Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
File:                     Z3NwPrTqs2ernekaKsQe4yAUAw8.mft (raw, json)
Hash identifier:          mpZPUvDtSEQlVQCKkC5+RpDC5vYzEVbOFjdwWXxkzeA=
Subject key identifier:   E7:39:C7:1C:1D:07:08:8B:77:43:D8:AC:66:10:8F:BB:8F:82:0A:9A
Authority key identifier: 67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F
Certificate issuer:       /CN=6773703eb4eab367ab9de91a2ac41ee32014030f
Certificate serial:       019A71B7AD3E7934D99CCA16384FF6A2C058
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
Manifest number:          09E7
Signing time:             Tue 11 Nov 2025 07:00:53 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:53 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:53 +0000
Files and hashes:         1: Z3NwPrTqs2ernekaKsQe4yAUAw8.crl (hash: ctAOn7X0Lz5S5s/0gHpNNKWn2hMjc5xRwoHES+GRQx8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:ad:3e:79:34:d9:9c:ca:16:38:4f:f6:a2:c0:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6773703eb4eab367ab9de91a2ac41ee32014030f
        Validity
            Not Before: Nov 11 07:00:53 2025 GMT
            Not After : Nov 12 07:00:53 2025 GMT
        Subject: CN=e739c71c1d07088b7743d8ac66108fbb8f820a9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:f1:1b:e1:6b:0d:3a:2d:cf:b7:e1:2d:c6:e3:
                    d8:a6:fc:52:9c:71:db:1e:8e:93:28:ad:a9:10:3d:
                    7c:68:1e:4f:96:4c:84:12:b5:7b:52:34:c7:8f:30:
                    02:e5:61:ee:81:86:4f:dd:0c:d7:2f:99:1c:f1:74:
                    1c:80:03:5a:fa:f1:cc:8f:6f:ae:5e:a0:9a:a4:c8:
                    88:a1:bf:de:99:43:26:4f:db:c3:f9:94:43:b5:26:
                    93:5e:f9:5d:0d:90:01:96:bb:c1:61:35:16:71:6a:
                    26:96:74:c1:57:93:24:0a:71:42:ba:48:6f:f0:17:
                    af:9b:2d:1d:8a:a9:e1:bc:83:29:a6:0a:ba:a1:88:
                    24:73:fb:07:26:d2:df:f7:f8:40:48:1e:4b:c3:65:
                    2b:db:68:14:09:0a:62:71:fb:da:be:af:db:01:85:
                    95:98:92:2e:4f:d0:7f:68:10:8b:95:02:e0:d8:93:
                    d0:e2:87:3f:33:8b:9e:1e:17:f1:b1:19:87:1a:43:
                    88:5e:e0:15:db:94:68:0a:b0:f1:4c:69:70:62:6c:
                    e8:12:fb:96:28:52:5b:d1:b2:8c:e8:5a:de:48:a5:
                    67:7f:44:59:95:79:fb:33:0d:c0:40:78:6f:7f:e4:
                    d4:a7:6c:bb:89:91:f2:2e:05:6b:70:7f:5b:5e:f6:
                    35:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:39:C7:1C:1D:07:08:8B:77:43:D8:AC:66:10:8F:BB:8F:82:0A:9A
            X509v3 Authority Key Identifier:
                keyid:67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:9b:3e:ea:19:98:70:49:c1:e8:ff:a1:02:c6:c4:34:fe:41:
         44:f9:a8:6f:bf:a8:3d:a3:f9:49:fc:1d:e8:d9:9a:af:8f:d1:
         ec:a1:ef:07:4c:99:67:5c:c8:a1:26:85:40:33:3a:f7:3b:42:
         ab:32:a4:db:1c:90:e8:0a:33:87:50:fd:b6:fe:bc:ed:4d:94:
         e9:2c:88:a5:f3:22:b9:9f:c3:ff:70:04:84:cd:70:59:3c:3a:
         0c:e5:fc:2b:9c:58:83:df:bb:f3:b2:f9:02:02:1f:b2:78:c8:
         61:89:fa:2b:74:b9:90:1a:89:b8:f9:5b:40:5d:db:fd:92:19:
         ba:9a:b1:de:fa:75:50:10:13:4b:3c:b7:e2:dc:c9:9a:f3:ae:
         3e:03:90:76:10:3e:14:91:d5:4a:c9:ec:6b:12:c5:b2:35:36:
         38:82:58:d3:76:7b:d8:3a:ab:4a:81:0d:84:6a:a8:24:d8:f3:
         e0:1e:b6:80:43:17:ae:c6:82:46:77:8c:68:4d:3b:05:22:49:
         06:bc:4f:91:99:48:3c:f7:7b:89:09:60:1d:a9:f3:bc:8b:5c:
         e3:e4:28:82:6a:9e:fe:62:72:8c:2c:ae:93:8b:47:1f:34:c0:
         a5:7d:b7:64:4d:dd:61:ba:83:32:98:76:46:ff:9a:06:a1:88:
         4d:6c:9c:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt60+eTTZnMoWOE/2osBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzM3MDNlYjRlYWIzNjdhYjlkZTkxYTJhYzQxZWUzMjAx
NDAzMGYwHhcNMjUxMTExMDcwMDUzWhcNMjUxMTEyMDcwMDUzWjAzMTEwLwYDVQQD
EyhlNzM5YzcxYzFkMDcwODhiNzc0M2Q4YWM2NjEwOGZiYjhmODIwYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/Eb4WsNOi3Pt+EtxuPYpvxSnHHb
Ho6TKK2pED18aB5PlkyEErV7UjTHjzAC5WHugYZP3QzXL5kc8XQcgANa+vHMj2+u
XqCapMiIob/emUMmT9vD+ZRDtSaTXvldDZABlrvBYTUWcWomlnTBV5MkCnFCukhv
8Bevmy0diqnhvIMppgq6oYgkc/sHJtLf9/hASB5Lw2Ur22gUCQpicfvavq/bAYWV
mJIuT9B/aBCLlQLg2JPQ4oc/M4ueHhfxsRmHGkOIXuAV25RoCrDxTGlwYmzoEvuW
KFJb0bKM6FreSKVnf0RZlXn7Mw3AQHhvf+TUp2y7iZHyLgVrcH9bXvY15wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOc5xxwdBwiLd0PYrGYQj7uPggqaMB8GA1UdIwQY
MBaAFGdzcD606rNnq53pGirEHuMgFAMPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYt
NDdmZWJiMGFjMjU5LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYtNDdmZWJiMGFjMjU5
LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlJs+6hmY
cEnB6P+hAsbENP5BRPmob7+oPaP5Sfwd6Nmar4/R7KHvB0yZZ1zIoSaFQDM69ztC
qzKk2xyQ6Aozh1D9tv687U2U6SyIpfMiuZ/D/3AEhM1wWTw6DOX8K5xYg9+787L5
AgIfsnjIYYn6K3S5kBqJuPlbQF3b/ZIZupqx3vp1UBATSzy34tzJmvOuPgOQdhA+
FJHVSsnsaxLFsjU2OIJY03Z72DqrSoENhGqoJNjz4B62gEMXrsaCRneMaE07BSJJ
BrxPkZlIPPd7iQlgHanzvItc4+Qogmqe/mJyjCyuk4tHHzTApX23ZE3dYbqDMph2
Rv+aBqGITWycQQ==
-----END CERTIFICATE-----