Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
File:                     zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft (raw, json)
Hash identifier:          gsEz5VDK1NRFE6HXdZyIuAgJMSOlfcZwHRlXSS26noo=
Subject key identifier:   4F:E9:98:6F:A1:DB:9E:67:AC:06:03:80:FC:46:D6:64:63:AC:71:E9
Authority key identifier: CD:35:F6:FF:56:7B:DE:93:39:4F:FF:28:2F:AD:41:7D:A0:B5:36:14
Certificate issuer:       /CN=cd35f6ff567bde93394fff282fad417da0b53614
Certificate serial:       019A730198F0B141DF6A8F3072D5B6944ADF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
Manifest number:          0DF7
Signing time:             Tue 11 Nov 2025 13:01:15 +0000
Manifest this update:     Tue 11 Nov 2025 13:01:15 +0000
Manifest next update:     Wed 12 Nov 2025 13:01:15 +0000
Files and hashes:         1: zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl (hash: sxDLyEtMzTwIXAqbCgDlRiXM7S+xkcvM/JA8KamHc2I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:98:f0:b1:41:df:6a:8f:30:72:d5:b6:94:4a:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd35f6ff567bde93394fff282fad417da0b53614
        Validity
            Not Before: Nov 11 13:01:15 2025 GMT
            Not After : Nov 12 13:01:15 2025 GMT
        Subject: CN=4fe9986fa1db9e67ac060380fc46d66463ac71e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:57:6d:62:a8:81:75:cd:cb:c1:e9:f8:24:81:
                    53:a9:24:8c:59:bf:5f:a8:70:6c:51:01:90:ae:9b:
                    54:c2:dc:3f:9f:1a:f4:56:e8:6b:15:d5:b1:f4:fd:
                    bf:22:b7:40:c5:3b:21:5a:82:bc:6b:00:29:cb:52:
                    9b:41:9a:59:24:f7:14:83:64:3c:5a:20:cb:cd:c3:
                    10:b7:54:09:74:5c:d3:a5:93:04:0d:5f:ed:74:ec:
                    38:90:ad:77:81:69:94:61:6b:f5:50:4f:44:3c:4f:
                    3e:9d:ff:f9:a8:d6:89:86:86:ff:f4:96:2b:17:1d:
                    2a:f9:25:b5:25:a3:80:31:29:57:02:ef:2d:a1:27:
                    e1:81:f3:76:d3:ee:d6:24:56:7a:f0:83:cc:7e:57:
                    4d:49:bf:0c:23:dd:77:b9:45:2b:a6:81:c6:04:01:
                    6d:81:bd:b4:bc:78:17:82:ce:8e:10:74:2f:bf:b1:
                    0d:de:9f:c6:e3:5d:c3:46:a8:ba:df:0a:5d:b4:47:
                    fb:29:5c:75:2a:ab:3b:d4:dd:25:d1:92:91:9e:3d:
                    bf:d8:b9:26:3b:69:e1:b6:fe:7f:61:18:85:0f:24:
                    89:56:28:22:21:5b:02:4b:be:cf:bc:d7:fe:88:be:
                    c5:11:1b:2d:69:b8:67:e4:43:ea:f5:65:8e:13:fb:
                    84:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:E9:98:6F:A1:DB:9E:67:AC:06:03:80:FC:46:D6:64:63:AC:71:E9
