Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
File:                     zfDoJMYqWSimUCFO8z6Md-fB_40.mft (raw, json)
Hash identifier:          Zbk7gfbjVkBLbhFAyt9mezfQmJHL9sRHZiCaS3U/hZc=
Subject key identifier:   47:F2:24:1D:5A:22:04:44:68:4E:80:50:0D:A7:3C:E8:9C:79:5B:13
Authority key identifier: CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D
Certificate issuer:       /CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
Certificate serial:       0199180895F00CB68D07AD8A32F4BFFD3E06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
Manifest number:          100D
Signing time:             Fri 05 Sep 2025 04:00:39 +0000
Manifest this update:     Fri 05 Sep 2025 04:00:39 +0000
Manifest next update:     Sat 06 Sep 2025 04:00:39 +0000
Files and hashes:         1: zfDoJMYqWSimUCFO8z6Md-fB_40.crl (hash: apRtaG9g+RUPJFjkV8WyTmagkXYiTHxuOhH1N1UljPY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:08:95:f0:0c:b6:8d:07:ad:8a:32:f4:bf:fd:3e:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d
        Validity
            Not Before: Sep  5 04:00:39 2025 GMT
            Not After : Sep  6 04:00:39 2025 GMT
        Subject: CN=47f2241d5a220444684e80500da73ce89c795b13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:b0:8e:3d:d1:34:6d:3b:12:3a:c2:92:2b:b8:
                    ee:6c:bf:38:5f:e4:74:96:87:0b:83:af:05:41:a8:
                    b8:52:7b:0b:e0:7e:e7:7b:2b:97:e9:d4:c2:76:ab:
                    eb:99:ab:ae:dc:a9:9a:9a:0b:6b:e4:40:65:c2:e9:
                    16:1c:de:ea:c8:14:7f:77:11:c8:ec:66:6f:ad:eb:
                    4d:4e:46:ba:93:79:c9:da:a0:db:09:ec:f3:b2:98:
                    68:54:1e:74:bb:9f:73:4a:09:3a:02:aa:28:22:f0:
                    1f:d7:96:7f:c3:c7:22:77:27:4d:d3:8c:a5:5b:f1:
                    53:7a:12:03:03:ed:f8:c9:bc:6c:e3:20:e1:d6:67:
                    13:41:77:35:70:ac:a7:db:52:6d:bb:81:3d:c1:ea:
                    7d:00:66:e0:46:af:b1:87:08:ec:f8:ba:4c:f7:f1:
                    20:5d:35:1b:2a:92:8e:bc:c4:4d:27:d7:aa:82:7d:
                    c1:59:e4:33:e7:41:43:98:6f:33:70:cb:cf:25:2e:
                    9d:bb:40:9f:61:4e:40:ff:11:a2:92:d9:25:1e:98:
                    2f:31:23:3e:51:a3:7c:36:3a:81:40:a0:81:c3:ce:
                    e6:d3:6f:e5:c2:dd:f1:da:ff:63:7d:0a:22:67:7f:
                    40:0a:d7:b8:5d:c3:00:fc:f9:21:c8:b0:e4:cb:45:
                    7c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:F2:24:1D:5A:22:04:44:68:4E:80:50:0D:A7:3C:E8:9C:79:5B:13
            X509v3 Authority Key Identifier:
                keyid:CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:3c:74:c4:80:57:ab:5c:da:ad:07:b5:33:db:c6:20:70:ea:
         01:38:05:f6:d9:5b:a6:54:cb:59:7a:a5:84:96:8a:37:ad:41:
         63:bf:e5:0f:77:20:8f:0f:81:e8:e7:56:f0:19:13:0a:d8:97:
         75:01:9f:27:79:c5:5d:c6:96:46:88:88:c1:60:39:44:b3:a8:
         62:9b:be:66:ad:a8:ad:ce:01:e4:e4:25:c6:78:67:8d:a5:73:
         a7:96:d0:93:45:7b:6a:41:93:e3:c8:d9:2a:c6:ab:66:fd:a2:
         97:9f:0a:67:54:db:69:8f:99:f9:37:8a:75:b5:db:c9:62:b9:
         13:82:a2:8e:db:15:a4:eb:c8:15:40:5f:3a:c7:e1:98:86:19:
         6c:24:7c:0c:9a:94:96:06:47:b8:ee:2a:17:a5:ef:88:21:e6:
         86:29:e7:d4:5e:00:59:d5:d2:4a:03:b5:ed:cc:09:15:ba:23:
         65:38:e7:ac:45:2b:1c:b2:03:a2:24:b7:37:9e:79:51:b4:49:
         30:62:6e:0b:9a:c2:2e:c6:aa:05:dc:e5:c4:4d:be:c6:97:45:
         66:c1:b9:95:e5:a0:c9:4c:99:67:2f:d5:54:54:9b:77:ab:1e:
         50:06:50:af:ee:df:d9:0d:bb:3e:0c:4b:df:5a:d7:76:8c:18:
         3d:99:93:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCJXwDLaNB62KMvS//T4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjBlODI0YzYyYTU5MjhhNjUwMjE0ZWYzM2U4Yzc3ZTdj
MWZmOGQwHhcNMjUwOTA1MDQwMDM5WhcNMjUwOTA2MDQwMDM5WjAzMTEwLwYDVQQD
Eyg0N2YyMjQxZDVhMjIwNDQ0Njg0ZTgwNTAwZGE3M2NlODljNzk1YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7COPdE0bTsSOsKSK7jubL84X+R0
locLg68FQai4UnsL4H7neyuX6dTCdqvrmauu3Kmamgtr5EBlwukWHN7qyBR/dxHI
7GZvretNTka6k3nJ2qDbCezzsphoVB50u59zSgk6AqooIvAf15Z/w8cidydN04yl
W/FTehIDA+34ybxs4yDh1mcTQXc1cKyn21Jtu4E9wep9AGbgRq+xhwjs+LpM9/Eg
XTUbKpKOvMRNJ9eqgn3BWeQz50FDmG8zcMvPJS6du0CfYU5A/xGiktklHpgvMSM+
UaN8NjqBQKCBw87m02/lwt3x2v9jfQoiZ39ACte4XcMA/PkhyLDky0V8XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEfyJB1aIgREaE6AUA2nPOiceVsTMB8GA1UdIwQY
MBaAFM3w6CTGKlkoplAhTvM+jHfnwf+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUt
MjU4M2FmMjM3ZTJjLzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUtMjU4M2FmMjM3ZTJj
LzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJDx0xIBX
q1zarQe1M9vGIHDqATgF9tlbplTLWXqlhJaKN61BY7/lD3cgjw+B6OdW8BkTCtiX
dQGfJ3nFXcaWRoiIwWA5RLOoYpu+Zq2orc4B5OQlxnhnjaVzp5bQk0V7akGT48jZ
KsarZv2il58KZ1TbaY+Z+TeKdbXbyWK5E4KijtsVpOvIFUBfOsfhmIYZbCR8DJqU
lgZHuO4qF6XviCHmhinn1F4AWdXSSgO17cwJFbojZTjnrEUrHLIDoiS3N555UbRJ
MGJuC5rCLsaqBdzlxE2+xpdFZsG5leWgyUyZZy/VVFSbd6seUAZQr+7f2Q27PgxL
31rXdowYPZmTTg==
-----END CERTIFICATE-----