Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
File:                     zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft (raw, json)
Hash identifier:          Xat0mh+W3DPC4X5HL7BsuLjgaSZnGn5tqtA/CPyiV2w=
Subject key identifier:   70:9E:36:03:EE:50:18:9E:99:D7:E4:FD:95:B6:36:95:4F:C8:BB:86
Authority key identifier: CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12
Certificate issuer:       /CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712
Certificate serial:       019922C3907F59F70391985778744F0C7AB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
Manifest number:          0123
Signing time:             Sun 07 Sep 2025 06:01:05 +0000
Manifest this update:     Sun 07 Sep 2025 06:01:05 +0000
Manifest next update:     Mon 08 Sep 2025 06:01:05 +0000
Files and hashes:         1: zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl (hash: Kb1L73AvuhGL3qzNuIVCOUIs1O7QoWbL1AZCgcdLdNk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:90:7f:59:f7:03:91:98:57:78:74:4f:0c:7a:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712
        Validity
            Not Before: Sep  7 06:01:05 2025 GMT
            Not After : Sep  8 06:01:05 2025 GMT
        Subject: CN=709e3603ee50189e99d7e4fd95b636954fc8bb86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:b4:54:fd:80:59:6f:38:6f:0b:d9:08:ec:8d:
                    ff:cb:12:05:41:a6:eb:81:ab:19:ab:ba:2e:98:10:
                    52:31:93:37:37:94:71:bb:6a:6a:73:b1:2e:a5:04:
                    86:51:c9:20:55:d3:2a:08:ed:1f:ec:eb:c3:58:52:
                    2c:d0:15:5a:ff:78:ce:f2:e1:3b:39:ae:fd:7f:27:
                    3e:d5:b6:d1:01:24:37:1d:f2:aa:d1:bb:7f:65:bc:
                    2c:fe:7f:69:19:06:69:06:a1:5b:1d:84:9f:de:a9:
                    bb:5e:31:4d:e8:6d:40:14:ac:90:33:26:b1:80:e6:
                    ec:b4:d6:45:9b:84:c0:fb:19:44:f0:74:12:13:1b:
                    08:fc:d6:2d:3b:9c:7b:d2:7b:a8:29:1b:21:4e:cf:
                    16:58:93:98:e5:64:d8:74:ef:a4:bf:43:ed:bd:9c:
                    32:b5:28:b7:95:6f:89:70:ee:b2:b4:b7:6a:23:3f:
                    d1:29:a9:e9:21:d9:9f:c0:0d:f0:dc:f6:f1:7f:bc:
                    3f:6b:d4:91:a4:fa:82:01:4e:53:01:25:b7:ed:51:
                    09:25:cd:23:29:85:2a:99:c4:39:7e:49:bf:88:f0:
                    17:e9:91:8c:47:b8:31:a8:b3:0a:02:93:b3:89:f2:
                    d8:99:81:26:71:3f:1f:45:39:88:0c:2a:87:21:86:
                    81:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:9E:36:03:EE:50:18:9E:99:D7:E4:FD:95:B6:36:95:4F:C8:BB:86
            X509v3 Authority Key Identifier:
                keyid:CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:34:78:af:09:36:fa:f5:62:35:ae:43:98:50:12:05:fb:06:
         87:ef:59:37:37:f3:c0:f9:64:9e:1f:2e:90:c1:b7:ce:8f:1e:
         db:b9:d7:03:34:25:9e:49:e6:3c:66:9f:85:36:c1:76:21:b7:
         28:b0:b6:4d:fd:64:1a:08:6a:3f:0c:e1:f0:09:cd:d0:02:d4:
         57:82:fd:3d:2c:08:f7:cb:15:14:de:de:27:df:8c:df:10:18:
         8e:6d:80:01:3a:b0:ea:a9:ef:5e:25:b9:d4:38:97:25:36:05:
         f7:a2:c6:58:7d:ad:95:e4:4c:ed:e0:a2:4c:eb:a1:7c:9e:ae:
         e8:33:b3:8a:e4:4a:f7:d9:cc:d6:7a:f0:db:12:bf:6d:36:55:
         5d:81:4e:86:62:b1:e3:58:d6:67:8f:da:fd:6c:68:c7:22:7e:
         9e:81:77:e9:32:2f:d3:27:01:3b:e6:ad:21:58:3a:c7:e6:b6:
         be:79:5a:2e:c1:75:0c:ce:0e:2d:d7:36:65:f3:a4:53:9c:ea:
         71:eb:21:d0:ee:4c:37:de:0b:5e:21:b2:0c:0b:bf:f3:ca:a9:
         a8:d6:7f:a3:65:94:e7:0a:74:23:54:b2:c6:53:d3:dd:b9:59:
         2e:96:4d:e3:19:74:f6:0c:85:9b:39:7a:ac:bc:e7:91:85:88:
         e1:d2:b7:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw5B/WfcDkZhXeHRPDHqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMGE5MDBkNzBiZDEwZjdkMjIyMWE1NjQ4ZGE1NGE1ZTNm
NDQ3MTIwHhcNMjUwOTA3MDYwMTA1WhcNMjUwOTA4MDYwMTA1WjAzMTEwLwYDVQQD
Eyg3MDllMzYwM2VlNTAxODllOTlkN2U0ZmQ5NWI2MzY5NTRmYzhiYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6rRU/YBZbzhvC9kI7I3/yxIFQabr
gasZq7oumBBSMZM3N5Rxu2pqc7EupQSGUckgVdMqCO0f7OvDWFIs0BVa/3jO8uE7
Oa79fyc+1bbRASQ3HfKq0bt/Zbws/n9pGQZpBqFbHYSf3qm7XjFN6G1AFKyQMyax
gObstNZFm4TA+xlE8HQSExsI/NYtO5x70nuoKRshTs8WWJOY5WTYdO+kv0PtvZwy
tSi3lW+JcO6ytLdqIz/RKanpIdmfwA3w3Pbxf7w/a9SRpPqCAU5TASW37VEJJc0j
KYUqmcQ5fkm/iPAX6ZGMR7gxqLMKApOzifLYmYEmcT8fRTmIDCqHIYaBowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHCeNgPuUBiemdfk/ZW2NpVPyLuGMB8GA1UdIwQY
MBaAFMwKkA1wvRD30iIaVkjaVKXj9EcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OGEzYjYtOWE4MC00OWMyLTg3NzUt
MzgwMWM2MjE2ZTZjLzEvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OGEzYjYtOWE4MC00OWMyLTg3NzUtMzgwMWM2MjE2ZTZj
LzEvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXjR4rwk2
+vViNa5DmFASBfsGh+9ZNzfzwPlknh8ukMG3zo8e27nXAzQlnknmPGafhTbBdiG3
KLC2Tf1kGghqPwzh8AnN0ALUV4L9PSwI98sVFN7eJ9+M3xAYjm2AATqw6qnvXiW5
1DiXJTYF96LGWH2tleRM7eCiTOuhfJ6u6DOziuRK99nM1nrw2xK/bTZVXYFOhmKx
41jWZ4/a/WxoxyJ+noF36TIv0ycBO+atIVg6x+a2vnlaLsF1DM4OLdc2ZfOkU5zq
cesh0O5MN94LXiGyDAu/88qpqNZ/o2WU5wp0I1SyxlPT3blZLpZN4xl09gyFmzl6
rLznkYWI4dK3JQ==
-----END CERTIFICATE-----