Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
File:                     ZTwsX-3AjoxdH2VGksPkVkDIou0.mft (raw, json)
Hash identifier:          d9akRDnX87PeGfJL+Ha6aLTaPmqo/xFCFCO912UohBw=
Subject key identifier:   68:10:9B:02:5F:B0:1C:2C:87:30:50:AD:87:BB:BE:04:A2:CA:3A:66
Authority key identifier: 65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED
Certificate issuer:       /CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
Certificate serial:       019A71B8DAAFA684B7E04D4C1E8397ED0116
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
Manifest number:          0C22
Signing time:             Tue 11 Nov 2025 07:02:11 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:11 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:11 +0000
Files and hashes:         1: ZTwsX-3AjoxdH2VGksPkVkDIou0.crl (hash: StQDRxyFy7/5D+nuROb5hy7sYmyFBl77H7n7E6LFIQA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:da:af:a6:84:b7:e0:4d:4c:1e:83:97:ed:01:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
        Validity
            Not Before: Nov 11 07:02:11 2025 GMT
            Not After : Nov 12 07:02:11 2025 GMT
        Subject: CN=68109b025fb01c2c873050ad87bbbe04a2ca3a66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f9:d7:56:4c:20:85:f8:4d:f1:b4:09:2b:b7:
                    4e:99:32:bf:26:48:78:f7:9d:40:99:72:61:90:68:
                    fd:bd:d3:e9:49:08:59:43:a5:83:5c:e8:6e:b2:2a:
                    3a:2c:dd:a3:82:07:3f:f2:2f:64:84:1c:b7:7d:8a:
                    b3:01:af:e3:39:f6:93:6a:70:ad:ed:d0:9e:71:48:
                    ed:bb:ac:6f:f6:f8:ae:d4:40:50:50:b0:9a:89:38:
                    be:ab:7d:93:64:4d:83:36:c6:f9:f2:00:8d:4a:de:
                    a0:34:f9:b6:75:22:39:5d:35:cb:2f:6e:e1:49:f4:
                    aa:df:51:6f:38:9a:ab:ef:55:63:4c:1f:82:86:be:
                    2f:4c:99:ab:fe:40:49:72:e7:65:2d:16:fc:bb:e6:
                    4d:f8:dd:2c:37:fb:65:56:19:e6:1a:97:54:2f:71:
                    ed:c2:cf:e5:97:68:a7:6e:cf:2e:a4:e0:91:53:d9:
                    7f:89:4f:c7:e4:ff:bc:11:77:7f:9c:e1:d6:b1:68:
                    c9:b9:f0:37:c7:c2:03:9b:96:b5:b9:0e:7a:fd:e0:
                    f3:99:40:9c:1a:75:64:8d:34:d9:04:7b:ca:52:51:
                    30:88:14:bf:be:0d:c1:ab:5e:18:d6:d6:a4:72:52:
                    99:f9:c4:41:89:17:9c:96:55:fd:f6:9a:53:35:57:
                    b2:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:10:9B:02:5F:B0:1C:2C:87:30:50:AD:87:BB:BE:04:A2:CA:3A:66
            X509v3 Authority Key Identifier:
                keyid:65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:59:0f:4b:33:00:6e:74:6c:78:58:b8:3e:93:72:04:5e:a7:
         80:bc:7a:65:32:52:fc:4d:78:87:4e:37:5d:e1:9a:54:37:ea:
         03:c9:79:02:f9:11:47:b4:e6:61:9b:ae:31:e7:7a:e1:14:0e:
         bd:7c:2b:16:f2:4f:0c:47:8b:7d:e2:3f:31:d0:0f:d5:da:ab:
         5e:3a:8b:8b:8f:cb:04:f5:93:fd:6b:2a:d9:2e:e0:9e:79:34:
         91:91:5c:a1:db:87:00:53:9e:f3:4d:f6:f4:34:6d:55:98:29:
         03:15:77:a1:d6:34:57:5f:f3:4a:9f:d6:93:0d:24:4f:c6:18:
         b5:ab:4c:19:de:f6:3b:ba:f0:ac:dc:25:a4:85:cf:86:4b:48:
         cc:e0:73:b3:48:8c:6c:0e:95:d6:21:f7:b7:82:6e:ae:d1:52:
         2d:d7:62:ba:4b:03:78:9a:00:b8:01:6e:65:81:7d:73:70:9a:
         bf:d7:c8:6a:c5:c4:c4:dc:f7:ec:64:71:c5:d2:07:f2:74:b2:
         a8:7a:e9:ea:af:7b:b7:a6:29:4c:f0:e6:2a:d7:8c:21:6c:b8:
         16:dc:d7:19:d3:e1:0d:6d:8b:31:fc:81:77:7c:1d:3c:9f:d0:
         d3:06:f3:46:0b:dc:bd:80:87:4f:25:7b:31:a2:46:39:1d:09:
         0e:38:94:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNqvpoS34E1MHoOX7QEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2MyYzVmZWRjMDhlOGM1ZDFmNjU0NjkyYzNlNDU2NDBj
OGEyZWQwHhcNMjUxMTExMDcwMjExWhcNMjUxMTEyMDcwMjExWjAzMTEwLwYDVQQD
Eyg2ODEwOWIwMjVmYjAxYzJjODczMDUwYWQ4N2JiYmUwNGEyY2EzYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfnXVkwghfhN8bQJK7dOmTK/Jkh4
951AmXJhkGj9vdPpSQhZQ6WDXOhusio6LN2jggc/8i9khBy3fYqzAa/jOfaTanCt
7dCecUjtu6xv9viu1EBQULCaiTi+q32TZE2DNsb58gCNSt6gNPm2dSI5XTXLL27h
SfSq31FvOJqr71VjTB+Chr4vTJmr/kBJcudlLRb8u+ZN+N0sN/tlVhnmGpdUL3Ht
ws/ll2inbs8upOCRU9l/iU/H5P+8EXd/nOHWsWjJufA3x8IDm5a1uQ56/eDzmUCc
GnVkjTTZBHvKUlEwiBS/vg3Bq14Y1takclKZ+cRBiRecllX99ppTNVeykwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgQmwJfsBwshzBQrYe7vgSiyjpmMB8GA1UdIwQY
MBaAFGU8LF/twI6MXR9lRpLD5FZAyKLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAt
MWNjYjU0ZjM3MmFhLzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAtMWNjYjU0ZjM3MmFh
LzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh1kPSzMA
bnRseFi4PpNyBF6ngLx6ZTJS/E14h043XeGaVDfqA8l5AvkRR7TmYZuuMed64RQO
vXwrFvJPDEeLfeI/MdAP1dqrXjqLi4/LBPWT/Wsq2S7gnnk0kZFcoduHAFOe8032
9DRtVZgpAxV3odY0V1/zSp/Wkw0kT8YYtatMGd72O7rwrNwlpIXPhktIzOBzs0iM
bA6V1iH3t4JurtFSLddiuksDeJoAuAFuZYF9c3Cav9fIasXExNz37GRxxdIH8nSy
qHrp6q97t6YpTPDmKteMIWy4FtzXGdPhDW2LMfyBd3wdPJ/Q0wbzRgvcvYCHTyV7
MaJGOR0JDjiURw==
-----END CERTIFICATE-----