Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
File:                     xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft (raw, json)
Hash identifier:          62kvtancyNrhTOuFXEzUL6SV/zUsMDxAAOiCWySHmzM=
Subject key identifier:   F5:65:EA:B1:59:FC:09:2B:7F:1E:28:E6:27:C3:98:37:8D:DB:AE:17
Authority key identifier: C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F
Certificate issuer:       /CN=c596785476efbae77f961d23057057fa036fb27f
Certificate serial:       0199228C98FA572485E5875DA71C8E8D5391
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
Manifest number:          151D
Signing time:             Sun 07 Sep 2025 05:01:03 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:03 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:03 +0000
Files and hashes:         1: xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl (hash: V90gKEZLufZaBaNn/FYkFEFknpg01yx/ewG+WjbZCjc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:98:fa:57:24:85:e5:87:5d:a7:1c:8e:8d:53:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c596785476efbae77f961d23057057fa036fb27f
        Validity
            Not Before: Sep  7 05:01:03 2025 GMT
            Not After : Sep  8 05:01:03 2025 GMT
        Subject: CN=f565eab159fc092b7f1e28e627c398378ddbae17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:10:a0:a4:8e:9c:23:6a:04:74:06:b7:8b:fd:
                    ce:d3:48:09:0c:38:77:19:89:a0:77:9e:4b:d0:3b:
                    88:3f:ff:1f:60:71:78:64:e0:e7:df:c5:89:f6:2d:
                    2e:2d:a7:db:0d:09:69:ce:34:36:84:c9:3e:b7:77:
                    c4:46:47:49:91:c0:82:81:14:c1:e3:f9:e1:76:72:
                    ad:e8:12:d6:87:93:a0:24:b1:34:51:1d:eb:44:e7:
                    94:2c:ea:8d:cf:02:f9:7b:51:ed:97:79:28:cc:91:
                    a2:6b:82:ac:3a:28:d0:b6:cd:cd:fd:3c:5a:a5:06:
                    dc:a2:0e:0a:66:72:55:b6:a6:f7:8c:21:5a:c8:1b:
                    61:33:95:48:7c:82:09:53:28:83:ae:2f:67:3d:b6:
                    d2:18:2a:4d:fb:2a:06:fa:09:40:f0:0e:ab:6d:c0:
                    0b:ff:9a:c8:5e:ec:34:00:f6:20:b6:83:7b:10:6e:
                    51:c6:b1:4b:8e:25:6e:7d:23:a2:c9:45:28:e7:61:
                    86:ec:99:08:a5:f3:0a:99:43:a5:30:5d:ac:33:df:
                    22:94:29:61:e6:55:32:e4:56:cf:d5:d6:bf:8c:c3:
                    73:f3:4f:1e:46:33:0f:a8:60:2f:51:0a:5b:ad:07:
                    c8:52:d3:c6:fa:ce:04:53:68:df:43:ed:50:6c:13:
                    36:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:65:EA:B1:59:FC:09:2B:7F:1E:28:E6:27:C3:98:37:8D:DB:AE:17
            X509v3 Authority Key Identifier:
                keyid:C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:7e:d3:55:18:e6:85:20:b8:5d:3b:1b:f4:e9:5d:2a:4b:55:
         f1:a0:b6:0a:b5:dc:48:85:c0:5d:da:1b:84:30:96:96:bb:90:
         3e:77:ec:aa:4e:b9:20:fe:00:77:b6:b7:3d:04:98:fa:85:6c:
         79:76:b8:55:bd:99:4b:7a:b7:69:0b:7f:a5:25:8e:de:60:05:
         ea:02:26:24:3e:6b:74:f6:a4:3e:95:8c:42:05:b0:d8:9f:d2:
         71:82:f4:9b:c3:cc:55:56:af:4b:88:66:5d:fa:62:b4:df:02:
         ab:ee:61:ac:96:eb:a1:c6:2e:94:e7:22:4e:bd:36:e7:05:31:
         7a:f0:a9:dc:bf:49:71:cf:a0:65:32:37:c1:f2:35:a5:b7:e7:
         9f:56:03:37:04:cd:68:f0:07:a3:cd:f4:b8:45:6f:1b:4b:47:
         ca:5d:94:1d:da:c9:7c:af:c4:12:f7:09:05:bf:71:15:a7:e5:
         ef:39:12:87:09:4f:26:17:e1:3f:23:bd:fa:a3:d1:db:a9:ea:
         ab:d4:a7:0f:8b:a9:d8:c5:37:0a:ba:b4:66:f7:67:f1:78:40:
         13:7d:84:a0:d1:9b:09:c1:2d:70:d6:7c:c1:7e:50:49:b2:d4:
         16:c3:b1:b2:eb:5a:c9:2c:20:dc:b0:80:9a:92:ff:b5:42:af:
         91:c1:7b:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijJj6VySF5YddpxyOjVORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTY3ODU0NzZlZmJhZTc3Zjk2MWQyMzA1NzA1N2ZhMDM2
ZmIyN2YwHhcNMjUwOTA3MDUwMTAzWhcNMjUwOTA4MDUwMTAzWjAzMTEwLwYDVQQD
EyhmNTY1ZWFiMTU5ZmMwOTJiN2YxZTI4ZTYyN2MzOTgzNzhkZGJhZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBCgpI6cI2oEdAa3i/3O00gJDDh3
GYmgd55L0DuIP/8fYHF4ZODn38WJ9i0uLafbDQlpzjQ2hMk+t3fERkdJkcCCgRTB
4/nhdnKt6BLWh5OgJLE0UR3rROeULOqNzwL5e1Htl3kozJGia4KsOijQts3N/Txa
pQbcog4KZnJVtqb3jCFayBthM5VIfIIJUyiDri9nPbbSGCpN+yoG+glA8A6rbcAL
/5rIXuw0APYgtoN7EG5RxrFLjiVufSOiyUUo52GG7JkIpfMKmUOlMF2sM98ilClh
5lUy5FbP1da/jMNz808eRjMPqGAvUQpbrQfIUtPG+s4EU2jfQ+1QbBM2hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVl6rFZ/Akrfx4o5ifDmDeN264XMB8GA1UdIwQY
MBaAFMWWeFR277rnf5YdIwVwV/oDb7J/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzct
ZWJmNWYwNDMzNzcyLzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzctZWJmNWYwNDMzNzcy
LzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyH7TVRjm
hSC4XTsb9OldKktV8aC2CrXcSIXAXdobhDCWlruQPnfsqk65IP4Ad7a3PQSY+oVs
eXa4Vb2ZS3q3aQt/pSWO3mAF6gImJD5rdPakPpWMQgWw2J/ScYL0m8PMVVavS4hm
XfpitN8Cq+5hrJbrocYulOciTr025wUxevCp3L9Jcc+gZTI3wfI1pbfnn1YDNwTN
aPAHo830uEVvG0tHyl2UHdrJfK/EEvcJBb9xFafl7zkShwlPJhfhPyO9+qPR26nq
q9SnD4up2MU3Crq0Zvdn8XhAE32EoNGbCcEtcNZ8wX5QSbLUFsOxsutaySwg3LCA
mpL/tUKvkcF7Wg==
-----END CERTIFICATE-----