Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
File:                     zfDoJMYqWSimUCFO8z6Md-fB_40.mft (raw, json)
Hash identifier:          Adc+h14a1GRp6hm3UsViVmSqj3pkRW2zcBlRMybCG8w=
Subject key identifier:   06:F4:3E:C3:3C:E9:CA:F6:31:F3:7B:F8:D6:19:64:4D:24:29:14:62
Authority key identifier: CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D
Certificate issuer:       /CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
Certificate serial:       019A71B7AA8765356BA64BE233EFC1B29341
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
Manifest number:          10C0
Signing time:             Tue 11 Nov 2025 07:00:53 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:53 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:53 +0000
Files and hashes:         1: zfDoJMYqWSimUCFO8z6Md-fB_40.crl (hash: MOhZjhY81yu9K3VqVrV9+NEp40mT6ii6TL35QXYIsIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:aa:87:65:35:6b:a6:4b:e2:33:ef:c1:b2:93:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
        Validity
            Not Before: Nov 11 07:00:53 2025 GMT
            Not After : Nov 12 07:00:53 2025 GMT
        Subject: CN=06f43ec33ce9caf631f37bf8d619644d24291462
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:01:dc:12:9c:d5:85:ab:cb:c0:19:dd:4e:22:
                    b1:e2:ba:44:d9:ea:c3:bb:f3:72:1e:a1:64:b1:32:
                    40:92:70:b6:b7:cd:8e:db:1b:8e:b1:05:9e:72:cf:
                    35:92:ca:cb:69:3a:0c:aa:5b:f4:75:5d:97:ce:d1:
                    e5:59:b7:94:43:a2:fa:95:82:76:e4:cc:9b:4f:a7:
                    82:6c:df:89:b9:a4:bb:f7:37:b5:79:e9:38:be:11:
                    1c:25:29:7c:0c:09:bf:ed:a5:33:b4:fa:1d:db:c9:
                    53:a8:2d:cf:41:5e:bb:4f:fc:44:55:18:37:2c:7b:
                    30:cd:9c:8f:bc:40:bf:7b:97:51:dc:1f:5a:52:a1:
                    f6:f8:db:f5:ba:0e:03:14:e9:ba:60:a2:06:9e:f0:
                    3e:d1:f2:31:bf:b6:3d:36:ce:0c:d7:65:41:bf:0c:
                    41:73:60:68:7b:60:c8:f5:ab:4f:b8:58:45:8c:e4:
                    36:79:fd:62:ce:18:4c:f9:25:2d:23:85:c6:ad:f9:
                    7e:47:24:31:32:27:90:bd:3f:d6:64:66:c6:66:ba:
                    f3:4e:e7:51:4e:b6:08:71:dd:3a:68:1e:bf:73:fb:
                    b4:4d:ef:d9:08:03:09:48:f7:db:3b:79:9c:8c:a5:
                    96:b9:6d:9d:84:72:8a:d8:9a:3c:b9:2a:98:64:74:
                    e9:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:F4:3E:C3:3C:E9:CA:F6:31:F3:7B:F8:D6:19:64:4D:24:29:14:62
            X509v3 Authority Key Identifier:
                keyid:CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:b0:26:4f:33:c3:d5:27:56:ff:f4:d7:6e:fe:78:43:14:15:
         56:3e:69:fb:9a:35:b0:54:9e:2d:36:ae:fc:b7:d8:4a:01:4e:
         08:c1:8b:b3:d3:c6:6a:30:b6:71:50:51:c7:05:7a:7a:5f:ec:
         21:01:d0:e0:a3:71:c2:08:a3:5c:cc:71:72:83:64:20:f1:86:
         7d:4e:ef:f7:ec:82:5a:13:5c:e1:3a:a3:2e:95:f6:0b:68:ce:
         45:1e:4e:5a:6b:c6:ec:bc:ff:9e:24:2c:be:ee:40:1a:da:ec:
         50:52:d4:a3:71:5d:38:c0:79:14:4c:9a:16:27:3b:6c:30:97:
         36:99:99:b0:49:6f:78:89:b2:f4:42:c3:69:4c:26:8c:a5:d9:
         6f:9f:9d:ad:7a:9f:9c:3c:eb:7e:e1:a8:7b:aa:f5:4e:47:bd:
         1a:53:38:17:f7:1c:4d:ea:50:5c:74:72:1c:43:48:2c:c2:45:
         c4:dc:f2:86:24:fe:93:d5:96:48:21:32:72:1d:86:3c:b5:5b:
         9a:4a:5f:43:43:e7:7c:ec:de:0b:a7:69:2e:69:b6:ad:80:a3:
         8d:bb:53:ce:ba:94:ce:dd:44:fa:d3:f0:41:92:89:15:71:67:
         d7:e5:1f:1f:a7:21:ec:58:61:fb:b7:9e:7a:3f:6e:7b:86:10:
         69:15:84:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6qHZTVrpkviM+/BspNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjBlODI0YzYyYTU5MjhhNjUwMjE0ZWYzM2U4Yzc3ZTdj
MWZmOGQwHhcNMjUxMTExMDcwMDUzWhcNMjUxMTEyMDcwMDUzWjAzMTEwLwYDVQQD
EygwNmY0M2VjMzNjZTljYWY2MzFmMzdiZjhkNjE5NjQ0ZDI0MjkxNDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQHcEpzVhavLwBndTiKx4rpE2erD
u/NyHqFksTJAknC2t82O2xuOsQWecs81ksrLaToMqlv0dV2XztHlWbeUQ6L6lYJ2
5MybT6eCbN+JuaS79ze1eek4vhEcJSl8DAm/7aUztPod28lTqC3PQV67T/xEVRg3
LHswzZyPvEC/e5dR3B9aUqH2+Nv1ug4DFOm6YKIGnvA+0fIxv7Y9Ns4M12VBvwxB
c2Boe2DI9atPuFhFjOQ2ef1izhhM+SUtI4XGrfl+RyQxMieQvT/WZGbGZrrzTudR
TrYIcd06aB6/c/u0Te/ZCAMJSPfbO3mcjKWWuW2dhHKK2Jo8uSqYZHTpXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAb0PsM86cr2MfN7+NYZZE0kKRRiMB8GA1UdIwQY
MBaAFM3w6CTGKlkoplAhTvM+jHfnwf+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUt
MjU4M2FmMjM3ZTJjLzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUtMjU4M2FmMjM3ZTJj
LzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXrAmTzPD
1SdW//TXbv54QxQVVj5p+5o1sFSeLTau/LfYSgFOCMGLs9PGajC2cVBRxwV6el/s
IQHQ4KNxwgijXMxxcoNkIPGGfU7v9+yCWhNc4TqjLpX2C2jORR5OWmvG7Lz/niQs
vu5AGtrsUFLUo3FdOMB5FEyaFic7bDCXNpmZsElveImy9ELDaUwmjKXZb5+drXqf
nDzrfuGoe6r1Tke9GlM4F/ccTepQXHRyHENILMJFxNzyhiT+k9WWSCEych2GPLVb
mkpfQ0PnfOzeC6dpLmm2rYCjjbtTzrqUzt1E+tPwQZKJFXFn1+UfH6ch7Fhh+7ee
ej9ue4YQaRWEjw==
-----END CERTIFICATE-----