b4a85865efa8ebd72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:0a:1e:5d:df:dc:d9:a3:32:27:0d:ce:72:cb:
                    e1:fa:16:1c:5b:06:46:c9:f9:6f:36:93:89:68:33:
                    6f:d4:1c:43:c7:16:95:ec:6a:54:b9:9e:37:1c:ff:
                    23:05:a4:18:72:5b:04:79:4d:51:32:a3:58:77:89:
                    38:c3:6d:3e:f1:a2:6f:f2:db:50:85:89:9f:08:f2:
                    6e:0b:73:f9:10:64:d9:29:fe:2b:00:98:43:46:55:
                    76:3a:3f:43:0a:5f:8a:d3:c2:60:81:ab:26:0c:4d:
                    da:53:ef:0d:a7:ab:91:da:be:4d:eb:81:a6:a7:41:
                    77:05:f4:a7:ed:db:41:cb:bf:30:a7:d4:0e:3d:0d:
                    25:09:25:4c:f7:af:77:b3:15:78:b8:a6:33:96:78:
                    9a:a9:08:e8:c5:d1:e7:ea:ac:22:b8:5a:29:40:19:
                    3f:6c:d5:23:4e:a5:01:4b:79:5d:2e:7a:e0:31:09:
                    46:a4:33:9b:3f:94:16:ac:35:ad:1d:db:2b:d0:a3:
                    1b:a2:6a:b0:e3:fe:d3:c2:47:9f:04:d0:a5:74:43:
                    ae:0e:38:4c:6d:20:bb:3b:b9:0b:23:aa:20:5a:fd:
                    a6:76:93:00:1c:93:7d:a1:71:82:8a:55:4d:34:0e:
                    d0:a2:9d:e1:e7:6a:25:8d:0b:18:c6:1a:ed:d4:7e:
                    4b:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:35:18:A8:CE:FE:27:39:6F:08:BE:2B:4A:85:86:5E:FA:8E:BD:72
            X509v3 Authority Key Identifier:
                keyid:CD:A0:54:47:4F:AF:D9:0B:0E:A4:7C:55:76:5B:BE:6F:37:63:75:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaBUR0-v2QsOpHxVdlu-bzdjdTE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:73:02:31:fb:26:e9:4c:89:4f:94:1b:e9:73:cc:7c:68:c5:
         fc:b7:25:21:a7:e0:e9:69:55:bf:e1:c9:f7:b5:f6:89:77:35:
         d7:76:46:35:53:c6:1a:47:64:e0:f8:34:50:e1:c8:20:f6:70:
         a3:01:57:2e:90:08:58:75:36:5c:52:46:6a:96:e2:a1:7d:db:
         b7:cd:7a:d5:63:dd:88:8c:a2:03:68:f7:59:1c:00:51:ca:80:
         23:3c:1a:5d:69:09:14:16:c8:a6:6c:9e:f9:7d:3d:5b:4e:58:
         ca:45:61:bb:c0:5c:48:92:d7:6e:6e:97:57:8d:8e:61:87:21:
         ca:e2:eb:c0:d9:62:3f:0e:a2:fd:3f:3e:0a:1d:ae:bd:e2:a1:
         29:fd:8c:2f:72:0b:0d:1a:5c:75:43:24:23:d2:9a:d9:d6:eb:
         9a:c2:1b:65:31:e5:c3:24:7d:3a:67:b5:55:07:7b:2d:e9:3f:
         00:49:a6:18:39:47:95:7f:96:1f:47:d6:3a:86:49:e4:bd:88:
         a1:a1:a8:c1:a5:4f:ea:3b:cc:ef:5a:2d:bf:93:54:cb:46:aa:
         e0:87:17:08:96:70:a6:ff:58:e5:6a:b5:04:3a:23:b0:3d:47:
         48:e0:b9:42:16:6e:3b:c5:d6:a5:8b:56:08:a2:2b:65:c3:0e:
         61:bd:bd:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjX4R5FpZ6lYx8z+Vn9MJFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYTA1NDQ3NGZhZmQ5MGIwZWE0N2M1NTc2NWJiZTZmMzc2
Mzc1MzEwHhcNMjUwODIzMTcwMTUxWhcNMjUwODI0MTcwMTUxWjAzMTEwLwYDVQQD
EyhmZjM1MThhOGNlZmUyNzM5NmYwOGJlMmI0YTg1ODY1ZWZhOGViZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QoeXd/c2aMyJw3Ocsvh+hYcWwZG
yflvNpOJaDNv1BxDxxaV7GpUuZ43HP8jBaQYclsEeU1RMqNYd4k4w20+8aJv8ttQ
hYmfCPJuC3P5EGTZKf4rAJhDRlV2Oj9DCl+K08JggasmDE3aU+8Np6uR2r5N64Gm
p0F3BfSn7dtBy78wp9QOPQ0lCSVM9693sxV4uKYzlniaqQjoxdHn6qwiuFopQBk/
bNUjTqUBS3ldLnrgMQlGpDObP5QWrDWtHdsr0KMbomqw4/7TwkefBNCldEOuDjhM
bSC7O7kLI6ogWv2mdpMAHJN9oXGCilVNNA7Qop3h52oljQsYxhrt1H5L2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP81GKjO/ic5bwi+K0qFhl76jr1yMB8GA1UdIwQY
MBaAFM2gVEdPr9kLDqR8VXZbvm83Y3UxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFCVVIwLXYyUXNPcEh4VmRsdS1iemRqZFRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iYWM5MDQtMjgwMi00MzZlLWFiNDAt
ODEzN2M1Mjk5YWVlLzEvemFCVVIwLXYyUXNPcEh4VmRsdS1iemRqZFRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iYWM5MDQtMjgwMi00MzZlLWFiNDAtODEzN2M1Mjk5YWVl
LzEvemFCVVIwLXYyUXNPcEh4VmRsdS1iemRqZFRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHXMCMfsm
6UyJT5Qb6XPMfGjF/LclIafg6WlVv+HJ97X2iXc113ZGNVPGGkdk4Pg0UOHIIPZw
owFXLpAIWHU2XFJGapbioX3bt8161WPdiIyiA2j3WRwAUcqAIzwaXWkJFBbIpmye
+X09W05YykVhu8BcSJLXbm6XV42OYYchyuLrwNliPw6i/T8+Ch2uveKhKf2ML3IL
DRpcdUMkI9Ka2dbrmsIbZTHlwyR9Ome1VQd7Lek/AEmmGDlHlX+WH0fWOoZJ5L2I
oaGowaVP6jvM71otv5NUy0aq4IcXCJZwpv9Y5Wq1BDojsD1HSOC5QhZuO8XWpYtW
CKIrZcMOYb29QA==
-----END CERTIFICATE-----