Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          +DS3DxbvecFZ82urVpmJSsJKRXfkVu5cks+zTbRB9wg=
Subject key identifier:   2E:6D:42:8D:D2:BC:E7:FC:36:A8:F6:91:41:9A:A8:74:07:DF:C9:99
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       019A725CAD7BD6FB24B04DE54D545673D5F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          158C
Signing time:             Tue 11 Nov 2025 10:01:07 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:07 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:07 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: lzYOw/Nx6gCG5JXri48PKMCid3vmKk/t1qD/2NRj8gg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:ad:7b:d6:fb:24:b0:4d:e5:4d:54:56:73:d5:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Nov 11 10:01:07 2025 GMT
            Not After : Nov 12 10:01:07 2025 GMT
        Subject: CN=2e6d428dd2bce7fc36a8f691419aa87407dfc999
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:67:e3:9f:93:93:53:a4:60:b9:b4:5f:77:8f:
                    1a:06:e1:7e:81:95:0b:3a:70:d8:12:ca:de:37:c7:
                    c2:21:7a:4a:76:71:ad:66:59:e6:8a:1c:1c:02:ca:
                    ec:cd:6a:a4:27:c3:64:c3:b9:dc:eb:cd:7d:05:63:
                    97:42:4e:4a:3b:21:f3:fb:96:bf:9f:10:14:03:eb:
                    d0:64:33:54:79:79:cb:b8:d8:df:b9:ac:d4:10:b3:
                    4a:7c:cb:3e:90:a8:0f:91:09:c4:da:be:88:63:18:
                    67:c1:5a:88:02:0f:4c:5a:3c:af:c0:9c:b8:b8:09:
                    96:37:83:ef:ed:f8:99:b2:17:e4:a5:e9:9f:27:02:
                    53:f2:d1:0d:7b:05:53:de:1b:6b:c4:ad:37:20:57:
                    db:d7:81:4b:d7:f7:d9:77:f5:92:5f:78:67:13:ea:
                    b0:01:1e:9c:c1:7a:a0:3b:ac:1c:44:0e:b8:08:ec:
                    20:aa:35:7b:58:29:9e:4a:85:e5:7c:65:07:70:60:
                    64:44:b8:d7:6b:7a:f5:31:17:08:84:ec:e5:1f:65:
                    59:76:1d:85:a8:75:fc:96:ea:7a:86:3a:37:39:7c:
                    b0:2a:0a:cd:82:55:f7:42:2d:15:33:32:98:1b:cc:
                    58:ee:4b:ff:06:4b:06:a2:08:25:5a:eb:6b:0f:19:
                    ad:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:6D:42:8D:D2:BC:E7:FC:36:A8:F6:91:41:9A:A8:74:07:DF:C9:99
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:c4:eb:51:89:ae:e7:b5:6b:e2:96:fb:52:11:2c:cd:08:69:
         66:51:54:76:bf:c4:5c:8a:c3:08:1e:4e:7b:a3:0d:e1:8f:e1:
         60:f4:cf:6d:47:b5:58:5b:dc:8d:07:87:36:80:36:a4:36:d0:
         18:63:36:de:ec:fb:82:be:6b:57:25:8a:a3:41:19:25:55:24:
         48:f3:76:8c:40:ed:e2:a6:b0:dc:de:92:51:5f:fd:62:2a:bc:
         0f:c7:f9:b1:10:a0:9a:f9:d6:87:dd:65:12:4d:47:3e:ef:81:
         68:34:61:5c:ef:37:e3:a2:27:a4:d1:c8:f5:41:9d:db:cf:a2:
         13:12:da:62:b4:35:a6:f4:6e:c4:11:42:46:45:bf:f0:7e:92:
         f1:f4:72:60:4b:81:50:52:f1:03:b3:27:fe:31:74:af:86:3a:
         65:b1:13:f2:28:61:f3:2c:fa:ed:1c:6c:e1:47:94:03:d4:37:
         0f:1e:d4:31:7e:8c:99:f6:1a:55:43:0d:5b:e2:9c:0c:e4:72:
         56:d9:ac:c3:5d:0a:75:24:ba:41:93:b3:71:50:ec:cd:7b:f6:
         14:8a:ea:50:5f:f3:b2:1c:f2:c1:6e:5e:5f:7a:60:6f:4d:bd:
         f2:d6:92:c1:0c:e7:d2:41:61:61:cc:d8:9b:2d:0f:60:5e:42:
         81:a7:ce:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXK171vsksE3lTVRWc9X2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUxMTExMTAwMTA3WhcNMjUxMTEyMTAwMTA3WjAzMTEwLwYDVQQD
EygyZTZkNDI4ZGQyYmNlN2ZjMzZhOGY2OTE0MTlhYTg3NDA3ZGZjOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWfjn5OTU6RgubRfd48aBuF+gZUL
OnDYEsreN8fCIXpKdnGtZlnmihwcAsrszWqkJ8Nkw7nc6819BWOXQk5KOyHz+5a/
nxAUA+vQZDNUeXnLuNjfuazUELNKfMs+kKgPkQnE2r6IYxhnwVqIAg9MWjyvwJy4
uAmWN4Pv7fiZshfkpemfJwJT8tENewVT3htrxK03IFfb14FL1/fZd/WSX3hnE+qw
AR6cwXqgO6wcRA64COwgqjV7WCmeSoXlfGUHcGBkRLjXa3r1MRcIhOzlH2VZdh2F
qHX8lup6hjo3OXywKgrNglX3Qi0VMzKYG8xY7kv/BksGogglWutrDxmteQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC5tQo3SvOf8Nqj2kUGaqHQH38mZMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALMTrUYmu
57Vr4pb7UhEszQhpZlFUdr/EXIrDCB5Oe6MN4Y/hYPTPbUe1WFvcjQeHNoA2pDbQ
GGM23uz7gr5rVyWKo0EZJVUkSPN2jEDt4qaw3N6SUV/9Yiq8D8f5sRCgmvnWh91l
Ek1HPu+BaDRhXO8346InpNHI9UGd28+iExLaYrQ1pvRuxBFCRkW/8H6S8fRyYEuB
UFLxA7Mn/jF0r4Y6ZbET8ihh8yz67Rxs4UeUA9Q3Dx7UMX6MmfYaVUMNW+KcDORy
Vtmsw10KdSS6QZOzcVDszXv2FIrqUF/zshzywW5eX3pgb0298taSwQzn0kFhYczY
my0PYF5CgafOrA==
-----END CERTIFICATE-----