Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft
File:                     Zhao67AREZsvaVMn-xblH4hwRHk.mft (raw, json)
Hash identifier:          maePf+98HXJpSTb21+Vr5wOrIktMGAF8f+Qnn7H/JpA=
Subject key identifier:   57:5A:4D:11:DD:23:61:83:E8:85:13:64:0B:DF:41:1B:3E:F7:D2:D4
Authority key identifier: 66:16:A8:EB:B0:11:11:9B:2F:69:53:27:FB:16:E5:1F:88:70:44:79
Certificate issuer:       /CN=6616a8ebb011119b2f695327fb16e51f88704479
Certificate serial:       019916BF1EB162DDB81BD4727045C213E1FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft
Manifest number:          0127
Signing time:             Thu 04 Sep 2025 22:00:47 +0000
Manifest this update:     Thu 04 Sep 2025 22:00:47 +0000
Manifest next update:     Fri 05 Sep 2025 22:00:47 +0000
Files and hashes:         1: Zhao67AREZsvaVMn-xblH4hwRHk.crl (hash: Cw72WXzFmUi2RTZsn20WtgTob42AdLoOeYoLO+KEEGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 22:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:bf:1e:b1:62:dd:b8:1b:d4:72:70:45:c2:13:e1:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6616a8ebb011119b2f695327fb16e51f88704479
        Validity
            Not Before: Sep  4 22:00:47 2025 GMT
            Not After : Sep  5 22:00:47 2025 GMT
        Subject: CN=575a4d11dd236183e88513640bdf411b3ef7d2d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:72:63:41:ac:45:57:47:a3:f1:15:71:2f:4d:
                    b2:19:ac:ad:33:3e:b8:4c:09:56:79:89:6d:db:06:
                    ce:07:b1:75:a8:a1:61:f1:48:a2:64:63:01:64:ab:
                    61:b5:8d:a9:16:59:01:2e:d2:01:68:85:b3:56:f2:
                    ba:3e:90:55:4b:19:50:c9:83:86:f9:17:32:b2:47:
                    94:0e:89:ca:71:6c:81:84:35:62:09:93:40:da:7e:
                    78:db:d1:a8:a3:e1:03:10:80:8e:1e:95:27:ab:0f:
                    37:22:02:01:76:00:a6:db:d2:31:a9:a5:e6:d1:df:
                    18:64:d2:8b:4c:f4:72:af:fa:7c:03:e8:35:62:78:
                    a9:0e:f5:58:1a:3b:7c:b6:c4:41:be:ef:fa:6f:57:
                    97:8b:42:66:a6:80:4a:02:68:6b:25:1c:e5:8c:25:
                    c8:ed:f5:38:c8:97:d3:cb:c1:37:71:5f:79:4c:27:
                    ee:3c:20:99:0f:c7:8c:25:4e:4d:f7:af:9b:52:11:
                    0e:2c:19:55:11:be:c6:a9:d9:d7:b9:9b:48:5d:05:
                    28:6c:73:b0:44:23:b1:17:c6:d9:2f:85:d2:81:19:
                    e2:5b:8d:2f:a8:58:1e:ad:df:c1:83:9e:96:f9:1a:
                    bd:84:ca:04:2f:a9:c2:91:f9:8f:23:ad:bd:14:b4:
                    25:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:5A:4D:11:DD:23:61:83:E8:85:13:64:0B:DF:41:1B:3E:F7:D2:D4
