Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          uyHpV1UHZW/FKr0zJpaKQzgpygyh7/BbZRDJst0ByG4=
Subject key identifier:   33:B3:01:F9:C2:6B:0D:61:8E:E9:5A:3A:BD:35:BD:B5:8E:C2:E8:E7
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       019A72263B9081ADDC73DA7C493D480F1694
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          0B43
Signing time:             Tue 11 Nov 2025 09:01:39 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:39 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:39 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: vhJVd0fRukQPiQMGYQJs+yhQajr3OBn8jYVFOkeyxnM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:3b:90:81:ad:dc:73:da:7c:49:3d:48:0f:16:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: Nov 11 09:01:39 2025 GMT
            Not After : Nov 12 09:01:39 2025 GMT
        Subject: CN=33b301f9c26b0d618ee95a3abd35bdb58ec2e8e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0b:1a:1c:8c:2c:36:65:b4:1a:24:09:0a:ec:
                    6d:d1:56:3e:d8:55:b8:c4:53:bf:19:c0:cb:8f:86:
                    27:da:c3:f9:55:db:3e:2c:41:38:ce:26:c2:18:04:
                    c4:1a:4e:2c:18:ce:fb:94:ad:7a:27:9b:ad:fa:53:
                    a4:c2:9f:40:5a:96:54:78:d7:df:b7:f9:c2:d1:13:
                    f6:09:d0:04:d7:24:a7:3c:79:a6:c0:9d:0e:b8:38:
                    bc:a4:f4:81:c5:80:e9:40:7b:37:cd:f0:07:b5:d8:
                    57:28:e9:c0:76:c1:03:54:93:28:80:c2:8a:91:7c:
                    9c:4e:00:bc:2e:eb:fb:b5:1f:93:53:ad:09:c2:82:
                    39:6b:e5:64:35:bb:b7:6d:11:73:30:94:0f:3c:cb:
                    cd:3a:d8:9b:a4:9d:f8:bf:23:11:3d:6c:97:b2:56:
                    a6:8d:4a:cb:f9:47:cc:b9:29:37:6f:80:a5:78:a5:
                    0a:68:a3:ba:0e:91:63:70:64:dd:ae:fa:74:2c:d9:
                    43:22:fd:1b:56:b9:ba:27:95:a8:22:e0:ce:57:cc:
                    4d:f1:be:65:31:3e:08:01:72:b6:92:41:9d:51:5c:
                    79:7d:18:dd:a6:73:d3:0b:2e:c4:ee:32:3d:6c:8f:
                    78:d2:ea:fa:a8:e5:b6:04:81:8b:7a:c6:52:70:b2:
                    d1:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:B3:01:F9:C2:6B:0D:61:8E:E9:5A:3A:BD:35:BD:B5:8E:C2:E8:E7
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:de:f1:cb:b8:6f:22:6b:73:c6:52:18:83:d4:3e:d9:ef:1b:
         1d:2e:fe:b2:4f:75:58:94:23:16:71:74:20:85:d5:0b:f8:08:
         49:34:20:61:27:51:88:f3:3a:bb:1a:76:2f:92:ef:4e:4e:91:
         57:95:d8:99:b8:c9:bd:70:2b:9c:87:87:61:94:4c:53:71:f5:
         16:0f:59:12:df:f8:b7:25:af:57:4a:8c:96:24:30:9f:c8:4b:
         cb:27:ae:07:48:b9:a6:de:5d:74:79:3b:04:a9:fb:1d:10:3b:
         91:a4:6b:b7:8d:ae:59:a0:db:c4:89:52:5f:b2:64:61:d1:a2:
         93:3e:06:08:b9:1f:59:d8:28:e7:82:b2:6f:31:63:90:a6:d9:
         a0:27:de:b2:64:c3:dc:e3:4c:1f:73:f1:fd:88:b0:6e:8c:ec:
         05:4e:9a:57:04:3f:cd:55:a8:64:28:e9:90:8e:fb:67:82:e9:
         88:92:2e:59:14:34:26:3e:52:58:6a:e8:e5:5b:9b:47:d5:25:
         93:d9:08:5c:d3:4b:d8:cc:16:04:50:1a:d8:f5:06:c2:2a:28:
         be:2c:e8:16:55:7f:4d:73:06:5e:fd:22:be:1b:5c:c0:2d:33:
         f1:92:61:e2:30:f8:20:f9:4f:b9:e8:98:76:a3:20:10:c4:d3:
         85:71:82:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJjuQga3cc9p8ST1IDxaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjUxMTExMDkwMTM5WhcNMjUxMTEyMDkwMTM5WjAzMTEwLwYDVQQD
EygzM2IzMDFmOWMyNmIwZDYxOGVlOTVhM2FiZDM1YmRiNThlYzJlOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQsaHIwsNmW0GiQJCuxt0VY+2FW4
xFO/GcDLj4Yn2sP5Vds+LEE4zibCGATEGk4sGM77lK16J5ut+lOkwp9AWpZUeNff
t/nC0RP2CdAE1ySnPHmmwJ0OuDi8pPSBxYDpQHs3zfAHtdhXKOnAdsEDVJMogMKK
kXycTgC8Luv7tR+TU60JwoI5a+VkNbu3bRFzMJQPPMvNOtibpJ34vyMRPWyXslam
jUrL+UfMuSk3b4CleKUKaKO6DpFjcGTdrvp0LNlDIv0bVrm6J5WoIuDOV8xN8b5l
MT4IAXK2kkGdUVx5fRjdpnPTCy7E7jI9bI940ur6qOW2BIGLesZScLLRLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOzAfnCaw1hjulaOr01vbWOwujnMB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWd7xy7hv
ImtzxlIYg9Q+2e8bHS7+sk91WJQjFnF0IIXVC/gISTQgYSdRiPM6uxp2L5LvTk6R
V5XYmbjJvXArnIeHYZRMU3H1Fg9ZEt/4tyWvV0qMliQwn8hLyyeuB0i5pt5ddHk7
BKn7HRA7kaRrt42uWaDbxIlSX7JkYdGikz4GCLkfWdgo54KybzFjkKbZoCfesmTD
3ONMH3Px/YiwbozsBU6aVwQ/zVWoZCjpkI77Z4LpiJIuWRQ0Jj5SWGro5VubR9Ul
k9kIXNNL2MwWBFAa2PUGwioovizoFlV/TXMGXv0ivhtcwC0z8ZJh4jD4IPlPueiY
dqMgEMTThXGC1A==
-----END CERTIFICATE-----