Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
File:                     zTf5VqTOlOsexk52R7Q828uPxEk.mft (raw, json)
Hash identifier:          AARkr7HxS/EC9tr4Vs5eMEn2fI4oumE3pyW6IvFECgM=
Subject key identifier:   1B:3F:F8:88:9A:FB:00:72:53:B4:66:EE:31:F0:A4:F5:8D:DF:CD:34
Authority key identifier: CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49
Certificate issuer:       /CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
Certificate serial:       019A7225B5A29FB36E5BCECC773F59249A0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
Manifest number:          16D8
Signing time:             Tue 11 Nov 2025 09:01:05 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:05 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:05 +0000
Files and hashes:         1: zTf5VqTOlOsexk52R7Q828uPxEk.crl (hash: mgu5sB0/BDNIm9Pkc1C0svUYDpdoLlJOjRSLlhym3T8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:b5:a2:9f:b3:6e:5b:ce:cc:77:3f:59:24:9a:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
        Validity
            Not Before: Nov 11 09:01:05 2025 GMT
            Not After : Nov 12 09:01:05 2025 GMT
        Subject: CN=1b3ff8889afb007253b466ee31f0a4f58ddfcd34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ca:ff:34:0e:33:d3:d4:eb:f0:9f:f4:b1:40:
                    59:70:68:55:79:5a:96:9b:12:2d:75:a4:87:d4:60:
                    6c:93:ea:e1:ad:d7:bb:69:fe:9e:f5:61:a3:b3:02:
                    05:78:40:24:be:7b:ad:28:5b:4f:3b:68:b6:8d:f6:
                    8a:cd:a8:49:c4:66:74:c3:3a:ab:04:34:ec:ac:9d:
                    cc:d8:2a:f8:b4:fc:22:00:4a:45:69:22:8a:c0:9c:
                    b1:8f:19:fe:54:ac:1a:b8:3b:d8:b1:ec:da:7c:4a:
                    73:38:dd:af:16:fe:8b:d0:30:57:73:e7:da:6c:dc:
                    43:8d:a3:db:c5:9b:e7:3a:85:b2:2f:c6:04:7a:d6:
                    ce:ba:a8:61:df:25:ad:e9:55:87:54:93:f1:c5:f6:
                    03:0e:3a:b6:85:3c:fd:9f:07:ca:86:c1:3b:33:d8:
                    ac:51:cb:f7:69:3f:9b:5c:8d:b2:5b:46:1f:59:f0:
                    99:10:e7:fc:75:72:3b:1c:00:28:b4:9a:7d:3e:5c:
                    2e:5f:0b:4c:53:b5:2f:f9:f2:3f:89:ea:41:46:e4:
                    43:05:4f:4b:c2:b6:fa:da:d3:2d:db:89:a1:6c:46:
                    23:76:58:39:8b:a2:99:ac:a0:d5:82:02:ad:73:b5:
                    2a:04:ba:78:1c:ce:4d:2f:b8:9f:bb:b1:b6:cd:ca:
                    7f:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:3F:F8:88:9A:FB:00:72:53:B4:66:EE:31:F0:A4:F5:8D:DF:CD:34
            X509v3 Authority Key Identifier:
                keyid:CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:ce:fd:8a:c5:db:02:2d:f2:81:c1:44:a8:b6:9f:00:20:b3:
         0d:25:de:ac:47:15:94:8d:68:8a:fe:49:56:be:7d:a3:e1:2d:
         28:0b:bd:2b:aa:8e:d2:2c:c3:c5:4f:a8:e6:8f:9c:e6:63:44:
         0d:69:49:24:cf:1f:e8:ee:20:00:6b:a1:9e:f7:98:e6:73:9c:
         0b:b0:e9:42:83:69:67:9c:fe:2d:92:ad:ef:38:38:19:3e:bb:
         0b:90:3c:25:9b:38:cc:e2:21:47:06:e4:3a:0a:93:05:b4:d2:
         fb:ce:1e:5d:bd:84:73:ec:95:71:b7:2d:bc:45:6f:ec:35:43:
         d3:3e:a6:5c:bc:88:03:20:08:27:0f:ac:19:5b:d2:1f:58:11:
         25:55:11:32:af:42:52:28:23:2b:1b:46:92:df:e0:96:ff:df:
         18:8d:c6:8b:8d:6f:b9:54:a2:fe:26:aa:6b:c3:a6:04:4c:4b:
         6d:76:a5:fa:09:25:d3:f7:d3:6d:6d:f8:23:d2:6e:03:6c:b1:
         ee:89:5a:f4:7a:c4:be:e0:c0:00:01:a5:63:12:41:bf:7e:d8:
         f8:bf:7f:74:a3:96:de:c4:a6:89:cf:e1:48:9c:28:de:34:95:
         d4:b7:a1:2e:e0:4a:77:33:dd:5c:bb:38:5f:5a:a0:84:67:3e:
         e7:cc:12:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJbWin7NuW87Mdz9ZJJoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzdmOTU2YTRjZTk0ZWIxZWM2NGU3NjQ3YjQzY2RiY2I4
ZmM0NDkwHhcNMjUxMTExMDkwMTA1WhcNMjUxMTEyMDkwMTA1WjAzMTEwLwYDVQQD
EygxYjNmZjg4ODlhZmIwMDcyNTNiNDY2ZWUzMWYwYTRmNThkZGZjZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Mr/NA4z09Tr8J/0sUBZcGhVeVqW
mxItdaSH1GBsk+rhrde7af6e9WGjswIFeEAkvnutKFtPO2i2jfaKzahJxGZ0wzqr
BDTsrJ3M2Cr4tPwiAEpFaSKKwJyxjxn+VKwauDvYsezafEpzON2vFv6L0DBXc+fa
bNxDjaPbxZvnOoWyL8YEetbOuqhh3yWt6VWHVJPxxfYDDjq2hTz9nwfKhsE7M9is
Ucv3aT+bXI2yW0YfWfCZEOf8dXI7HAAotJp9PlwuXwtMU7Uv+fI/iepBRuRDBU9L
wrb62tMt24mhbEYjdlg5i6KZrKDVggKtc7UqBLp4HM5NL7ifu7G2zcp/WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBs/+Iia+wByU7Rm7jHwpPWN3800MB8GA1UdIwQY
MBaAFM03+VakzpTrHsZOdke0PNvLj8RJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjct
YmJlMTJiZDM4ZTA0LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjctYmJlMTJiZDM4ZTA0
LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUM79isXb
Ai3ygcFEqLafACCzDSXerEcVlI1oiv5JVr59o+EtKAu9K6qO0izDxU+o5o+c5mNE
DWlJJM8f6O4gAGuhnveY5nOcC7DpQoNpZ5z+LZKt7zg4GT67C5A8JZs4zOIhRwbk
OgqTBbTS+84eXb2Ec+yVcbctvEVv7DVD0z6mXLyIAyAIJw+sGVvSH1gRJVURMq9C
UigjKxtGkt/glv/fGI3Gi41vuVSi/iaqa8OmBExLbXal+gkl0/fTbW34I9JuA2yx
7ola9HrEvuDAAAGlYxJBv37Y+L9/dKOW3sSmic/hSJwo3jSV1LehLuBKdzPdXLs4
X1qghGc+58wSBw==
-----END CERTIFICATE-----