Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
File:                     zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft (raw, json)
Hash identifier:          eo0uf2RambjeFOJtTNscxr9mFXqBbVzyIPcwjw3ODAg=
Subject key identifier:   15:06:B1:E4:E1:B7:E9:E1:DA:85:FD:B7:E5:07:61:00:80:03:56:81
Authority key identifier: CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A
Certificate issuer:       /CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
Certificate serial:       0199FE46D8E3D18DF634088ADA5E66B5FFAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
Manifest number:          02F2
Signing time:             Sun 19 Oct 2025 21:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:19 +0000
Files and hashes:         1: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl (hash: VEkD0R6Zf47jLbkzd6VIv9hkkuiCWBHGhANbe6+4Z4o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:46:d8:e3:d1:8d:f6:34:08:8a:da:5e:66:b5:ff:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
        Validity
            Not Before: Oct 19 21:01:19 2025 GMT
            Not After : Oct 20 21:01:19 2025 GMT
        Subject: CN=1506b1e4e1b7e9e1da85fdb7e507610080035681
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4e:f7:a6:78:ed:29:a2:08:d9:14:41:b2:f7:
                    32:b7:3e:e9:be:f1:86:ab:b1:3c:e8:ea:dd:e5:4a:
                    b3:f0:47:a9:f8:df:a4:99:fb:3b:15:55:b5:06:54:
                    ab:d1:54:b8:70:95:81:64:fd:b9:5e:7b:7a:b2:1b:
                    c4:75:ca:bb:35:9e:c8:09:05:60:fa:d1:2e:59:96:
                    b2:ed:41:9a:bf:73:50:11:0d:58:e1:cd:3c:fb:cf:
                    bb:99:04:a7:60:00:b6:39:e4:1c:f9:07:ea:ce:ed:
                    bf:0c:44:bc:aa:c4:37:03:c1:6d:c8:9c:96:27:49:
                    b8:c7:e3:79:9a:68:3a:8b:0d:f1:ed:2c:1d:15:88:
                    fa:d9:f0:56:18:64:2f:70:dd:4a:5a:af:6e:fb:f2:
                    57:11:7a:8b:e5:aa:92:08:46:6e:36:32:8c:aa:96:
                    6c:55:08:ed:eb:98:d7:43:ca:9e:9c:ea:72:51:b9:
                    b3:78:b0:0f:ed:92:1b:f6:31:7a:da:17:ca:5c:64:
                    54:01:f6:88:f8:94:f9:48:ac:04:f2:f0:4b:08:78:
                    13:cb:94:32:4d:7c:90:3e:fe:1e:4f:82:ef:99:d9:
                    21:6c:0b:41:04:2c:4c:f5:bc:2b:f7:d0:3b:b7:6a:
                    17:a1:57:c9:ba:b8:4e:0c:e9:bf:e0:2c:f0:7f:78:
                    79:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:06:B1:E4:E1:B7:E9:E1:DA:85:FD:B7:E5:07:61:00:80:03:56:81
            X509v3 Authority Key Identifier:
                keyid:CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:31:07:da:97:a5:00:44:bb:3e:77:ec:ef:21:7d:d7:e7:7a:
         c5:44:0a:98:8e:92:73:95:70:57:cb:95:de:d2:61:a9:c3:33:
         dd:54:68:16:c7:52:fd:79:41:f8:f7:4a:93:b9:2b:93:4d:25:
         af:86:81:db:34:14:23:a0:89:13:59:3d:b3:4a:89:39:d0:a7:
         62:2f:06:90:d2:a9:1c:1d:81:9c:68:33:1b:2e:24:1a:07:24:
         70:bb:e6:8f:c1:0d:2c:25:97:ae:34:24:53:75:0a:ee:77:ad:
         3b:36:fc:0e:d0:d6:15:86:3d:7e:64:62:d6:94:1f:82:6e:f9:
         6d:7e:c7:62:c6:16:02:3f:1e:9f:50:9b:33:7a:d0:6f:ce:ac:
         1c:ae:3e:4d:57:54:67:bc:e5:4a:96:4d:a7:9c:75:b8:fe:6b:
         b3:02:e9:96:73:5d:85:6e:e0:ca:1e:f1:2a:78:21:f9:33:5f:
         f4:7a:c4:14:12:61:b1:b5:87:15:73:31:de:cd:bf:df:eb:d2:
         42:7d:fb:b1:03:7f:3f:67:f1:d2:2d:03:2c:f1:58:82:36:b7:
         d7:d3:6e:bb:4b:74:ab:00:38:a6:c2:26:40:9e:44:20:02:6e:
         10:b6:6e:8b:ce:28:28:98:4a:e2:b6:36:77:91:b9:af:9e:f0:
         8d:ef:50:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+Rtjj0Y32NAiK2l5mtf+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlODFlMmQ1NmZkOWYxOTMyZGJjMGYyMTYzMjk5NDJmZTIz
Zjc1NWEwHhcNMjUxMDE5MjEwMTE5WhcNMjUxMDIwMjEwMTE5WjAzMTEwLwYDVQQD
EygxNTA2YjFlNGUxYjdlOWUxZGE4NWZkYjdlNTA3NjEwMDgwMDM1NjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt073pnjtKaII2RRBsvcytz7pvvGG
q7E86Ord5Uqz8Eep+N+kmfs7FVW1BlSr0VS4cJWBZP25Xnt6shvEdcq7NZ7ICQVg
+tEuWZay7UGav3NQEQ1Y4c08+8+7mQSnYAC2OeQc+Qfqzu2/DES8qsQ3A8FtyJyW
J0m4x+N5mmg6iw3x7SwdFYj62fBWGGQvcN1KWq9u+/JXEXqL5aqSCEZuNjKMqpZs
VQjt65jXQ8qenOpyUbmzeLAP7ZIb9jF62hfKXGRUAfaI+JT5SKwE8vBLCHgTy5Qy
TXyQPv4eT4LvmdkhbAtBBCxM9bwr99A7t2oXoVfJurhODOm/4Czwf3h5WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUGseTht+nh2oX9t+UHYQCAA1aBMB8GA1UdIwQY
MBaAFM6B4tVv2fGTLbwPIWMplC/iP3VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2Mt
OTQ5M2E3NGI1Zjc1LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2MtOTQ5M2E3NGI1Zjc1
LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkzEH2pel
AES7Pnfs7yF91+d6xUQKmI6Sc5VwV8uV3tJhqcMz3VRoFsdS/XlB+PdKk7krk00l
r4aB2zQUI6CJE1k9s0qJOdCnYi8GkNKpHB2BnGgzGy4kGgckcLvmj8ENLCWXrjQk
U3UK7netOzb8DtDWFYY9fmRi1pQfgm75bX7HYsYWAj8en1CbM3rQb86sHK4+TVdU
Z7zlSpZNp5x1uP5rswLplnNdhW7gyh7xKngh+TNf9HrEFBJhsbWHFXMx3s2/3+vS
Qn37sQN/P2fx0i0DLPFYgja319Nuu0t0qwA4psImQJ5EIAJuELZui84oKJhK4rY2
d5G5r57wje9QCA==
-----END CERTIFICATE-----