Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
File:                     zb7dtaniq1M0dBCLfIAPgTLxDiE.mft (raw, json)
Hash identifier:          aONvJmKdJw+aBxZ1ri7+7ybp5N9UlhPaI67E4Q/xBac=
Subject key identifier:   2F:01:3D:8C:EF:47:8C:85:8D:AA:35:D6:77:D5:DC:4B:41:BE:33:A1
Authority key identifier: CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21
Certificate issuer:       /CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
Certificate serial:       019A7225F8A7D2042A0A8B05EC3CDFF9B5A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
Manifest number:          171F
Signing time:             Tue 11 Nov 2025 09:01:22 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:22 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:22 +0000
Files and hashes:         1: zb7dtaniq1M0dBCLfIAPgTLxDiE.crl (hash: l4MkUeG3Fy3BOWBpI3MFRqfdw/bMvcgBXPrsfj3HuNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:f8:a7:d2:04:2a:0a:8b:05:ec:3c:df:f9:b5:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
        Validity
            Not Before: Nov 11 09:01:22 2025 GMT
            Not After : Nov 12 09:01:22 2025 GMT
        Subject: CN=2f013d8cef478c858daa35d677d5dc4b41be33a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:94:37:01:57:6a:68:dc:00:45:44:bf:ff:f8:
                    0d:3e:61:b3:be:17:68:c8:ae:ea:5f:7f:67:46:9a:
                    36:ac:30:51:3b:7f:c3:e0:57:c8:e7:d9:c5:f4:6f:
                    17:34:23:ab:38:9d:5e:b5:51:cc:59:c9:3b:6c:1f:
                    75:6b:b2:e2:c0:d3:9a:83:33:9b:11:fa:8e:c4:12:
                    78:ac:6f:fb:6a:76:ad:d6:bc:20:73:ff:f5:d4:00:
                    d4:dd:f0:11:9c:c3:36:a8:1d:cf:52:2d:9e:30:86:
                    5a:2e:54:ae:20:cb:5e:a9:29:4c:44:ea:22:df:30:
                    4f:17:ae:88:1e:13:25:07:ee:e9:35:fa:29:6f:9f:
                    06:fc:80:06:70:e1:f6:4e:e8:c1:02:2c:5d:49:93:
                    53:8a:62:4f:11:4e:1e:c1:1d:48:cc:c4:49:0e:2e:
                    11:5a:09:98:61:d0:bd:a3:2b:55:c3:a8:67:65:7f:
                    66:f6:f2:27:6e:6c:46:60:64:a8:57:75:a9:4d:19:
                    e1:bf:36:66:53:94:cc:96:42:23:35:92:22:89:aa:
                    97:db:d9:79:4b:4a:72:5b:ae:57:75:82:6d:23:31:
                    e4:fd:4b:56:71:a3:03:c7:07:a4:dc:b3:d3:b5:21:
                    8e:dd:8b:71:02:30:68:fb:5a:40:0a:10:4d:c7:53:
                    3e:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:01:3D:8C:EF:47:8C:85:8D:AA:35:D6:77:D5:DC:4B:41:BE:33:A1
            X509v3 Authority Key Identifier:
                keyid:CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:9f:5f:02:ee:28:f3:35:f1:6b:c0:aa:9c:b2:c5:77:0c:9d:
         7f:ff:c8:55:b3:23:de:14:27:04:f4:db:ea:6a:8d:dc:9b:e0:
         df:19:aa:63:fb:3c:c5:5b:7a:a0:e9:28:75:61:85:99:7d:bf:
         c6:40:ec:b4:47:b1:88:4f:91:9a:e9:f8:36:0f:f0:28:61:ef:
         ce:05:46:fd:2d:61:ce:62:d5:e5:d2:fb:5b:37:70:63:12:02:
         0c:61:b9:c8:5c:87:21:2c:81:99:a6:1f:91:57:9b:8c:89:ac:
         f4:c6:df:3a:b0:26:ca:9c:b0:cb:14:ff:c9:59:69:45:0b:aa:
         fd:db:e7:1e:41:b0:92:e7:c7:4b:b9:d8:9e:bf:5c:77:71:cc:
         00:cd:05:53:d9:97:d0:44:9f:dc:6e:b7:b3:4a:67:78:d6:3e:
         68:f5:1c:9e:5f:2c:c4:8a:60:30:0a:9e:41:b7:de:05:0f:42:
         36:d7:48:aa:84:a4:19:97:6b:1c:d9:f4:e8:70:e9:e4:75:c6:
         f7:57:52:b7:46:e5:8c:f1:9a:77:8e:86:98:1f:63:9f:ff:31:
         05:7d:1e:f2:e7:cc:ec:6f:20:7a:3d:fb:b0:10:1e:24:15:15:
         e4:cf:78:46:15:d7:be:97:47:1b:1f:50:8a:40:ce:c0:d9:78:
         8f:18:d5:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJfin0gQqCosF7Dzf+bWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmVkZGI1YTllMmFiNTMzNDc0MTA4YjdjODAwZjgxMzJm
MTBlMjEwHhcNMjUxMTExMDkwMTIyWhcNMjUxMTEyMDkwMTIyWjAzMTEwLwYDVQQD
EygyZjAxM2Q4Y2VmNDc4Yzg1OGRhYTM1ZDY3N2Q1ZGM0YjQxYmUzM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpQ3AVdqaNwARUS///gNPmGzvhdo
yK7qX39nRpo2rDBRO3/D4FfI59nF9G8XNCOrOJ1etVHMWck7bB91a7LiwNOagzOb
EfqOxBJ4rG/7anat1rwgc//11ADU3fARnMM2qB3PUi2eMIZaLlSuIMteqSlMROoi
3zBPF66IHhMlB+7pNfopb58G/IAGcOH2TujBAixdSZNTimJPEU4ewR1IzMRJDi4R
WgmYYdC9oytVw6hnZX9m9vInbmxGYGSoV3WpTRnhvzZmU5TMlkIjNZIiiaqX29l5
S0pyW65XdYJtIzHk/UtWcaMDxwek3LPTtSGO3YtxAjBo+1pAChBNx1M+6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8BPYzvR4yFjao11nfV3EtBvjOhMB8GA1UdIwQY
MBaAFM2+3bWp4qtTNHQQi3yAD4Ey8Q4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQt
OWUxNDMzZjkzYjRlLzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQtOWUxNDMzZjkzYjRl
LzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADp9fAu4o
8zXxa8CqnLLFdwydf//IVbMj3hQnBPTb6mqN3Jvg3xmqY/s8xVt6oOkodWGFmX2/
xkDstEexiE+Rmun4Ng/wKGHvzgVG/S1hzmLV5dL7WzdwYxICDGG5yFyHISyBmaYf
kVebjIms9MbfOrAmypywyxT/yVlpRQuq/dvnHkGwkufHS7nYnr9cd3HMAM0FU9mX
0ESf3G63s0pneNY+aPUcnl8sxIpgMAqeQbfeBQ9CNtdIqoSkGZdrHNn06HDp5HXG
91dSt0bljPGad46GmB9jn/8xBX0e8ufM7G8gej37sBAeJBUV5M94RhXXvpdHGx9Q
ikDOwNl4jxjV1w==
-----END CERTIFICATE-----