Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
File:                     zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json)
Hash identifier:          Ejuq3cA3kp64HOboerqTIHE+p/furUFtDzWIy9uEhUY=
Subject key identifier:   03:01:72:4F:F3:7C:1F:36:80:00:6C:A1:58:F4:A2:50:4D:3D:E0:25
Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
Certificate issuer:       /CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Certificate serial:       019A71B7B376EEDBF1EEAC59FE334F006C34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
Manifest number:          0698
Signing time:             Tue 11 Nov 2025 07:00:55 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:55 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:55 +0000
Files and hashes:         1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: sA9FmWMPqCdT0JoY2aODQr8DEArjqnlJ+SuWmNUdXes=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:b3:76:ee:db:f1:ee:ac:59:fe:33:4f:00:6c:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631
        Validity
            Not Before: Nov 11 07:00:55 2025 GMT
            Not After : Nov 12 07:00:55 2025 GMT
        Subject: CN=0301724ff37c1f3680006ca158f4a2504d3de025
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:11:2a:e0:07:49:2d:46:2f:cc:fc:c5:cb:8f:
                    24:f6:40:91:a1:b1:ab:bf:67:4e:35:28:cc:fa:1e:
                    1e:c7:83:af:09:84:a5:fe:24:d2:05:af:10:82:be:
                    f0:66:29:31:34:ac:41:65:f0:6b:a2:93:84:28:01:
                    a9:1c:17:62:d3:fd:00:4f:53:68:fd:16:16:8b:e9:
                    a5:9f:48:ec:5b:df:3b:e6:59:f2:f6:55:36:ba:b3:
                    0f:bf:47:b0:bd:20:f8:39:83:0f:fc:b8:97:7b:a6:
                    70:aa:d2:15:35:d6:d5:3a:af:4c:ea:bd:0d:e3:d1:
                    52:4e:59:13:02:24:d5:27:04:5c:08:53:8b:da:44:
                    87:db:ed:9e:75:82:7e:43:15:d0:a6:44:2e:3c:34:
                    17:d9:06:b9:f7:e0:3d:c5:9a:e3:b4:9a:b1:ae:92:
                    97:2b:84:0f:67:2d:d3:39:bd:1b:38:09:be:67:46:
                    5c:e3:dc:67:62:f9:66:41:3f:7b:bc:9a:e9:f9:fe:
                    01:98:ba:07:82:61:3d:01:3d:21:5f:b6:9f:2b:e6:
                    b4:6a:44:17:c9:d2:7d:d8:fb:da:a5:e1:6b:b8:6c:
                    c7:d3:b4:7b:c4:f8:bb:66:92:63:47:3e:21:44:a4:
                    09:16:99:86:2a:25:a6:77:07:4c:90:b7:9a:cd:0a:
                    bb:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:01:72:4F:F3:7C:1F:36:80:00:6C:A1:58:F4:A2:50:4D:3D:E0:25
            X509v3 Authority Key Identifier:
                keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:58:00:93:b0:62:ad:9d:2a:aa:87:fb:59:e3:05:73:21:4d:
         3f:71:f4:ba:57:12:0d:fa:dc:8c:29:fb:d4:9d:d2:fd:8a:c0:
         0a:0a:77:56:ce:12:ea:a7:d3:27:10:e5:f2:2c:10:f8:7e:4e:
         14:4c:68:be:f6:96:c6:4b:48:bf:1f:42:f2:98:06:a4:09:c5:
         ff:be:5f:3e:40:49:60:b7:52:18:dd:83:2e:e2:b9:51:8d:db:
         45:1a:4a:b1:30:55:bb:c6:eb:5f:ff:56:7b:1a:0b:3b:80:29:
         97:36:ae:92:c1:aa:7a:9b:7f:fa:28:75:cc:b3:8e:3f:fe:4a:
         5b:ff:87:46:db:74:3c:fb:c2:66:68:33:1b:7a:0a:54:4f:7b:
         76:60:8c:77:5c:e2:56:83:fc:79:7d:ee:23:79:ad:e5:62:21:
         80:9f:30:c3:ed:2f:cf:63:56:b4:5c:ef:8a:1c:e8:f7:48:ca:
         d6:5c:2c:b5:e8:6b:5d:d7:87:24:f0:14:24:33:c7:c2:2c:6b:
         e1:8e:27:28:ef:87:6a:2f:c9:6d:3f:50:bb:80:1a:cb:f0:21:
         fb:63:f8:43:1c:2d:3a:ff:33:fd:f4:2b:0b:58:af:12:c8:83:
         b2:1a:9b:54:06:b7:79:55:d2:e4:6e:05:67:01:0a:d2:c3:ba:
         79:80:71:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt7N27tvx7qxZ/jNPAGw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1
ZjI2MzEwHhcNMjUxMTExMDcwMDU1WhcNMjUxMTEyMDcwMDU1WjAzMTEwLwYDVQQD
EygwMzAxNzI0ZmYzN2MxZjM2ODAwMDZjYTE1OGY0YTI1MDRkM2RlMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9xEq4AdJLUYvzPzFy48k9kCRobGr
v2dONSjM+h4ex4OvCYSl/iTSBa8Qgr7wZikxNKxBZfBropOEKAGpHBdi0/0AT1No
/RYWi+mln0jsW9875lny9lU2urMPv0ewvSD4OYMP/LiXe6ZwqtIVNdbVOq9M6r0N
49FSTlkTAiTVJwRcCFOL2kSH2+2edYJ+QxXQpkQuPDQX2Qa59+A9xZrjtJqxrpKX
K4QPZy3TOb0bOAm+Z0Zc49xnYvlmQT97vJrp+f4BmLoHgmE9AT0hX7afK+a0akQX
ydJ92PvapeFruGzH07R7xPi7ZpJjRz4hRKQJFpmGKiWmdwdMkLeazQq73QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMBck/zfB82gABsoVj0olBNPeAlMB8GA1UdIwQY
MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt
MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx
LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZVgAk7Bi
rZ0qqof7WeMFcyFNP3H0ulcSDfrcjCn71J3S/YrACgp3Vs4S6qfTJxDl8iwQ+H5O
FExovvaWxktIvx9C8pgGpAnF/75fPkBJYLdSGN2DLuK5UY3bRRpKsTBVu8brX/9W
exoLO4AplzauksGqept/+ih1zLOOP/5KW/+HRtt0PPvCZmgzG3oKVE97dmCMd1zi
VoP8eX3uI3mt5WIhgJ8ww+0vz2NWtFzvihzo90jK1lwstehrXdeHJPAUJDPHwixr
4Y4nKO+Hai/JbT9Qu4Aay/Ah+2P4QxwtOv8z/fQrC1ivEsiDshqbVAa3eVXS5G4F
ZwEK0sO6eYBxYw==
-----END CERTIFICATE-----