Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
File:                     CZoxZcQAepQBMaMnzHfMIhzBadk.mft (raw, json)
Hash identifier:          zwgWHvUNsX+qtHXpZdUWcAcRiu0BAyn9DYwZ3vn0tzI=
Subject key identifier:   69:7D:B8:D9:A2:65:7B:30:14:65:D6:04:BA:1D:6E:B8:AD:16:BC:98
Authority key identifier: 09:9A:31:65:C4:00:7A:94:01:31:A3:27:CC:77:CC:22:1C:C1:69:D9
Certificate issuer:       /CN=099a3165c4007a940131a327cc77cc221cc169d9
Certificate serial:       0198D660449B807E208B961C67F0621C48B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 10:01:29 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:29 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:29 +0000
Files and hashes:         1: CZoxZcQAepQBMaMnzHfMIhzBadk.crl (hash: eD9y1vmU5yluOoMxVIm1Ru+RPwUiGMYVZuNM1q5o5Y8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:44:9b:80:7e:20:8b:96:1c:67:f0:62:1c:48:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=099a3165c4007a940131a327cc77cc221cc169d9
        Validity
            Not Before: Aug 23 10:01:29 2025 GMT
            Not After : Aug 24 10:01:29 2025 GMT
        Subject: CN=697db8d9a2657b301465d604ba1d6eb8ad16bc98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b6:58:26:7e:d8:6d:23:7b:c7:c3:30:2d:0e:
                    7c:0f:40:3c:93:2a:6d:17:6a:48:35:ee:69:d2:f8:
                    fe:d7:a6:5b:f1:37:65:ba:3f:24:11:0b:ca:87:2a:
                    51:bc:67:0b:72:ca:28:79:ac:51:e4:c0:59:36:a9:
                    70:7a:db:33:a6:cb:9e:8e:7d:cf:b4:8e:b1:96:52:
                    2a:90:ff:be:1d:cf:65:1b:fe:4e:51:cb:c1:39:64:
                    0a:1e:f4:3a:68:83:92:96:35:2c:e2:f7:3d:ea:0b:
                    05:e2:1b:da:51:1d:19:5b:51:00:c7:6b:0d:5b:34:
                    cc:4a:10:b0:49:76:c2:8d:53:cc:a8:57:19:47:4e:
                    17:df:9f:17:75:bb:a4:8d:81:4e:76:31:91:e4:cc:
                    96:c2:8c:86:c4:1d:47:2f:73:cd:1b:b1:d0:9b:e9:
                    8c:59:d1:39:d1:e8:6a:2a:c2:21:19:57:9b:b1:81:
                    b2:7c:10:4f:cd:9a:c1:af:12:ce:e0:b1:95:b9:ca:
                    45:c0:37:98:37:81:a4:83:8a:74:5b:b7:57:22:36:
                    4b:8a:c7:20:0d:7f:75:03:e0:40:15:3e:47:3e:55:
                    cd:b6:8c:b4:94:d6:3f:2b:3b:19:5d:d8:18:b8:14:
                    7e:74:80:0d:10:f4:f9:d9:6f:06:c0:87:33:8d:11:
                    30:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:7D:B8:D9:A2:65:7B:30:14:65:D6:04:BA:1D:6E:B8:AD:16:BC:98
            X509v3 Authority Key Identifier:
                keyid:09:9A:31:65:C4:00:7A:94:01:31:A3:27:CC:77:CC:22:1C:C1:69:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:aa:21:64:68:79:76:75:d9:d2:09:9c:82:a6:cc:c3:23:d9:
         5e:1e:2d:0a:29:7c:9d:29:30:d9:0f:87:d0:44:e9:e7:9a:2d:
         80:ee:3d:b5:e1:c3:aa:fc:f5:d0:1f:16:94:15:97:fe:d2:ae:
         47:9e:38:10:37:d3:3f:79:7f:3b:b0:79:ca:48:d0:2f:70:16:
         9d:6f:ab:0b:9e:1f:28:b6:43:7a:70:42:4e:2d:e8:b8:77:14:
         15:63:ae:ab:22:43:51:f4:de:91:06:9a:e0:89:61:0d:86:b3:
         04:9d:42:d9:8f:a2:be:5f:3d:37:e4:c1:36:30:76:fc:6f:ba:
         2b:d9:79:45:df:1a:3f:d1:6c:70:0d:e3:1f:42:fc:cd:c8:0c:
         79:80:57:e9:a1:49:d1:ad:8d:3c:d8:23:f9:cd:8a:3e:9f:4a:
         ae:12:44:96:42:fb:32:98:39:07:53:10:41:04:99:68:be:7d:
         b8:b2:28:ec:86:c2:a6:89:cf:78:72:80:a9:05:1c:1b:37:96:
         d8:8c:a0:e2:d2:66:c8:e3:c2:03:4a:4c:94:89:40:d3:37:61:
         3b:0b:2e:f1:12:a6:6c:6a:84:c0:b7:0a:ca:93:f1:8b:b8:80:
         48:1c:18:e3:97:46:e8:10:af:81:6c:b1:d0:f4:ca:7d:5f:69:
         7c:7d:17:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYESbgH4gi5YcZ/BiHEixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWEzMTY1YzQwMDdhOTQwMTMxYTMyN2NjNzdjYzIyMWNj
MTY5ZDkwHhcNMjUwODIzMTAwMTI5WhcNMjUwODI0MTAwMTI5WjAzMTEwLwYDVQQD
Eyg2OTdkYjhkOWEyNjU3YjMwMTQ2NWQ2MDRiYTFkNmViOGFkMTZiYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLZYJn7YbSN7x8MwLQ58D0A8kypt
F2pINe5p0vj+16Zb8Tdluj8kEQvKhypRvGcLcsooeaxR5MBZNqlwetszpsuejn3P
tI6xllIqkP++Hc9lG/5OUcvBOWQKHvQ6aIOSljUs4vc96gsF4hvaUR0ZW1EAx2sN
WzTMShCwSXbCjVPMqFcZR04X358XdbukjYFOdjGR5MyWwoyGxB1HL3PNG7HQm+mM
WdE50ehqKsIhGVebsYGyfBBPzZrBrxLO4LGVucpFwDeYN4Gkg4p0W7dXIjZLiscg
DX91A+BAFT5HPlXNtoy0lNY/KzsZXdgYuBR+dIANEPT52W8GwIczjREwswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGl9uNmiZXswFGXWBLodbritFryYMB8GA1UdIwQY
MBaAFAmaMWXEAHqUATGjJ8x3zCIcwWnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMWYwYTAtZGEzYy00ZDk1LWE2Mzgt
NTA2NjcyNzY5ZDljLzEvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMWYwYTAtZGEzYy00ZDk1LWE2MzgtNTA2NjcyNzY5ZDlj
LzEvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgKohZGh5
dnXZ0gmcgqbMwyPZXh4tCil8nSkw2Q+H0ETp55otgO49teHDqvz10B8WlBWX/tKu
R544EDfTP3l/O7B5ykjQL3AWnW+rC54fKLZDenBCTi3ouHcUFWOuqyJDUfTekQaa
4IlhDYazBJ1C2Y+ivl89N+TBNjB2/G+6K9l5Rd8aP9FscA3jH0L8zcgMeYBX6aFJ
0a2NPNgj+c2KPp9KrhJElkL7Mpg5B1MQQQSZaL59uLIo7IbCponPeHKAqQUcGzeW
2Iyg4tJmyOPCA0pMlIlA0zdhOwsu8RKmbGqEwLcKypPxi7iASBwY45dG6BCvgWyx
0PTKfV9pfH0XQA==
-----END CERTIFICATE-----