Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
File:                     Zr5SEJO7idx2JQsif39_umbiKNg.mft (raw, json)
Hash identifier:          M241W1NvFbTSHq1xhzj9oZEE8H3HtDywIsmBc0lti5w=
Subject key identifier:   EA:78:26:D2:A9:E7:E5:55:F4:E3:BD:7B:EA:02:68:BD:39:25:44:43
Authority key identifier: 66:BE:52:10:93:BB:89:DC:76:25:0B:22:7F:7F:7F:BA:66:E2:28:D8
Certificate issuer:       /CN=66be521093bb89dc76250b227f7f7fba66e228d8
Certificate serial:       019A7226163C27948CD088AAB172FDC12031
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
Manifest number:          0273
Signing time:             Tue 11 Nov 2025 09:01:29 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:29 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:29 +0000
Files and hashes:         1: Zr5SEJO7idx2JQsif39_umbiKNg.crl (hash: kKmVGFc5vaiLXQv+oUJDlR2yHaPJtOUG38/FUPBBFi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:16:3c:27:94:8c:d0:88:aa:b1:72:fd:c1:20:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66be521093bb89dc76250b227f7f7fba66e228d8
        Validity
            Not Before: Nov 11 09:01:29 2025 GMT
            Not After : Nov 12 09:01:29 2025 GMT
        Subject: CN=ea7826d2a9e7e555f4e3bd7bea0268bd39254443
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:64:59:2a:7b:aa:1b:dd:56:b5:ff:47:e7:44:
                    ee:7c:e1:32:de:95:8d:d2:ec:c3:e0:37:9f:d2:56:
                    c5:46:76:6b:30:fe:e9:21:a9:cf:d0:8a:c1:a8:5b:
                    34:9c:a3:46:8b:0e:f5:aa:ca:cf:2e:87:3d:c4:14:
                    b1:ab:d4:29:aa:3d:85:50:dd:15:01:a7:16:c6:90:
                    00:ce:a6:29:da:f0:fb:fc:a4:09:0e:86:a3:6e:2f:
                    06:e1:a4:9d:7d:02:ea:06:f0:5a:a7:3e:15:6e:62:
                    3c:ea:9b:a6:81:77:34:91:cf:72:99:0d:c4:ea:b4:
                    a1:96:e2:82:79:d4:91:34:52:0c:60:af:73:31:d0:
                    64:a4:6b:96:3e:b1:57:8e:c7:06:6c:e7:cc:4a:0a:
                    b6:9d:e1:5a:f9:3e:d5:8a:96:e2:2e:60:d7:07:61:
                    13:5c:72:96:da:64:6f:7a:09:e1:86:60:f6:31:e5:
                    ff:ad:44:79:32:18:1a:ac:1b:db:2b:dc:2c:50:7b:
                    8c:8f:99:73:1c:3b:71:13:08:d8:fd:83:4d:53:49:
                    f4:d3:54:a0:8f:34:3b:b9:3c:33:94:dc:3f:22:b7:
                    22:61:40:41:b0:ad:99:2b:45:eb:a9:7a:98:96:38:
                    ad:a1:8f:a0:07:36:6b:46:51:de:0f:9f:22:75:4e:
                    08:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:78:26:D2:A9:E7:E5:55:F4:E3:BD:7B:EA:02:68:BD:39:25:44:43
