Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.mft
File:                     zEHDryzVmGV10bz2Xsnod2Zu3jY.mft (raw, json)
Hash identifier:          FBJtJig4sUf9JEkHpLz+Giut1U2YdfZW/jKGZdIB2Uc=
Subject key identifier:   00:11:5B:CC:99:BA:A4:7C:74:A0:17:B9:F6:85:1A:1D:F7:96:B9:10
Authority key identifier: CC:41:C3:AF:2C:D5:98:65:75:D1:BC:F6:5E:C9:E8:77:66:6E:DE:36
Certificate issuer:       /CN=cc41c3af2cd5986575d1bcf65ec9e877666ede36
Certificate serial:       019A71B7E61E499B49C71BCD20D35575EF03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zEHDryzVmGV10bz2Xsnod2Zu3jY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.mft
Manifest number:          13B0
Signing time:             Tue 11 Nov 2025 07:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:08 +0000
Files and hashes:         1: zEHDryzVmGV10bz2Xsnod2Zu3jY.crl (hash: jM0+I+f0d2mzIcPpKTmjXQY4vzfck2KB1xn7tObkYV0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zEHDryzVmGV10bz2Xsnod2Zu3jY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:e6:1e:49:9b:49:c7:1b:cd:20:d3:55:75:ef:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc41c3af2cd5986575d1bcf65ec9e877666ede36
        Validity
            Not Before: Nov 11 07:01:08 2025 GMT
            Not After : Nov 12 07:01:08 2025 GMT
        Subject: CN=00115bcc99baa47c74a017b9f6851a1df796b910
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:63:aa:6f:0a:11:f2:f9:92:89:e8:39:cf:b8:
                    0a:dc:b3:77:8b:12:3d:0a:b5:80:7c:56:54:dc:8f:
                    54:8a:4c:67:85:14:47:e0:65:ca:d6:6f:ed:08:84:
                    06:45:f1:01:ae:8a:bf:94:9c:6d:53:ea:86:07:a8:
                    df:e8:77:f9:4f:d7:66:76:ac:4a:81:6f:99:1d:1d:
                    9d:93:ec:2d:34:dc:58:c4:61:94:17:5f:aa:7c:83:
                    34:dc:ac:4c:8d:a1:de:0f:51:74:29:b5:fb:5b:6d:
                    c3:fa:73:1f:60:13:ce:37:73:bf:63:4f:10:7d:0e:
                    41:04:86:fa:03:ce:a5:70:81:51:82:50:fe:ab:88:
                    e1:b1:1e:8c:45:23:3d:98:5c:cb:e4:af:0b:61:ff:
                    dc:64:d4:6a:af:8c:0e:95:c0:cd:8f:0a:2c:47:64:
                    fb:50:bb:87:53:eb:98:65:17:24:50:27:d6:99:d2:
                    88:30:1c:66:0a:40:9c:96:b6:7e:df:ca:77:64:90:
                    14:c5:14:ca:50:8a:60:62:29:0e:d5:68:3f:a8:72:
                    66:69:33:63:f1:e3:63:06:ac:a4:72:05:85:4a:ba:
                    fe:6b:ab:36:7d:b5:62:9b:86:66:80:a9:1c:80:15:
                    95:f5:6c:d2:a2:91:9a:23:2c:b2:ff:63:a4:c2:6d:
                    f3:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:11:5B:CC:99:BA:A4:7C:74:A0:17:B9:F6:85:1A:1D:F7:96:B9:10
            X509v3 Authority Key Identifier:
