Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
File:                     Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft (raw, json)
Hash identifier:          Wk1Zbq/+QgSW69aA3rrLS8hIESIbA25KcaG+/kSc5C8=
Subject key identifier:   C6:D6:0E:8C:F6:AB:77:E0:23:71:C5:BB:2A:03:40:FF:92:2A:DB:4B
Authority key identifier: 67:6F:BB:57:7C:93:DC:45:D4:8F:01:99:B1:9D:1C:A7:A2:13:7C:56
Certificate issuer:       /CN=676fbb577c93dc45d48f0199b19d1ca7a2137c56
Certificate serial:       019A722599A2AE96A7DD831A346BFA98D948
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
Manifest number:          0DA0
Signing time:             Tue 11 Nov 2025 09:00:58 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:58 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:58 +0000
Files and hashes:         1: Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl (hash: 2k2wVI6hEiUlpacH1a+oMApR9xTOC43HwyxmkTG6blI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:99:a2:ae:96:a7:dd:83:1a:34:6b:fa:98:d9:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=676fbb577c93dc45d48f0199b19d1ca7a2137c56
        Validity
            Not Before: Nov 11 09:00:58 2025 GMT
            Not After : Nov 12 09:00:58 2025 GMT
        Subject: CN=c6d60e8cf6ab77e02371c5bb2a0340ff922adb4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:9f:dc:3f:52:f6:13:93:b6:b7:54:ae:8f:2d:
                    16:fb:59:87:4f:ec:22:21:01:23:86:dc:73:6e:bc:
                    11:6e:06:06:73:42:41:05:df:79:79:2d:86:ce:24:
                    87:5e:a6:e7:52:ba:a6:ba:85:a8:85:b2:73:01:39:
                    48:ea:d1:e6:43:46:69:1c:e3:58:28:7b:58:8c:94:
                    2a:53:45:b3:22:35:46:d2:79:ce:a1:7f:b7:f3:fe:
                    df:eb:ad:8a:07:91:bb:62:2d:6b:11:1c:e3:5f:de:
                    86:0c:62:8b:9e:12:7c:41:06:14:1b:ef:fa:be:bf:
                    c1:7a:72:d8:e4:09:68:dd:72:70:c7:a5:68:b2:84:
                    35:b1:3b:71:8a:10:16:bf:4c:d5:93:92:50:69:94:
                    84:d2:10:13:1a:0f:5e:59:a9:c4:56:43:2e:cf:67:
                    5a:f4:f5:29:b5:78:ac:58:a1:f9:0a:b7:9c:6f:9f:
                    c7:5a:89:21:cd:95:eb:63:33:85:c7:c6:a0:73:32:
                    46:73:36:ee:53:e6:44:4f:ae:3e:c8:07:c4:42:0e:
                    9a:4e:ad:31:0b:8c:c8:17:01:12:59:9b:5a:ca:18:
                    71:c6:82:2d:dc:9c:a1:25:5b:94:46:8e:0b:8b:cb:
                    6f:cd:e2:16:07:15:29:0a:bf:71:0c:52:8a:62:76:
                    81:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:D6:0E:8C:F6:AB:77:E0:23:71:C5:BB:2A:03:40:FF:92:2A:DB:4B
            X509v3 Authority Key Identifier:
                keyid:67:6F:BB:57:7C:93:DC:45:D4:8F:01:99:B1:9D:1C:A7:A2:13:7C:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:a5:2f:8c:ed:53:c0:68:d6:05:30:fa:91:4d:ef:b2:90:7d:
         4a:8d:c0:93:3d:c6:9c:96:ba:46:0d:0c:c8:29:e2:10:95:92:
         10:06:37:99:77:17:4a:fa:e5:82:51:ff:c5:33:bb:59:0e:64:
         f2:6b:e3:a1:47:ed:24:f3:8e:83:47:10:14:46:a8:be:87:06:
         15:e7:17:fc:c4:bc:68:f9:c5:54:0b:15:60:37:f3:3b:a0:45:
         65:3e:5d:c2:08:53:80:30:83:22:33:8a:c5:af:8e:db:a0:70:
         22:ba:ba:6f:ae:40:aa:66:f7:25:c3:db:64:6a:fc:50:bd:f6:
         38:b4:a2:d1:bb:bd:97:ed:9d:83:01:a4:21:cc:25:c3:fa:58:
         9d:5b:87:52:f4:17:3b:c8:a7:d8:1a:64:b3:76:6c:f7:d7:f1:
         4b:73:7f:99:66:29:7d:e0:15:39:83:5b:78:92:6c:27:f5:50:
         99:bb:6f:0e:4d:d4:b0:6e:94:24:48:47:6e:ec:3b:08:d6:2f:
         38:8a:18:30:81:58:a4:fa:58:8b:81:7d:be:ce:94:86:74:b1:
         a8:85:12:82:d2:ac:23:ec:72:a6:b9:fa:cb:d3:8c:6b:cd:0f:
         6c:4b:ab:20:b3:c2:29:e1:0a:80:46:9c:86:bc:08:0c:12:c1:
         ec:f2:f9:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZmirpan3YMaNGv6mNlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NmZiYjU3N2M5M2RjNDVkNDhmMDE5OWIxOWQxY2E3YTIx
MzdjNTYwHhcNMjUxMTExMDkwMDU4WhcNMjUxMTEyMDkwMDU4WjAzMTEwLwYDVQQD
EyhjNmQ2MGU4Y2Y2YWI3N2UwMjM3MWM1YmIyYTAzNDBmZjkyMmFkYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp/cP1L2E5O2t1Sujy0W+1mHT+wi
IQEjhtxzbrwRbgYGc0JBBd95eS2GziSHXqbnUrqmuoWohbJzATlI6tHmQ0ZpHONY
KHtYjJQqU0WzIjVG0nnOoX+38/7f662KB5G7Yi1rERzjX96GDGKLnhJ8QQYUG+/6
vr/BenLY5Alo3XJwx6VosoQ1sTtxihAWv0zVk5JQaZSE0hATGg9eWanEVkMuz2da
9PUptXisWKH5Crecb5/HWokhzZXrYzOFx8agczJGczbuU+ZET64+yAfEQg6aTq0x
C4zIFwESWZtayhhxxoIt3JyhJVuURo4Li8tvzeIWBxUpCr9xDFKKYnaB5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbWDoz2q3fgI3HFuyoDQP+SKttLMB8GA1UdIwQY
MBaAFGdvu1d8k9xF1I8BmbGdHKeiE3xWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy84YTEwN2UtYWI4Yi00M2UyLTk3MWYt
MWNkZTczMWU2ZmRmLzEvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy84YTEwN2UtYWI4Yi00M2UyLTk3MWYtMWNkZTczMWU2ZmRm
LzEvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbKUvjO1T
wGjWBTD6kU3vspB9So3Akz3GnJa6Rg0MyCniEJWSEAY3mXcXSvrlglH/xTO7WQ5k
8mvjoUftJPOOg0cQFEaovocGFecX/MS8aPnFVAsVYDfzO6BFZT5dwghTgDCDIjOK
xa+O26BwIrq6b65Aqmb3JcPbZGr8UL32OLSi0bu9l+2dgwGkIcwlw/pYnVuHUvQX
O8in2Bpks3Zs99fxS3N/mWYpfeAVOYNbeJJsJ/VQmbtvDk3UsG6UJEhHbuw7CNYv
OIoYMIFYpPpYi4F9vs6UhnSxqIUSgtKsI+xyprn6y9OMa80PbEurILPCKeEKgEac
hrwIDBLB7PL5PQ==
-----END CERTIFICATE-----