Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
File:                     ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json)
Hash identifier:          RVw8yChfpig7LyG+T88tXtT7lZ+eNJ9D67FdFQQfx9M=
Subject key identifier:   BA:DE:21:58:A1:3A:98:5E:F6:9B:20:73:CF:85:AD:DE:71:72:74:11
Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF
Certificate issuer:       /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
Certificate serial:       019923A0DD1B88F696E2AD3457D70F55128A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
Manifest number:          148D
Signing time:             Sun 07 Sep 2025 10:02:48 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:48 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:48 +0000
Files and hashes:         1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: xSpXBDt1OgGjy9iousuYKYAAv2jGM+isuGoS+cFXbJs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:dd:1b:88:f6:96:e2:ad:34:57:d7:0f:55:12:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf
        Validity
            Not Before: Sep  7 10:02:48 2025 GMT
            Not After : Sep  8 10:02:48 2025 GMT
        Subject: CN=bade2158a13a985ef69b2073cf85adde71727411
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:12:a1:c1:5a:1b:f0:ec:2f:92:83:69:6b:1f:
                    c6:3d:20:ce:6e:6c:4a:45:8e:24:bd:cd:aa:1f:7d:
                    b0:a2:fd:e0:0d:2c:bd:5d:4c:5f:32:14:09:ad:2d:
                    88:b7:6d:ba:1c:e7:fa:aa:c1:6b:b2:47:bf:51:7a:
                    a8:ba:56:da:40:4e:5b:15:ea:4f:4f:5a:8e:bf:f7:
                    e9:bb:13:e3:8c:91:1a:a3:77:6d:1f:28:7c:fc:9c:
                    de:b6:0c:0b:bf:55:5e:27:3f:db:9d:1c:c8:5a:87:
                    b3:b4:73:84:1d:84:3c:cd:41:8c:57:a1:ad:5d:fc:
                    b5:60:9d:6b:89:7e:91:51:72:94:fb:6a:d9:42:f3:
                    b9:e3:c8:2a:1b:6e:9f:ef:ab:b4:3e:e9:3e:1e:72:
                    82:00:d8:f3:4a:3d:59:c4:ac:72:a5:38:9a:a0:d8:
                    94:00:99:46:69:58:18:4d:82:d3:69:46:25:0d:16:
                    66:cf:3b:34:de:b4:26:74:99:2e:41:fb:b9:f7:1d:
                    c9:96:53:eb:2b:23:1d:79:d6:32:d6:8d:d6:00:f6:
                    2d:cb:5e:a6:f9:0b:31:f3:61:e2:eb:5a:32:c7:57:
                    65:ce:ad:4a:38:1f:ca:c9:fe:ce:8e:c1:1d:8c:b7:
                    fe:8c:8a:49:4c:b5:8b:1f:a0:03:eb:94:67:98:64:
                    c8:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:DE:21:58:A1:3A:98:5E:F6:9B:20:73:CF:85:AD:DE:71:72:74:11
            X509v3 Authority Key Identifier:
                keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:0e:cf:48:59:95:8f:94:9e:79:26:49:eb:25:75:6a:ea:ea:
         cb:43:4b:bf:c3:ec:62:c9:e6:79:64:db:88:38:89:49:93:bf:
         85:a3:27:47:fa:af:bd:42:cf:4e:b9:38:8c:80:59:62:e5:f7:
         8f:ce:58:b6:e1:d4:54:ac:66:8e:51:65:7b:e6:2c:cd:e9:1f:
         33:6f:a3:f7:8f:7c:f0:6e:8a:c2:aa:0d:0f:98:33:10:db:59:
         0f:e4:e0:d7:46:1d:d9:bf:23:04:07:ec:ee:cf:92:af:fe:5c:
         11:96:da:cf:6f:58:69:dd:d8:dd:65:96:df:fa:df:fd:3d:59:
         6a:03:fb:79:ab:dd:09:42:16:e0:36:24:5b:bc:a2:af:67:10:
         22:02:92:12:57:46:ec:e2:23:a6:36:bb:d3:32:46:d9:82:75:
         d2:0d:4e:1c:be:39:0f:26:a2:69:f8:dc:67:f2:2a:06:74:e7:
         03:7b:fe:c1:da:ff:73:8f:e4:a9:8d:92:41:f0:29:53:3d:99:
         6d:a2:93:f3:f1:1c:b9:21:b1:76:7c:f7:57:f7:5f:df:dd:34:
         f1:15:23:f1:93:43:e8:36:e3:89:03:ee:bf:07:44:65:24:c2:
         55:bc:d2:9e:71:23:4b:7a:b9:66:77:d9:4f:fa:f1:30:51:54:
         d1:7e:9b:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoN0biPaW4q00V9cPVRKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy
MjkyYmYwHhcNMjUwOTA3MTAwMjQ4WhcNMjUwOTA4MTAwMjQ4WjAzMTEwLwYDVQQD
EyhiYWRlMjE1OGExM2E5ODVlZjY5YjIwNzNjZjg1YWRkZTcxNzI3NDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBKhwVob8OwvkoNpax/GPSDObmxK
RY4kvc2qH32wov3gDSy9XUxfMhQJrS2It226HOf6qsFrske/UXqoulbaQE5bFepP
T1qOv/fpuxPjjJEao3dtHyh8/JzetgwLv1VeJz/bnRzIWoeztHOEHYQ8zUGMV6Gt
Xfy1YJ1riX6RUXKU+2rZQvO548gqG26f76u0Puk+HnKCANjzSj1ZxKxypTiaoNiU
AJlGaVgYTYLTaUYlDRZmzzs03rQmdJkuQfu59x3JllPrKyMdedYy1o3WAPYty16m
+Qsx82Hi61oyx1dlzq1KOB/Kyf7OjsEdjLf+jIpJTLWLH6AD65RnmGTIjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLreIVihOphe9psgc8+Frd5xcnQRMB8GA1UdIwQY
MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt
MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz
LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfw7PSFmV
j5SeeSZJ6yV1aurqy0NLv8PsYsnmeWTbiDiJSZO/haMnR/qvvULPTrk4jIBZYuX3
j85YtuHUVKxmjlFle+YszekfM2+j94988G6KwqoND5gzENtZD+Tg10Yd2b8jBAfs
7s+Sr/5cEZbaz29Yad3Y3WWW3/rf/T1ZagP7eavdCUIW4DYkW7yir2cQIgKSEldG
7OIjpja70zJG2YJ10g1OHL45DyaiafjcZ/IqBnTnA3v+wdr/c4/kqY2SQfApUz2Z
baKT8/EcuSGxdnz3V/df39008RUj8ZND6DbjiQPuvwdEZSTCVbzSnnEjS3q5ZnfZ
T/rxMFFU0X6bRA==
-----END CERTIFICATE-----