                keyid:CC:41:C3:AF:2C:D5:98:65:75:D1:BC:F6:5E:C9:E8:77:66:6E:DE:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zEHDryzVmGV10bz2Xsnod2Zu3jY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9a6e51-4a8f-40d3-b0fa-4c6522453c9a/1/zEHDryzVmGV10bz2Xsnod2Zu3jY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:be:98:8b:b1:be:a0:75:c0:54:ba:90:55:2c:8f:06:85:a7:
         0e:ca:02:fe:69:2c:2c:1f:21:45:04:11:f4:58:75:cc:3d:ca:
         50:8d:16:8b:0b:fb:4b:dd:15:7f:0b:f8:5b:3d:e0:4f:19:c8:
         e5:06:ac:db:84:da:46:11:33:2a:40:63:18:c9:d9:56:5a:c7:
         6b:83:e9:18:c8:90:cc:06:b0:0e:f4:e5:55:c3:6d:cd:1b:50:
         52:1f:c7:e3:2e:c7:f9:6b:a5:c0:8f:7e:f7:50:f7:7c:90:ad:
         52:69:7e:60:46:65:02:7b:4b:e5:85:8d:53:56:4d:cb:c6:da:
         22:88:ee:d4:ce:2f:87:8a:5b:02:40:b8:9a:3c:8e:5e:d5:26:
         65:a6:6a:28:07:63:ad:e6:de:b1:29:4a:9c:27:dc:8a:52:44:
         b6:7c:db:65:44:db:e3:91:e4:7c:4e:e0:82:fa:1e:13:cd:23:
         93:a6:fe:f5:3b:14:e3:5f:ea:33:6b:87:ae:96:ec:f8:fd:20:
         eb:5c:e1:d7:90:fa:5a:02:19:e2:64:8b:23:ea:55:4f:34:6e:
         3b:02:0f:6b:ea:c7:74:c6:42:51:a4:7b:12:ed:8b:41:21:fe:
         87:7f:5d:e4:10:28:66:e3:ab:a2:8e:d3:50:4c:2b:9b:a5:d2:
         aa:14:e7:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+YeSZtJxxvNINNVde8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNDFjM2FmMmNkNTk4NjU3NWQxYmNmNjVlYzllODc3NjY2
ZWRlMzYwHhcNMjUxMTExMDcwMTA4WhcNMjUxMTEyMDcwMTA4WjAzMTEwLwYDVQQD
EygwMDExNWJjYzk5YmFhNDdjNzRhMDE3YjlmNjg1MWExZGY3OTZiOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGOqbwoR8vmSieg5z7gK3LN3ixI9
CrWAfFZU3I9UikxnhRRH4GXK1m/tCIQGRfEBroq/lJxtU+qGB6jf6Hf5T9dmdqxK
gW+ZHR2dk+wtNNxYxGGUF1+qfIM03KxMjaHeD1F0KbX7W23D+nMfYBPON3O/Y08Q
fQ5BBIb6A86lcIFRglD+q4jhsR6MRSM9mFzL5K8LYf/cZNRqr4wOlcDNjwosR2T7
ULuHU+uYZRckUCfWmdKIMBxmCkCclrZ+38p3ZJAUxRTKUIpgYikO1Wg/qHJmaTNj
8eNjBqykcgWFSrr+a6s2fbVim4ZmgKkcgBWV9WzSopGaIyyy/2Okwm3zBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAARW8yZuqR8dKAXufaFGh33lrkQMB8GA1UdIwQY
MBaAFMxBw68s1ZhlddG89l7J6Hdmbt42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekVIRHJ5elZtR1YxMGJ6Mlhzbm9kMlp1M2pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YTZlNTEtNGE4Zi00MGQzLWIwZmEt
NGM2NTIyNDUzYzlhLzEvekVIRHJ5elZtR1YxMGJ6Mlhzbm9kMlp1M2pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YTZlNTEtNGE4Zi00MGQzLWIwZmEtNGM2NTIyNDUzYzlh
LzEvekVIRHJ5elZtR1YxMGJ6Mlhzbm9kMlp1M2pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXr6Yi7G+
oHXAVLqQVSyPBoWnDsoC/mksLB8hRQQR9Fh1zD3KUI0Wiwv7S90Vfwv4Wz3gTxnI
5Qas24TaRhEzKkBjGMnZVlrHa4PpGMiQzAawDvTlVcNtzRtQUh/H4y7H+WulwI9+
91D3fJCtUml+YEZlAntL5YWNU1ZNy8baIoju1M4vh4pbAkC4mjyOXtUmZaZqKAdj
rebesSlKnCfcilJEtnzbZUTb45HkfE7ggvoeE80jk6b+9TsU41/qM2uHrpbs+P0g
61zh15D6WgIZ4mSLI+pVTzRuOwIPa+rHdMZCUaR7Eu2LQSH+h39d5BAoZuOroo7T
UEwrm6XSqhTndw==
-----END CERTIFICATE-----