Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
File:                     zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json)
Hash identifier:          2WhVmmlYdeJm3s5wWNwZebuGwm753ZiEO9h6uxaX3WA=
Subject key identifier:   FE:99:8D:7D:DB:CD:68:F6:FF:CD:AF:B1:BB:5E:8F:50:3B:0C:29:36
Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
Certificate issuer:       /CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Certificate serial:       0198458877F4FE8EBD0845B192AA4E5C985F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
Manifest number:          0578
Signing time:             Sat 26 Jul 2025 07:00:28 +0000
Manifest this update:     Sat 26 Jul 2025 07:00:28 +0000
Manifest next update:     Sun 27 Jul 2025 07:00:28 +0000
Files and hashes:         1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: wpWa/Yg6n8IpdKEGSKg2lDXBg5+GLIHgvVh7d+Kj/3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 02:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:45:88:77:f4:fe:8e:bd:08:45:b1:92:aa:4e:5c:98:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631
        Validity
            Not Before: Jul 26 07:00:28 2025 GMT
            Not After : Jul 27 07:00:28 2025 GMT
        Subject: CN=fe998d7ddbcd68f6ffcdafb1bb5e8f503b0c2936
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e5:30:a4:ab:35:5f:47:c3:23:34:5e:4a:c7:
                    0d:0a:7b:62:49:60:bc:27:c6:16:4b:21:08:ab:45:
                    96:88:cd:72:df:cf:15:94:ad:9d:47:01:8e:f3:f0:
                    9e:5f:18:03:48:5d:7b:4e:3f:8b:5e:a3:58:3d:19:
                    a3:c2:f9:cb:29:ac:9a:23:7a:6f:6e:a1:0a:f5:95:
                    e2:df:a7:ba:58:e1:5c:9a:8d:23:06:6c:2d:4f:29:
                    d0:71:53:0b:49:ca:47:36:73:ea:4d:e3:63:a6:76:
                    4e:be:b5:10:ed:67:8d:42:ce:7c:42:53:63:db:71:
                    93:ee:9e:34:9d:a2:e0:41:aa:32:17:ca:94:b8:e9:
                    41:8d:90:d8:79:0a:f9:8e:38:ae:04:25:5f:ad:e0:
                    3a:5b:fd:ef:95:81:51:91:58:39:ef:30:0b:fd:0d:
                    e0:bc:8d:52:06:5a:9a:41:dc:89:7a:6e:ac:c8:f1:
                    99:8b:bd:8e:0e:d3:8d:70:04:c5:3f:a1:e7:56:09:
                    f5:16:46:73:64:ba:57:0c:4b:5d:5a:5e:09:5e:4b:
                    f6:ac:16:68:3b:36:7d:4b:53:aa:b3:d2:64:05:e2:
                    be:b6:db:04:20:dc:8c:9d:fe:66:a3:de:3e:5a:13:
                    f6:7f:84:24:90:ec:d9:84:52:e5:f5:82:5a:d2:6e:
                    22:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:99:8D:7D:DB:CD:68:F6:FF:CD:AF:B1:BB:5E:8F:50:3B:0C:29:36
            X509v3 Authority Key Identifier:
                keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:f6:b8:1b:41:c3:50:9c:e7:2b:5f:84:78:a3:3c:23:2b:93:
         27:1f:b2:a6:d5:d3:9c:51:e5:2e:dc:16:26:eb:21:a4:7e:a3:
         82:92:60:0a:74:c5:b5:91:73:a4:47:86:8f:b9:98:b2:62:a6:
         58:90:67:42:4e:ce:f4:f1:b6:07:83:ce:e3:23:5f:1e:74:db:
         02:23:c4:58:be:78:f6:3f:01:0f:fa:25:72:63:4f:5b:f7:a7:
         23:f7:79:cb:5d:88:1e:76:2e:16:5f:83:23:0d:a3:99:7d:99:
         ca:da:ab:2a:6e:b4:07:55:a1:2a:2c:e5:63:22:9b:b2:33:12:
         58:bd:96:94:62:69:84:9f:3d:7d:8f:ec:bc:1f:f9:d7:71:e7:
         fb:7e:b8:bc:53:38:12:df:df:8d:87:63:16:c7:37:d1:0e:87:
         1f:3f:43:df:8c:c9:72:ed:43:02:72:6c:aa:c6:3c:4b:93:88:
         10:b7:6b:ef:11:ae:ab:36:16:83:f9:40:30:b8:92:8f:33:0f:
         7d:d1:89:48:46:49:95:4b:34:93:61:82:21:3a:4e:52:ae:47:
         c5:f2:2d:7c:a3:a7:49:96:50:03:9b:9a:b0:88:2d:fc:d6:19:
         da:21:75:26:ef:84:03:73:0f:0a:bd:12:c0:f0:1e:95:ea:1c:
         13:a5:bd:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhFiHf0/o69CEWxkqpOXJhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1
ZjI2MzEwHhcNMjUwNzI2MDcwMDI4WhcNMjUwNzI3MDcwMDI4WjAzMTEwLwYDVQQD
EyhmZTk5OGQ3ZGRiY2Q2OGY2ZmZjZGFmYjFiYjVlOGY1MDNiMGMyOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuUwpKs1X0fDIzReSscNCntiSWC8
J8YWSyEIq0WWiM1y388VlK2dRwGO8/CeXxgDSF17Tj+LXqNYPRmjwvnLKayaI3pv
bqEK9ZXi36e6WOFcmo0jBmwtTynQcVMLScpHNnPqTeNjpnZOvrUQ7WeNQs58QlNj
23GT7p40naLgQaoyF8qUuOlBjZDYeQr5jjiuBCVfreA6W/3vlYFRkVg57zAL/Q3g
vI1SBlqaQdyJem6syPGZi72ODtONcATFP6HnVgn1FkZzZLpXDEtdWl4JXkv2rBZo
OzZ9S1Oqs9JkBeK+ttsEINyMnf5mo94+WhP2f4QkkOzZhFLl9YJa0m4iTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6ZjX3bzWj2/82vsbtej1A7DCk2MB8GA1UdIwQY
MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt
MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx
LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV/a4G0HD
UJznK1+EeKM8IyuTJx+yptXTnFHlLtwWJushpH6jgpJgCnTFtZFzpEeGj7mYsmKm
WJBnQk7O9PG2B4PO4yNfHnTbAiPEWL549j8BD/olcmNPW/enI/d5y12IHnYuFl+D
Iw2jmX2ZytqrKm60B1WhKizlYyKbsjMSWL2WlGJphJ89fY/svB/513Hn+364vFM4
Et/fjYdjFsc30Q6HHz9D34zJcu1DAnJsqsY8S5OIELdr7xGuqzYWg/lAMLiSjzMP
fdGJSEZJlUs0k2GCITpOUq5HxfItfKOnSZZQA5uasIgt/NYZ2iF1Ju+EA3MPCr0S
wPAeleocE6W9/g==
-----END CERTIFICATE-----