            X509v3 Authority Key Identifier:
                keyid:66:16:A8:EB:B0:11:11:9B:2F:69:53:27:FB:16:E5:1F:88:70:44:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:ed:fa:47:78:37:c1:2e:93:44:dc:84:9c:bc:d1:77:00:67:
         57:13:ea:66:6d:af:90:05:74:ce:c6:90:66:86:a1:72:d3:5c:
         18:34:2e:b5:62:57:1b:9c:a0:f7:d1:1e:94:4e:90:fc:4a:9c:
         62:be:9b:21:f9:09:cc:87:42:98:7a:e3:8e:b1:f4:49:29:1d:
         87:74:1e:94:32:1d:11:28:9f:6e:e8:ec:c9:c7:be:94:9c:83:
         9c:eb:c0:31:bb:5f:2d:d4:1d:e3:de:b0:92:99:e8:58:be:ba:
         4d:d3:5f:df:83:c3:27:8f:3f:5a:d4:cc:64:15:70:b0:33:2e:
         b0:fe:2f:7b:68:43:e3:b9:a9:9a:fd:2c:ce:84:f9:4f:54:09:
         b2:a5:0a:52:9f:e8:b4:6a:f7:be:d9:af:f4:ff:54:20:62:ca:
         e4:15:6f:71:37:2b:cb:3e:54:50:0d:d0:36:4e:e6:d3:65:c5:
         58:b5:a6:82:b9:c5:d7:ec:74:47:2e:bf:26:c9:13:0d:97:f7:
         75:d0:36:7f:8d:da:6a:f6:49:5d:4f:cb:cb:a5:04:04:d4:df:
         db:bc:e5:ad:2e:07:6f:4a:ed:bc:26:56:96:3f:ac:5f:bb:f0:
         78:3e:79:da:cd:28:6c:59:81:28:32:d5:18:49:cd:b9:84:6a:
         18:23:fd:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWvx6xYt24G9RycEXCE+H/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTZhOGViYjAxMTExOWIyZjY5NTMyN2ZiMTZlNTFmODg3
MDQ0NzkwHhcNMjUwOTA0MjIwMDQ3WhcNMjUwOTA1MjIwMDQ3WjAzMTEwLwYDVQQD
Eyg1NzVhNGQxMWRkMjM2MTgzZTg4NTEzNjQwYmRmNDExYjNlZjdkMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXJjQaxFV0ej8RVxL02yGaytMz64
TAlWeYlt2wbOB7F1qKFh8UiiZGMBZKthtY2pFlkBLtIBaIWzVvK6PpBVSxlQyYOG
+RcyskeUDonKcWyBhDViCZNA2n5429Goo+EDEICOHpUnqw83IgIBdgCm29IxqaXm
0d8YZNKLTPRyr/p8A+g1YnipDvVYGjt8tsRBvu/6b1eXi0JmpoBKAmhrJRzljCXI
7fU4yJfTy8E3cV95TCfuPCCZD8eMJU5N96+bUhEOLBlVEb7GqdnXuZtIXQUobHOw
RCOxF8bZL4XSgRniW40vqFgerd/Bg56W+Rq9hMoEL6nCkfmPI629FLQlwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdaTRHdI2GD6IUTZAvfQRs+99LUMB8GA1UdIwQY
MBaAFGYWqOuwERGbL2lTJ/sW5R+IcER5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kY2Y0YTItYzM3NC00NTczLTk0MGEt
ZWQzZDI3MDU1MDIwLzEvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9kY2Y0YTItYzM3NC00NTczLTk0MGEtZWQzZDI3MDU1MDIw
LzEvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZe36R3g3
wS6TRNyEnLzRdwBnVxPqZm2vkAV0zsaQZoahctNcGDQutWJXG5yg99EelE6Q/Eqc
Yr6bIfkJzIdCmHrjjrH0SSkdh3QelDIdESifbujsyce+lJyDnOvAMbtfLdQd496w
kpnoWL66TdNf34PDJ48/WtTMZBVwsDMusP4ve2hD47mpmv0szoT5T1QJsqUKUp/o
tGr3vtmv9P9UIGLK5BVvcTcryz5UUA3QNk7m02XFWLWmgrnF1+x0Ry6/JskTDZf3
ddA2f43aavZJXU/Ly6UEBNTf27zlrS4Hb0rtvCZWlj+sX7vweD552s0obFmBKDLV
GEnNuYRqGCP9pg==
-----END CERTIFICATE-----