Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
File:                     zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft (raw, json)
Hash identifier:          uB3CG/lYDIn6EqzSu7fRC74G2zM/PTCUqC3cPsuHuo8=
Subject key identifier:   FA:59:78:D1:43:38:A7:2D:60:B1:8F:2F:21:0B:D7:3A:02:CE:82:EC
Authority key identifier: CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12
Certificate issuer:       /CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712
Certificate serial:       019A70DBE95E06510C50FE54A2EAE98D50F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
Manifest number:          01D0
Signing time:             Tue 11 Nov 2025 03:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 03:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 03:00:51 +0000
Files and hashes:         1: zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl (hash: BorgX1ew5g5eVy+2nps/KEyN98XWn/FnyOpS0fU1rn8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:db:e9:5e:06:51:0c:50:fe:54:a2:ea:e9:8d:50:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712
        Validity
            Not Before: Nov 11 03:00:51 2025 GMT
            Not After : Nov 12 03:00:51 2025 GMT
        Subject: CN=fa5978d14338a72d60b18f2f210bd73a02ce82ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c6:ad:93:e0:6d:f0:1d:93:7f:37:6d:dc:11:
                    f7:2c:fb:8a:ad:30:15:ef:0f:61:90:69:74:37:74:
                    1e:ab:69:88:27:a6:bc:13:d4:9d:d3:ca:70:8a:68:
                    fe:8d:a0:17:50:9f:7f:3b:68:7a:e1:7a:a5:de:7c:
                    49:dc:31:73:bb:70:07:43:41:44:8b:a6:df:e2:45:
                    f5:2b:47:85:67:1b:5f:9f:74:b4:19:0a:68:32:be:
                    76:0f:dc:c3:2e:25:32:07:10:b1:27:69:b3:04:bc:
                    88:44:3d:78:63:16:c3:99:04:03:55:28:37:b3:1d:
                    69:6d:b8:4e:b2:26:f6:4d:d1:10:84:db:9e:1d:f0:
                    9f:7e:28:ab:df:4a:fd:ce:9c:10:74:d1:99:92:9f:
                    04:82:98:7b:14:14:21:28:7b:d0:91:31:6f:35:19:
                    67:94:5a:e6:78:c1:75:1c:19:60:e4:ee:30:4e:4c:
                    d5:77:1b:33:53:95:9e:1a:3a:c3:25:33:49:b8:85:
                    43:aa:46:09:73:03:62:40:0b:8a:98:4e:2a:e6:cb:
                    4f:13:7c:be:3d:d5:f8:94:06:d9:2d:2f:6f:47:f0:
                    0e:c2:1b:34:1e:10:d4:55:37:26:fa:24:bb:0e:e1:
                    25:db:b2:7f:9b:b9:1a:f8:1e:0f:05:51:60:ad:b6:
                    62:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:59:78:D1:43:38:A7:2D:60:B1:8F:2F:21:0B:D7:3A:02:CE:82:EC
            X509v3 Authority Key Identifier:
                keyid:CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:3f:50:c2:13:64:26:98:30:c7:e9:8c:b0:53:83:ea:4a:c9:
         72:c0:b4:31:45:a4:98:50:3a:5f:fb:74:f6:29:41:df:db:da:
         cd:84:b0:54:a3:97:e0:c1:01:9f:19:4f:af:c3:5c:f5:e6:18:
         22:a0:47:ae:f0:01:9f:b3:a4:58:3f:4d:7a:56:80:09:df:b8:
         a7:81:0f:de:ac:5a:1d:e1:36:35:8e:eb:ff:1c:aa:7c:2c:4f:
         d3:f6:7e:75:71:61:e1:9a:9a:e6:99:7f:7d:64:95:30:8b:a2:
         f3:60:39:b7:2d:57:a4:ed:1b:52:71:fb:03:f4:7c:45:b5:54:
         42:e6:6b:e0:27:57:4f:32:a7:fb:01:9b:71:ce:d5:11:1e:a5:
         6b:05:d4:7d:cd:88:35:16:56:2b:3b:ec:74:87:52:86:08:ea:
         2b:e6:81:e0:57:d9:b7:c9:9c:ca:43:af:03:e6:7c:72:07:71:
         78:ab:b8:72:75:2d:52:4b:e4:26:ec:d7:e9:96:cf:b8:64:5f:
         76:fc:ba:a3:ba:22:e8:f0:27:93:90:17:2f:9f:33:c3:ca:08:
         48:c4:ff:dc:65:45:fa:5f:9b:ec:9c:c2:11:3d:6b:42:7e:82:
         87:d3:a4:69:c2:aa:56:4f:70:32:92:54:07:5a:d2:8c:97:a9:
         dd:2b:d2:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2+leBlEMUP5UourpjVDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMGE5MDBkNzBiZDEwZjdkMjIyMWE1NjQ4ZGE1NGE1ZTNm
NDQ3MTIwHhcNMjUxMTExMDMwMDUxWhcNMjUxMTEyMDMwMDUxWjAzMTEwLwYDVQQD
EyhmYTU5NzhkMTQzMzhhNzJkNjBiMThmMmYyMTBiZDczYTAyY2U4MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Matk+Bt8B2Tfzdt3BH3LPuKrTAV
7w9hkGl0N3Qeq2mIJ6a8E9Sd08pwimj+jaAXUJ9/O2h64Xql3nxJ3DFzu3AHQ0FE
i6bf4kX1K0eFZxtfn3S0GQpoMr52D9zDLiUyBxCxJ2mzBLyIRD14YxbDmQQDVSg3
sx1pbbhOsib2TdEQhNueHfCffiir30r9zpwQdNGZkp8Egph7FBQhKHvQkTFvNRln
lFrmeMF1HBlg5O4wTkzVdxszU5WeGjrDJTNJuIVDqkYJcwNiQAuKmE4q5stPE3y+
PdX4lAbZLS9vR/AOwhs0HhDUVTcm+iS7DuEl27J/m7ka+B4PBVFgrbZiXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPpZeNFDOKctYLGPLyEL1zoCzoLsMB8GA1UdIwQY
MBaAFMwKkA1wvRD30iIaVkjaVKXj9EcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OGEzYjYtOWE4MC00OWMyLTg3NzUt
MzgwMWM2MjE2ZTZjLzEvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OGEzYjYtOWE4MC00OWMyLTg3NzUtMzgwMWM2MjE2ZTZj
LzEvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXz9QwhNk
Jpgwx+mMsFOD6krJcsC0MUWkmFA6X/t09ilB39vazYSwVKOX4MEBnxlPr8Nc9eYY
IqBHrvABn7OkWD9NelaACd+4p4EP3qxaHeE2NY7r/xyqfCxP0/Z+dXFh4Zqa5pl/
fWSVMIui82A5ty1XpO0bUnH7A/R8RbVUQuZr4CdXTzKn+wGbcc7VER6lawXUfc2I
NRZWKzvsdIdShgjqK+aB4FfZt8mcykOvA+Z8cgdxeKu4cnUtUkvkJuzX6ZbPuGRf
dvy6o7oi6PAnk5AXL58zw8oISMT/3GVF+l+b7JzCET1rQn6Ch9OkacKqVk9wMpJU
B1rSjJep3SvSOA==
-----END CERTIFICATE-----