            X509v3 Authority Key Identifier:
                keyid:66:BE:52:10:93:BB:89:DC:76:25:0B:22:7F:7F:7F:BA:66:E2:28:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:46:db:34:dc:15:df:4c:88:02:09:df:8c:99:2b:be:49:ac:
         68:68:0b:c6:ac:42:3c:1c:a3:0c:71:05:1b:01:bb:99:ef:1d:
         af:09:f8:47:47:f0:45:1d:c0:d0:78:4d:f1:73:35:09:b2:9d:
         52:7f:de:40:e8:80:a2:1e:81:5d:c7:95:c8:84:d8:94:d2:ed:
         75:b8:34:f9:81:53:0c:fd:02:56:8d:53:9d:84:27:2e:7e:c4:
         e7:85:88:f1:a8:e4:8b:64:6f:b8:63:6b:ed:d3:ec:7f:4f:cc:
         31:f5:5e:6d:ba:c1:9b:fc:af:aa:ba:2e:b7:37:f4:cf:e6:ba:
         a1:e1:a8:e2:a5:ab:68:5a:84:d9:ac:76:63:0d:c4:9b:07:82:
         3c:98:cd:46:26:37:ac:c1:67:56:71:d0:7d:07:1f:96:ce:30:
         d7:16:4e:ab:a6:d2:1c:4b:be:e3:85:5f:88:27:cc:3f:09:3b:
         57:97:8b:6c:bd:8a:f7:d4:5d:23:38:a7:fa:40:b7:14:a4:d5:
         26:07:b9:e4:08:3d:54:43:80:fb:45:44:e7:04:25:04:79:38:
         49:5b:7c:b4:f5:08:e4:fe:c1:08:b4:c5:06:2c:4a:88:ea:19:
         fd:56:ae:6d:4e:91:4a:3b:2e:8f:e7:b2:9c:24:06:01:d6:56:
         13:f9:00:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhY8J5SM0IiqsXL9wSAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YmU1MjEwOTNiYjg5ZGM3NjI1MGIyMjdmN2Y3ZmJhNjZl
MjI4ZDgwHhcNMjUxMTExMDkwMTI5WhcNMjUxMTEyMDkwMTI5WjAzMTEwLwYDVQQD
EyhlYTc4MjZkMmE5ZTdlNTU1ZjRlM2JkN2JlYTAyNjhiZDM5MjU0NDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmRZKnuqG91Wtf9H50TufOEy3pWN
0uzD4Def0lbFRnZrMP7pIanP0IrBqFs0nKNGiw71qsrPLoc9xBSxq9Qpqj2FUN0V
AacWxpAAzqYp2vD7/KQJDoajbi8G4aSdfQLqBvBapz4VbmI86pumgXc0kc9ymQ3E
6rShluKCedSRNFIMYK9zMdBkpGuWPrFXjscGbOfMSgq2neFa+T7VipbiLmDXB2ET
XHKW2mRvegnhhmD2MeX/rUR5MhgarBvbK9wsUHuMj5lzHDtxEwjY/YNNU0n001Sg
jzQ7uTwzlNw/IrciYUBBsK2ZK0XrqXqYljitoY+gBzZrRlHeD58idU4IiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOp4JtKp5+VV9OO9e+oCaL05JURDMB8GA1UdIwQY
MBaAFGa+UhCTu4ncdiULIn9/f7pm4ijYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zMmY5YjMtZGUyYi00MWY1LWE5NDkt
OTAwMzBkMDQwZmY3LzEvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8zMmY5YjMtZGUyYi00MWY1LWE5NDktOTAwMzBkMDQwZmY3
LzEvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakbbNNwV
30yIAgnfjJkrvkmsaGgLxqxCPByjDHEFGwG7me8drwn4R0fwRR3A0HhN8XM1CbKd
Un/eQOiAoh6BXceVyITYlNLtdbg0+YFTDP0CVo1TnYQnLn7E54WI8ajki2RvuGNr
7dPsf0/MMfVebbrBm/yvqroutzf0z+a6oeGo4qWraFqE2ax2Yw3EmweCPJjNRiY3
rMFnVnHQfQcfls4w1xZOq6bSHEu+44VfiCfMPwk7V5eLbL2K99RdIzin+kC3FKTV
Jge55Ag9VEOA+0VE5wQlBHk4SVt8tPUI5P7BCLTFBixKiOoZ/VaubU6RSjsuj+ey
nCQGAdZWE/kATw==
-----END CERTIFICATE-----