            X509v3 Authority Key Identifier:
                keyid:CD:35:F6:FF:56:7B:DE:93:39:4F:FF:28:2F:AD:41:7D:A0:B5:36:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:2b:8e:79:b6:64:f4:6f:ae:2a:51:25:7e:4a:3c:5a:10:ec:
         47:43:5f:6a:5a:af:96:14:66:a3:44:6f:17:97:a0:68:04:17:
         5f:37:67:7e:28:f0:df:fc:65:66:5a:09:b0:d7:9d:44:5e:69:
         14:40:95:20:4f:88:36:7c:78:60:87:7c:49:d6:9a:c8:4e:80:
         ad:ed:da:7e:42:45:b4:41:58:40:c7:41:89:c8:3e:b7:ff:f8:
         18:57:41:25:d9:17:e4:40:91:5d:74:6f:8d:a1:87:a2:f3:bd:
         a0:8d:62:fe:51:fd:3e:02:0b:10:52:cc:51:61:e2:b5:1d:e7:
         d0:9e:d2:5b:5c:d3:2d:ce:a1:af:3d:7f:d4:0e:04:1f:70:57:
         eb:88:45:fa:25:ac:6e:48:ff:17:ab:05:c6:3b:20:4c:3b:a7:
         d0:68:d7:14:f8:a8:56:9b:8d:a3:92:c1:ac:42:b0:ba:b2:5b:
         ec:aa:42:26:0d:1c:4c:3f:f8:e1:df:43:77:6a:07:13:2c:fa:
         77:db:da:41:88:24:71:c2:02:7a:df:23:f7:d9:70:78:a0:54:
         71:8a:f1:e2:3e:f4:b1:ae:e1:bd:dd:28:c3:2b:69:47:ce:4a:
         6f:25:a3:34:45:cd:66:cc:6d:93:fb:56:74:8d:ce:3a:a4:53:
         d3:b2:af:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAZjwsUHfao8wctW2lErfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzVmNmZmNTY3YmRlOTMzOTRmZmYyODJmYWQ0MTdkYTBi
NTM2MTQwHhcNMjUxMTExMTMwMTE1WhcNMjUxMTEyMTMwMTE1WjAzMTEwLwYDVQQD
Eyg0ZmU5OTg2ZmExZGI5ZTY3YWMwNjAzODBmYzQ2ZDY2NDYzYWM3MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVdtYqiBdc3Lwen4JIFTqSSMWb9f
qHBsUQGQrptUwtw/nxr0VuhrFdWx9P2/IrdAxTshWoK8awApy1KbQZpZJPcUg2Q8
WiDLzcMQt1QJdFzTpZMEDV/tdOw4kK13gWmUYWv1UE9EPE8+nf/5qNaJhob/9JYr
Fx0q+SW1JaOAMSlXAu8toSfhgfN20+7WJFZ68IPMfldNSb8MI913uUUrpoHGBAFt
gb20vHgXgs6OEHQvv7EN3p/G413DRqi63wpdtEf7KVx1Kqs71N0l0ZKRnj2/2Lkm
O2nhtv5/YRiFDySJVigiIVsCS77PvNf+iL7FERstabhn5EPq9WWOE/uE6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/pmG+h255nrAYDgPxG1mRjrHHpMB8GA1UdIwQY
MBaAFM019v9We96TOU//KC+tQX2gtTYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wOWRkZGYtZjgzZi00NjUwLWEzNDct
NDRhMzA3NTQ1ZDc0LzEvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wOWRkZGYtZjgzZi00NjUwLWEzNDctNDRhMzA3NTQ1ZDc0
LzEvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARCuOebZk
9G+uKlElfko8WhDsR0NfalqvlhRmo0RvF5egaAQXXzdnfijw3/xlZloJsNedRF5p
FECVIE+INnx4YId8SdaayE6Are3afkJFtEFYQMdBicg+t//4GFdBJdkX5ECRXXRv
jaGHovO9oI1i/lH9PgILEFLMUWHitR3n0J7SW1zTLc6hrz1/1A4EH3BX64hF+iWs
bkj/F6sFxjsgTDun0GjXFPioVpuNo5LBrEKwurJb7KpCJg0cTD/44d9Dd2oHEyz6
d9vaQYgkccICet8j99lweKBUcYrx4j70sa7hvd0owytpR85KbyWjNEXNZsxtk/tW
dI3OOqRT07Kv5Q==
-----END CERTIFICATE-----