Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
File:                     ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft (raw, json)
Hash identifier:          t7lzLkXcizaczEx7nwa2kBv6MHkcuQAfkNu4AvaM700=
Subject key identifier:   D6:F2:E8:AF:C6:C7:F6:88:4D:E1:19:79:76:99:FD:46:32:83:AF:7C
Authority key identifier: 64:DA:EA:E2:8A:41:FC:74:01:0D:0B:FB:83:FD:80:CA:34:5C:57:F9
Certificate issuer:       /CN=64daeae28a41fc74010d0bfb83fd80ca345c57f9
Certificate serial:       0199FBEBC896EA0458F30F52BA83884E59BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
Manifest number:          1670
Signing time:             Sun 19 Oct 2025 10:02:37 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:37 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:37 +0000
Files and hashes:         1: ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl (hash: eonlalceE25Ih/ZIGUSmUBOl7pXq7nwc1eiEzNeNdtg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:c8:96:ea:04:58:f3:0f:52:ba:83:88:4e:59:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64daeae28a41fc74010d0bfb83fd80ca345c57f9
        Validity
            Not Before: Oct 19 10:02:37 2025 GMT
            Not After : Oct 20 10:02:37 2025 GMT
        Subject: CN=d6f2e8afc6c7f6884de119797699fd463283af7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:93:d5:fa:b0:18:bc:5f:09:f2:e9:01:94:77:
                    42:2e:7e:47:e2:7a:f0:9f:62:d5:79:cb:a4:91:de:
                    0d:b3:77:1a:f0:7c:d3:87:1a:d8:6d:82:3f:f7:86:
                    67:38:96:56:de:d3:f6:ea:96:ea:20:02:c5:d4:c2:
                    93:75:d3:a1:2d:21:ee:9b:e8:c1:a7:cd:d6:9c:97:
                    ea:6c:de:9e:65:0a:d8:be:d6:b7:fb:ba:72:7a:26:
                    ca:c4:13:81:b3:a3:dd:01:3a:f4:df:8a:a6:9b:7b:
                    7d:b2:13:4b:d7:52:75:25:1f:e3:52:e0:c7:e7:c3:
                    0e:11:ca:e8:46:c7:1c:e6:d8:19:e7:c5:6b:7e:2a:
                    a8:5e:40:6e:8e:c6:90:3b:27:f0:aa:aa:d6:21:fd:
                    f2:92:28:2b:42:0b:e4:d1:9d:c7:3f:68:d3:1e:8b:
                    ec:7f:9e:a4:fc:1b:6c:12:79:ee:12:5b:03:73:5f:
                    93:2f:d3:3c:07:f0:a5:af:93:73:0b:e9:63:4f:97:
                    87:6f:16:cb:80:67:53:b0:83:e6:03:35:b1:15:d4:
                    7f:16:a5:3f:1d:ac:b8:f0:78:61:89:2c:24:55:5f:
                    a3:af:f1:bd:68:82:25:b5:3f:ce:60:a1:a4:22:15:
                    19:db:f1:1e:f0:06:5f:f2:1b:00:ec:7e:95:f5:be:
                    25:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:F2:E8:AF:C6:C7:F6:88:4D:E1:19:79:76:99:FD:46:32:83:AF:7C
            X509v3 Authority Key Identifier:
                keyid:64:DA:EA:E2:8A:41:FC:74:01:0D:0B:FB:83:FD:80:CA:34:5C:57:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNrq4opB_HQBDQv7g_2AyjRcV_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/aee2fa-6131-47fa-b1e6-65a242002270/1/ZNrq4opB_HQBDQv7g_2AyjRcV_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:18:d9:55:32:d9:8f:8a:1e:31:d9:2e:73:56:17:cb:92:fc:
         49:02:10:14:20:9a:1f:93:ad:b7:01:6b:82:dd:87:e1:c1:79:
         1b:90:6c:83:a7:7e:96:27:3e:1e:43:da:5c:07:d0:3e:d6:69:
         97:15:34:07:f3:08:b1:3b:42:ce:aa:42:75:8b:a2:2e:0a:dc:
         3d:62:95:d4:71:73:38:67:28:0f:cf:95:16:23:cc:be:dd:b1:
         c5:39:c0:f2:55:a1:92:a1:0f:d8:05:9c:b7:38:bd:e5:9e:42:
         c3:81:bb:38:15:77:2f:7b:06:f5:b9:51:0f:2b:30:b9:ef:b0:
         ec:8f:82:49:f0:8d:7c:e3:14:0a:d6:1d:a8:43:14:09:3c:d1:
         f9:3c:3b:f5:02:f2:55:d4:24:5e:d2:f0:5b:82:d0:a7:88:14:
         1e:02:76:cb:06:5f:0f:72:25:38:c3:d3:9f:af:2a:33:60:04:
         d1:62:1b:5d:08:63:60:ff:98:18:47:b1:f2:bd:47:01:3d:f2:
         72:ee:a0:cb:22:12:15:08:42:07:ed:4a:8c:58:4b:de:06:1a:
         8c:49:4c:59:34:95:5f:05:58:e8:89:aa:da:4e:ec:d3:ad:16:
         21:29:a2:88:bf:53:09:be:e4:f9:cc:1e:cc:5b:48:5f:18:c4:
         f3:22:8b:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn768iW6gRY8w9SuoOITlm9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGFlYWUyOGE0MWZjNzQwMTBkMGJmYjgzZmQ4MGNhMzQ1
YzU3ZjkwHhcNMjUxMDE5MTAwMjM3WhcNMjUxMDIwMTAwMjM3WjAzMTEwLwYDVQQD
EyhkNmYyZThhZmM2YzdmNjg4NGRlMTE5Nzk3Njk5ZmQ0NjMyODNhZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpPV+rAYvF8J8ukBlHdCLn5H4nrw
n2LVecukkd4Ns3ca8HzThxrYbYI/94ZnOJZW3tP26pbqIALF1MKTddOhLSHum+jB
p83WnJfqbN6eZQrYvta3+7pyeibKxBOBs6PdATr034qmm3t9shNL11J1JR/jUuDH
58MOEcroRscc5tgZ58VrfiqoXkBujsaQOyfwqqrWIf3ykigrQgvk0Z3HP2jTHovs
f56k/BtsEnnuElsDc1+TL9M8B/Clr5NzC+ljT5eHbxbLgGdTsIPmAzWxFdR/FqU/
Hay48HhhiSwkVV+jr/G9aIIltT/OYKGkIhUZ2/Ee8AZf8hsA7H6V9b4lpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNby6K/Gx/aITeEZeXaZ/UYyg698MB8GA1UdIwQY
MBaAFGTa6uKKQfx0AQ0L+4P9gMo0XFf5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hZWUyZmEtNjEzMS00N2ZhLWIxZTYt
NjVhMjQyMDAyMjcwLzEvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hZWUyZmEtNjEzMS00N2ZhLWIxZTYtNjVhMjQyMDAyMjcw
LzEvWk5ycTRvcEJfSFFCRFF2N2dfMkF5alJjVl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARBjZVTLZ
j4oeMdkuc1YXy5L8SQIQFCCaH5OttwFrgt2H4cF5G5Bsg6d+lic+HkPaXAfQPtZp
lxU0B/MIsTtCzqpCdYuiLgrcPWKV1HFzOGcoD8+VFiPMvt2xxTnA8lWhkqEP2AWc
tzi95Z5Cw4G7OBV3L3sG9blRDyswue+w7I+CSfCNfOMUCtYdqEMUCTzR+Tw79QLy
VdQkXtLwW4LQp4gUHgJ2ywZfD3IlOMPTn68qM2AE0WIbXQhjYP+YGEex8r1HAT3y
cu6gyyISFQhCB+1KjFhL3gYajElMWTSVXwVY6Imq2k7s060WISmiiL9TCb7k+cwe
zFtIXxjE8yKLZg==
-----END CERTIFICATE-----