Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
File:                     zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft (raw, json)
Hash identifier:          CbAy9/hVJXDHyN5/S08nnz3YPBbL1A8UsBR/INwJJdY=
Subject key identifier:   EE:66:6D:3B:67:18:53:D1:54:2F:47:E1:FF:5B:C8:8E:91:33:AD:C4
Authority key identifier: CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A
Certificate issuer:       /CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
Certificate serial:       0198D6CDD0CF5EBE92FE9CD52234B088B4B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
Manifest number:          0259
Signing time:             Sat 23 Aug 2025 12:01:08 +0000
Manifest this update:     Sat 23 Aug 2025 12:01:08 +0000
Manifest next update:     Sun 24 Aug 2025 12:01:08 +0000
Files and hashes:         1: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl (hash: juu7/0TnX4nxPSCoWG3zG2Mx1r7F+0DEDYxuKB3rekA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:d0:cf:5e:be:92:fe:9c:d5:22:34:b0:88:b4:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
        Validity
            Not Before: Aug 23 12:01:08 2025 GMT
            Not After : Aug 24 12:01:08 2025 GMT
        Subject: CN=ee666d3b671853d1542f47e1ff5bc88e9133adc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:2f:3d:52:ba:59:04:04:6b:63:ef:c5:47:19:
                    d8:70:f7:d1:a5:70:40:2f:b1:24:24:cd:bd:b8:73:
                    32:48:5b:7b:95:06:f2:5c:94:6c:30:a6:64:aa:f6:
                    d8:ba:91:e7:e1:7d:04:6e:64:b7:0b:72:46:0f:cc:
                    62:85:63:40:91:16:03:4f:33:06:e3:3d:6f:47:0f:
                    fb:6d:69:47:b9:08:09:ab:8f:ca:84:39:ed:ba:d9:
                    ba:4a:bd:0c:90:a5:93:8a:ec:db:7d:97:ee:d3:ca:
                    2f:01:b6:4e:7a:f7:7f:a9:e8:af:ac:b5:5c:fb:b7:
                    bc:35:1e:cb:c3:cb:f4:94:eb:d5:67:34:d7:01:41:
                    f9:13:f7:66:f6:e6:9d:43:75:9b:cc:0a:74:2d:3d:
                    e3:fb:a7:2b:c0:f2:cb:23:91:dd:fb:31:f6:fe:62:
                    f4:03:52:63:6b:83:4b:b4:9d:c0:17:37:c1:f9:9d:
                    26:f5:75:f9:92:74:e2:7a:b9:89:17:6f:1b:cd:46:
                    65:42:82:22:32:8c:a3:6b:b0:d6:84:ae:bc:92:6d:
                    a4:c4:65:26:b2:3f:7a:16:a3:b4:13:46:9e:7a:82:
                    31:6d:a2:2e:8b:63:e2:cf:32:fb:89:c0:38:d7:01:
                    44:38:a2:b5:44:2f:45:0b:a0:28:89:c4:67:47:99:
                    dc:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:66:6D:3B:67:18:53:D1:54:2F:47:E1:FF:5B:C8:8E:91:33:AD:C4
            X509v3 Authority Key Identifier:
                keyid:CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:17:42:cc:33:cf:ca:85:02:ab:90:0c:26:60:cb:5e:81:67:
         2b:4b:49:c1:2c:82:70:37:97:1d:8b:d9:fe:d6:80:54:1f:12:
         90:7e:6d:a9:0b:6f:5f:58:56:91:d7:58:a9:53:ef:da:e0:6d:
         2d:a3:9f:c6:c0:6b:d5:d5:87:cd:77:2b:8d:f5:03:f5:c9:b0:
         46:16:d2:ff:4e:48:7f:1c:c3:81:fa:73:f6:dc:86:6d:76:e8:
         03:f2:df:d2:e3:ba:29:cf:c6:41:73:3d:bd:f3:5e:bc:97:85:
         14:7d:5f:c5:3e:03:57:c7:3f:5d:07:c8:1f:2a:38:9b:f3:20:
         ce:14:28:2c:f0:ab:b0:1e:96:d6:af:ce:28:4c:04:15:47:05:
         1a:b2:a1:11:6a:f6:c3:00:68:37:43:7e:87:e2:dc:1d:b7:4c:
         fd:c3:70:04:a8:57:10:e5:5f:24:b1:c7:fc:ad:ad:7a:a3:09:
         23:fb:9b:59:3e:2b:b8:dc:a4:ab:6c:7d:c1:e8:c1:70:26:0e:
         c7:13:fa:ae:e9:6a:e7:9f:35:94:41:6a:f1:a6:6b:ac:bb:fb:
         60:2a:1a:a3:17:29:cd:60:e2:0f:14:aa:a4:0c:9c:2d:50:e4:
         40:6c:b1:32:11:17:c7:23:2d:87:ff:d5:67:f9:fb:c1:a0:e7:
         9d:90:ee:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzdDPXr6S/pzVIjSwiLSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlODFlMmQ1NmZkOWYxOTMyZGJjMGYyMTYzMjk5NDJmZTIz
Zjc1NWEwHhcNMjUwODIzMTIwMTA4WhcNMjUwODI0MTIwMTA4WjAzMTEwLwYDVQQD
EyhlZTY2NmQzYjY3MTg1M2QxNTQyZjQ3ZTFmZjViYzg4ZTkxMzNhZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC89UrpZBARrY+/FRxnYcPfRpXBA
L7EkJM29uHMySFt7lQbyXJRsMKZkqvbYupHn4X0EbmS3C3JGD8xihWNAkRYDTzMG
4z1vRw/7bWlHuQgJq4/KhDntutm6Sr0MkKWTiuzbfZfu08ovAbZOevd/qeivrLVc
+7e8NR7Lw8v0lOvVZzTXAUH5E/dm9uadQ3WbzAp0LT3j+6crwPLLI5Hd+zH2/mL0
A1Jja4NLtJ3AFzfB+Z0m9XX5knTiermJF28bzUZlQoIiMoyja7DWhK68km2kxGUm
sj96FqO0E0aeeoIxbaIui2PizzL7icA41wFEOKK1RC9FC6AoicRnR5ncQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5mbTtnGFPRVC9H4f9byI6RM63EMB8GA1UdIwQY
MBaAFM6B4tVv2fGTLbwPIWMplC/iP3VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2Mt
OTQ5M2E3NGI1Zjc1LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2MtOTQ5M2E3NGI1Zjc1
LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdxdCzDPP
yoUCq5AMJmDLXoFnK0tJwSyCcDeXHYvZ/taAVB8SkH5tqQtvX1hWkddYqVPv2uBt
LaOfxsBr1dWHzXcrjfUD9cmwRhbS/05IfxzDgfpz9tyGbXboA/Lf0uO6Kc/GQXM9
vfNevJeFFH1fxT4DV8c/XQfIHyo4m/MgzhQoLPCrsB6W1q/OKEwEFUcFGrKhEWr2
wwBoN0N+h+LcHbdM/cNwBKhXEOVfJLHH/K2teqMJI/ubWT4ruNykq2x9wejBcCYO
xxP6rulq5581lEFq8aZrrLv7YCoaoxcpzWDiDxSqpAycLVDkQGyxMhEXxyMth//V
Z/n7waDnnZDu2A==
-----END CERTIFICATE-----