Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
File:                     ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft (raw, json)
Hash identifier:          pZwEjnLScxOmbQtUCxwt9o8gmaZ0+JQMsx2kW3LZa84=
Subject key identifier:   5D:6A:8D:34:47:EA:CD:8E:D5:E2:A1:D5:79:9E:99:20:A3:0C:9E:DE
Authority key identifier: 65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57
Certificate issuer:       /CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
Certificate serial:       01992255CA1D5342987B9D2EA5FF87B94D12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
Manifest number:          0124
Signing time:             Sun 07 Sep 2025 04:01:11 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:11 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:11 +0000
Files and hashes:         1: ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl (hash: rmyJXSKMvBhDsTmDCdWs41l1F9adEi/ppMNuGTO5iRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:ca:1d:53:42:98:7b:9d:2e:a5:ff:87:b9:4d:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
        Validity
            Not Before: Sep  7 04:01:11 2025 GMT
            Not After : Sep  8 04:01:11 2025 GMT
        Subject: CN=5d6a8d3447eacd8ed5e2a1d5799e9920a30c9ede
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:1e:de:66:fc:52:4e:7b:bd:6f:53:02:6a:08:
                    56:51:c5:b2:b2:50:90:8c:21:64:5c:f9:b2:82:bf:
                    19:77:6b:0f:a4:88:5c:fc:2a:c9:45:73:5a:61:de:
                    bf:20:6a:3b:0b:01:6c:32:70:f1:88:2f:9b:2a:ac:
                    8b:74:de:9f:c5:0e:c5:90:8f:1e:99:7e:0d:ed:15:
                    9e:07:54:fe:7a:27:22:85:e5:3e:f6:f6:80:56:a3:
                    49:c3:35:4b:a1:35:33:1f:0f:54:73:9b:e4:21:b9:
                    3b:a7:b4:fd:97:d4:37:b2:b0:c0:75:ea:e3:44:09:
                    83:de:6f:73:8e:0b:62:5f:80:16:86:44:0c:75:d0:
                    bc:34:0f:a3:25:4c:d5:80:37:f4:66:c0:15:0a:d5:
                    33:17:2a:37:a2:24:f3:7f:72:a2:dc:1b:f9:19:97:
                    92:a9:4a:50:bc:42:3b:d3:9e:9b:db:3b:00:70:d2:
                    05:7f:f6:f3:57:3e:e2:59:5d:03:03:45:48:b0:21:
                    1d:6c:9a:80:7c:10:01:c9:5f:03:d8:1f:3e:85:e5:
                    41:54:25:3d:49:44:a3:fe:07:1c:ad:bf:90:b8:06:
                    42:73:78:75:30:c5:51:d5:ab:ab:f0:a6:19:4c:0b:
                    8d:3b:80:7f:29:e6:e2:d6:8d:78:af:e3:21:28:34:
                    21:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6A:8D:34:47:EA:CD:8E:D5:E2:A1:D5:79:9E:99:20:A3:0C:9E:DE
            X509v3 Authority Key Identifier:
                keyid:65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:75:9d:42:7a:ee:0d:7e:7b:90:ef:41:54:97:b9:68:dc:14:
         77:5c:62:c4:fc:17:33:2f:14:5c:c4:ad:fd:6f:cb:11:78:fd:
         38:8e:aa:75:3b:54:a0:01:39:ba:d3:55:a7:57:27:db:e3:d5:
         37:52:68:f8:e8:41:c1:79:d3:f3:ba:01:90:10:3a:03:cc:1c:
         29:45:be:c3:83:67:b4:01:82:83:99:25:7e:af:6b:48:78:03:
         37:35:1b:08:48:79:bc:a6:77:4c:65:76:db:39:fe:89:1f:64:
         83:42:f0:95:4d:af:2b:bc:44:1c:95:c1:6e:5f:4f:64:f9:ee:
         4c:ce:91:8f:6b:c2:36:12:50:d0:02:44:c8:c6:fd:78:cd:3b:
         7b:a8:88:45:ec:4c:78:7d:bc:94:9e:78:bd:a3:d2:28:d2:97:
         e0:e0:51:4c:ff:a5:de:e0:81:0b:78:2b:30:80:86:90:a7:68:
         8f:46:04:68:60:d4:58:46:38:5c:0d:1e:99:01:c2:51:5f:75:
         53:0a:41:7b:3d:da:b9:73:85:45:b7:68:3d:90:03:dc:e2:c3:
         68:96:df:1d:aa:fe:e3:1a:2d:2f:4c:dc:a5:9c:5e:73:f4:f8:
         99:20:55:6f:08:dd:8a:b3:b4:34:5d:a9:07:3e:28:9a:5b:fd:
         68:7f:38:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVcodU0KYe50upf+HuU0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDA5MzIxNzJhYTJkMWM3N2M0YmI5ODM3MGFhYjNkZTZh
YzM0NTcwHhcNMjUwOTA3MDQwMTExWhcNMjUwOTA4MDQwMTExWjAzMTEwLwYDVQQD
Eyg1ZDZhOGQzNDQ3ZWFjZDhlZDVlMmExZDU3OTllOTkyMGEzMGM5ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0R7eZvxSTnu9b1MCaghWUcWyslCQ
jCFkXPmygr8Zd2sPpIhc/CrJRXNaYd6/IGo7CwFsMnDxiC+bKqyLdN6fxQ7FkI8e
mX4N7RWeB1T+eiciheU+9vaAVqNJwzVLoTUzHw9Uc5vkIbk7p7T9l9Q3srDAderj
RAmD3m9zjgtiX4AWhkQMddC8NA+jJUzVgDf0ZsAVCtUzFyo3oiTzf3Ki3Bv5GZeS
qUpQvEI7056b2zsAcNIFf/bzVz7iWV0DA0VIsCEdbJqAfBAByV8D2B8+heVBVCU9
SUSj/gccrb+QuAZCc3h1MMVR1aur8KYZTAuNO4B/Kebi1o14r+MhKDQhbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1qjTRH6s2O1eKh1XmemSCjDJ7eMB8GA1UdIwQY
MBaAFGXQkyFyqi0cd8S7mDcKqz3mrDRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMt
MWVkZGU2YzlkOTZhLzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMtMWVkZGU2YzlkOTZh
LzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALHWdQnru
DX57kO9BVJe5aNwUd1xixPwXMy8UXMSt/W/LEXj9OI6qdTtUoAE5utNVp1cn2+PV
N1Jo+OhBwXnT87oBkBA6A8wcKUW+w4NntAGCg5klfq9rSHgDNzUbCEh5vKZ3TGV2
2zn+iR9kg0LwlU2vK7xEHJXBbl9PZPnuTM6Rj2vCNhJQ0AJEyMb9eM07e6iIRexM
eH28lJ54vaPSKNKX4OBRTP+l3uCBC3grMICGkKdoj0YEaGDUWEY4XA0emQHCUV91
UwpBez3auXOFRbdoPZAD3OLDaJbfHar+4xotL0zcpZxec/T4mSBVbwjdirO0NF2p
Bz4omlv9aH842A==
-----END CERTIFICATE-----