Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
File:                     zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft (raw, json)
Hash identifier:          wpFM9RdcgD5VIqCREJV136l9Z5H+BO52AVrkXI2jinM=
Subject key identifier:   DA:4C:86:3D:8F:0D:E5:A7:50:BD:2D:3A:AB:6D:09:A1:0F:24:7E:65
Authority key identifier: CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A
Certificate issuer:       /CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
Certificate serial:       019849D3A1542DEDD598301A598508D3B180
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
Manifest number:          0210
Signing time:             Sun 27 Jul 2025 03:01:02 +0000
Manifest this update:     Sun 27 Jul 2025 03:01:02 +0000
Manifest next update:     Mon 28 Jul 2025 03:01:02 +0000
Files and hashes:         1: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl (hash: mQd6Y4XGFPCqwhfTC0WyF6zc8/bX5Iq6rI3UnMbTmE0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 20:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:a1:54:2d:ed:d5:98:30:1a:59:85:08:d3:b1:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
        Validity
            Not Before: Jul 27 03:01:02 2025 GMT
            Not After : Jul 28 03:01:02 2025 GMT
        Subject: CN=da4c863d8f0de5a750bd2d3aab6d09a10f247e65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:63:34:be:c8:f7:96:f2:71:1c:ef:97:3c:5c:
                    d8:ae:31:16:b6:81:e3:0b:c5:30:0b:09:ce:34:26:
                    00:7b:e5:f6:d0:c0:bb:a7:1e:06:9f:2c:2a:cc:b6:
                    05:4c:f9:2a:48:e9:cf:ec:86:aa:42:6b:21:28:14:
                    e2:5d:6e:ba:e9:a8:12:0f:a7:2d:9d:53:1d:d7:33:
                    a7:9d:25:36:0c:56:3f:2b:41:89:54:69:f2:a7:8c:
                    ef:74:cc:96:b2:4b:dc:44:e8:8c:e9:63:5a:73:aa:
                    a2:63:db:17:8d:fc:67:e7:fe:3b:53:92:d8:fe:63:
                    d1:d7:09:60:80:5c:67:71:29:d7:a9:b7:75:00:38:
                    2d:40:f2:14:12:6d:fd:6f:ca:ee:3b:74:89:ad:09:
                    0e:fc:a9:97:1e:80:4e:4c:2f:7d:28:41:9c:30:ea:
                    00:f2:61:b8:98:8d:dd:72:80:ea:22:5e:fd:1f:6f:
                    90:7b:c2:b5:79:85:a2:44:11:06:51:12:63:f4:20:
                    ee:ab:a0:64:27:b2:ec:0d:2d:a2:89:63:04:d9:bf:
                    29:65:0e:73:8b:94:6e:55:cb:31:0b:a3:ff:a4:25:
                    ad:4e:59:72:26:c5:7e:e1:07:78:87:90:bf:b9:a8:
                    81:3a:56:49:61:62:93:ac:06:7e:3e:f9:bf:d0:af:
                    cf:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:4C:86:3D:8F:0D:E5:A7:50:BD:2D:3A:AB:6D:09:A1:0F:24:7E:65
            X509v3 Authority Key Identifier:
                keyid:CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:6f:2d:75:ca:08:9e:41:2f:6b:22:4b:4a:af:b2:d8:d2:0e:
         18:7e:d3:bc:bd:37:58:ed:34:81:67:fd:85:3b:6d:61:ba:fe:
         79:3c:a8:e7:53:3b:bc:75:84:be:f3:11:c3:d6:1b:45:3d:d6:
         27:95:9b:9e:19:3a:12:b6:71:e1:97:91:f5:9b:b6:da:c0:17:
         f9:1c:59:01:03:32:87:99:44:aa:61:29:7a:ca:98:2f:87:f5:
         39:72:2f:10:cb:a8:13:03:5c:af:7d:3d:ed:82:2c:69:69:c8:
         aa:22:9d:5c:8d:c7:35:5e:7c:ba:ac:8e:fd:13:3b:cb:a1:14:
         40:96:ce:22:6e:cc:4c:2a:ea:5b:9f:e0:08:f6:1b:3a:22:26:
         d7:22:e5:ee:2c:e4:04:47:80:6d:75:16:40:ef:c5:8d:a4:62:
         7b:43:d4:9c:03:9b:d2:4e:b7:34:2b:7d:01:c0:c9:96:34:2b:
         00:eb:ad:d9:53:83:da:cc:b3:38:11:95:a8:c7:45:52:e4:fc:
         be:ff:7e:e0:81:e2:6b:b9:db:3e:e0:0c:9f:c7:cc:c9:c6:93:
         01:8d:08:78:84:72:97:82:51:a4:f8:7a:93:b5:f2:45:5d:dd:
         29:d2:5f:a4:d0:a0:39:b0:32:06:61:ca:25:4a:e8:0a:c2:aa:
         b8:6b:4c:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ06FULe3VmDAaWYUI07GAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlODFlMmQ1NmZkOWYxOTMyZGJjMGYyMTYzMjk5NDJmZTIz
Zjc1NWEwHhcNMjUwNzI3MDMwMTAyWhcNMjUwNzI4MDMwMTAyWjAzMTEwLwYDVQQD
EyhkYTRjODYzZDhmMGRlNWE3NTBiZDJkM2FhYjZkMDlhMTBmMjQ3ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2M0vsj3lvJxHO+XPFzYrjEWtoHj
C8UwCwnONCYAe+X20MC7px4GnywqzLYFTPkqSOnP7IaqQmshKBTiXW666agSD6ct
nVMd1zOnnSU2DFY/K0GJVGnyp4zvdMyWskvcROiM6WNac6qiY9sXjfxn5/47U5LY
/mPR1wlggFxncSnXqbd1ADgtQPIUEm39b8ruO3SJrQkO/KmXHoBOTC99KEGcMOoA
8mG4mI3dcoDqIl79H2+Qe8K1eYWiRBEGURJj9CDuq6BkJ7LsDS2iiWME2b8pZQ5z
i5RuVcsxC6P/pCWtTllyJsV+4Qd4h5C/uaiBOlZJYWKTrAZ+Pvm/0K/PyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpMhj2PDeWnUL0tOqttCaEPJH5lMB8GA1UdIwQY
MBaAFM6B4tVv2fGTLbwPIWMplC/iP3VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2Mt
OTQ5M2E3NGI1Zjc1LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2MtOTQ5M2E3NGI1Zjc1
LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFG8tdcoI
nkEvayJLSq+y2NIOGH7TvL03WO00gWf9hTttYbr+eTyo51M7vHWEvvMRw9YbRT3W
J5Wbnhk6ErZx4ZeR9Zu22sAX+RxZAQMyh5lEqmEpesqYL4f1OXIvEMuoEwNcr309
7YIsaWnIqiKdXI3HNV58uqyO/RM7y6EUQJbOIm7MTCrqW5/gCPYbOiIm1yLl7izk
BEeAbXUWQO/FjaRie0PUnAOb0k63NCt9AcDJljQrAOut2VOD2syzOBGVqMdFUuT8
vv9+4IHia7nbPuAMn8fMycaTAY0IeIRyl4JRpPh6k7XyRV3dKdJfpNCgObAyBmHK
JUroCsKquGtMhg==
-----END CERTIFICATE-----