Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          bEso+rSTTkroHAAKbQeexy/z/nQIDkNAvmyU94EnCHg=
Subject key identifier:   D0:F1:B9:22:90:ED:51:5B:A9:9E:82:A8:B9:45:E9:DF:F2:2C:D9:68
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       0199FCC688395009506007DAF0CB8E7F30A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0B1B
Signing time:             Sun 19 Oct 2025 14:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:33 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: p8obq+OeAFslBiWIYtVu24hmfC1jGohRpUbckAePDAI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:88:39:50:09:50:60:07:da:f0:cb:8e:7f:30:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Oct 19 14:01:33 2025 GMT
            Not After : Oct 20 14:01:33 2025 GMT
        Subject: CN=d0f1b92290ed515ba99e82a8b945e9dff22cd968
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:b4:b5:59:fa:35:9b:e0:0f:0f:d8:48:d5:77:
                    9f:ed:dd:cc:fe:5e:62:f3:31:7d:0a:18:fe:21:3b:
                    7f:3d:e7:59:e0:de:57:99:ac:e2:cd:c7:bb:b4:b2:
                    66:5e:07:ee:86:c7:fd:1d:a8:5a:42:86:2c:6f:5c:
                    7d:7e:7e:08:93:d5:d1:51:cd:6d:5c:bd:70:ce:f9:
                    56:bb:4b:dc:7a:90:7a:6d:15:8a:f0:73:d6:21:8e:
                    1a:ac:3a:77:10:e1:2a:a4:16:e1:69:f7:ee:18:94:
                    ce:16:b2:64:be:34:b3:52:ad:5f:ef:ec:81:b6:87:
                    9e:f6:dc:89:20:4c:e3:3d:78:dc:94:8e:1c:38:52:
                    5f:c7:f4:a0:ad:5e:35:99:f9:e7:76:c5:28:e6:67:
                    0c:cc:c2:43:8d:70:df:c9:2d:e8:f3:17:2c:f8:00:
                    74:ef:bc:ec:38:2c:58:c9:33:67:fb:08:1d:41:10:
                    b3:6a:a0:b1:07:cb:03:5d:bb:9c:87:21:c5:f7:e5:
                    53:57:75:f7:8e:2b:6f:a2:17:06:92:5f:96:cc:47:
                    7a:ab:4e:52:ce:f3:0e:8e:01:74:55:e9:23:56:4d:
                    28:f6:7a:91:6f:81:24:b1:bb:06:b0:24:64:fd:56:
                    6f:4e:06:22:ff:47:0f:3d:71:95:1c:69:c8:ae:98:
                    c2:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:F1:B9:22:90:ED:51:5B:A9:9E:82:A8:B9:45:E9:DF:F2:2C:D9:68
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:62:c9:da:02:9e:46:59:fd:f0:fa:8d:64:8d:43:c3:3c:6b:
         4a:ed:65:d1:48:ef:86:7a:a0:d8:60:16:0d:0f:57:4e:56:c2:
         bd:4d:3c:62:4e:8b:b5:2d:6e:3c:b1:2c:86:89:c1:b9:f7:b0:
         71:70:47:46:6f:fd:ab:93:38:b5:9b:4b:85:fc:53:17:df:69:
         83:ab:52:2f:39:50:e1:44:67:de:de:85:c9:ab:92:32:ed:33:
         1a:d8:53:a6:d1:26:db:81:aa:1e:0b:62:81:08:00:6f:91:0c:
         f3:73:37:8d:4e:f9:c6:68:5c:95:71:f6:08:cc:b5:5f:b0:aa:
         35:90:de:d7:60:63:27:17:46:4c:96:d3:5c:f4:e8:c6:00:f2:
         21:83:6e:6d:9f:c7:04:b8:6c:33:5f:67:99:6a:1c:f7:28:b9:
         64:18:ce:17:e2:7d:8e:37:2f:7f:1f:2c:fc:34:72:c0:af:fd:
         5a:72:43:8a:0d:37:83:8c:d6:76:88:62:b3:d3:64:63:7c:ff:
         9b:15:fe:69:e3:13:2f:8a:31:85:b7:f6:d8:b6:e6:1c:e8:44:
         d1:8e:f7:18:e7:a5:16:80:5e:39:95:a7:f8:a3:8e:e1:aa:22:
         9f:3c:85:45:c7:a3:27:2f:91:80:31:cd:fb:e2:6c:a5:67:82:
         2e:1b:3c:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xog5UAlQYAfa8MuOfzCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjUxMDE5MTQwMTMzWhcNMjUxMDIwMTQwMTMzWjAzMTEwLwYDVQQD
EyhkMGYxYjkyMjkwZWQ1MTViYTk5ZTgyYThiOTQ1ZTlkZmYyMmNkOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37S1Wfo1m+APD9hI1Xef7d3M/l5i
8zF9Chj+ITt/PedZ4N5Xmazizce7tLJmXgfuhsf9HahaQoYsb1x9fn4Ik9XRUc1t
XL1wzvlWu0vcepB6bRWK8HPWIY4arDp3EOEqpBbhaffuGJTOFrJkvjSzUq1f7+yB
toee9tyJIEzjPXjclI4cOFJfx/SgrV41mfnndsUo5mcMzMJDjXDfyS3o8xcs+AB0
77zsOCxYyTNn+wgdQRCzaqCxB8sDXbuchyHF9+VTV3X3jitvohcGkl+WzEd6q05S
zvMOjgF0VekjVk0o9nqRb4EksbsGsCRk/VZvTgYi/0cPPXGVHGnIrpjCjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDxuSKQ7VFbqZ6CqLlF6d/yLNloMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE2LJ2gKe
Rln98PqNZI1DwzxrSu1l0Ujvhnqg2GAWDQ9XTlbCvU08Yk6LtS1uPLEshonBufew
cXBHRm/9q5M4tZtLhfxTF99pg6tSLzlQ4URn3t6FyauSMu0zGthTptEm24GqHgti
gQgAb5EM83M3jU75xmhclXH2CMy1X7CqNZDe12BjJxdGTJbTXPToxgDyIYNubZ/H
BLhsM19nmWoc9yi5ZBjOF+J9jjcvfx8s/DRywK/9WnJDig03g4zWdohis9NkY3z/
mxX+aeMTL4oxhbf22LbmHOhE0Y73GOelFoBeOZWn+KOO4aoinzyFRcejJy+RgDHN
++JspWeCLhs8CQ==
-----END CERTIFICATE-----