Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
File:                     rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft (raw, json)
Hash identifier:          2nk9w5kBtrOxhy9SmGvYsI0XGbaboEiunti0lh+mUOA=
Subject key identifier:   C0:B7:28:D8:32:1F:CD:94:6F:98:16:07:A1:08:CB:04:50:56:26:66
Authority key identifier: AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63
Certificate issuer:       /CN=af3465437669ce586261a066cc4ad1ea464eb663
Certificate serial:       0199239EE2196833B5A7D5C8D5139F8368E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
Manifest number:          0F21
Signing time:             Sun 07 Sep 2025 10:00:39 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:39 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:39 +0000
Files and hashes:         1: rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl (hash: XcgFEUgQOjXk85gzRahpH96J5uyw5PpCTKAHYQnvUWs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:e2:19:68:33:b5:a7:d5:c8:d5:13:9f:83:68:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af3465437669ce586261a066cc4ad1ea464eb663
        Validity
            Not Before: Sep  7 10:00:39 2025 GMT
            Not After : Sep  8 10:00:39 2025 GMT
        Subject: CN=c0b728d8321fcd946f981607a108cb0450562666
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:17:6d:7f:a3:2d:a8:7d:5a:02:86:1c:1c:55:
                    24:2b:4c:aa:98:2a:50:ad:08:4c:6a:19:21:39:07:
                    19:f5:16:70:75:13:7d:ee:0a:07:67:5a:91:64:cc:
                    e6:af:29:eb:6e:6f:6d:09:c8:e2:12:5f:d4:63:13:
                    1e:69:19:09:16:be:1d:61:92:f2:51:b0:23:a5:35:
                    d0:9e:bf:eb:c3:51:0b:26:15:5d:2d:e7:67:7a:17:
                    9c:79:2c:5a:5d:9a:71:f5:7b:c4:69:9b:ec:cc:dc:
                    20:11:a9:7b:c9:ac:2f:93:52:ae:96:09:aa:8d:71:
                    2c:19:79:08:50:4f:87:24:aa:f5:e9:0c:27:45:c0:
                    d8:b8:81:d5:80:00:f3:76:d4:48:d0:8e:45:e9:7e:
                    00:46:9f:88:d1:7b:2f:1e:51:22:4e:4b:23:84:a2:
                    7d:0a:46:0c:26:24:67:de:f0:db:38:a5:15:bc:11:
                    2d:4e:43:ef:17:19:96:7c:e8:9d:a4:96:91:9b:a7:
                    3e:be:bb:e9:03:c8:57:39:17:fd:e4:77:66:cb:b4:
                    9d:b3:6d:d4:15:87:a5:15:d9:85:78:b8:08:e6:3b:
                    34:d5:2b:fb:8e:27:e4:b7:5a:29:5c:09:a2:a0:95:
                    2c:d2:85:15:35:96:f9:e7:cd:35:70:30:1c:97:08:
                    51:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:B7:28:D8:32:1F:CD:94:6F:98:16:07:A1:08:CB:04:50:56:26:66
            X509v3 Authority Key Identifier:
                keyid:AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:81:13:bd:cf:33:f1:35:5f:8f:ce:c6:54:e7:e2:96:80:0d:
         7b:41:27:51:05:d2:26:d1:22:46:b8:3e:1c:54:41:44:d3:21:
         b3:e1:42:66:c4:9a:3f:d7:31:a4:1e:d8:03:e3:57:a8:40:2c:
         1f:94:27:b3:7c:43:00:ca:a9:94:22:92:75:6d:e8:bc:70:01:
         c3:38:e9:ae:75:33:ce:4a:96:e7:65:a2:76:ef:bc:8d:fb:d0:
         1d:01:ad:72:6d:de:79:ae:f6:da:1b:d1:71:a6:32:a0:df:01:
         77:e3:71:f1:4c:8d:b4:c9:58:f5:b0:60:74:08:aa:6a:ee:41:
         5b:90:d0:9f:91:a2:a0:6b:bd:ea:21:48:10:7b:6c:2d:db:4d:
         3d:31:16:98:b1:0c:74:11:a9:a5:ce:5b:9f:78:50:25:89:9e:
         70:d1:a0:4f:fa:93:95:93:0a:01:7f:a4:d7:17:a9:9e:81:67:
         9f:fc:40:93:fc:66:bb:d4:92:fa:42:91:22:34:3e:f2:0d:a1:
         db:f2:dc:62:d1:27:bc:74:5d:90:02:51:d2:70:e8:de:04:bf:
         63:a8:90:d0:73:87:6e:f9:ce:c3:12:16:db:23:8e:f3:bc:ca:
         f5:0b:41:b1:1b:25:30:4e:30:f8:87:99:a3:4a:47:41:f5:82:
         fb:65:4d:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnuIZaDO1p9XI1ROfg2joMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMzQ2NTQzNzY2OWNlNTg2MjYxYTA2NmNjNGFkMWVhNDY0
ZWI2NjMwHhcNMjUwOTA3MTAwMDM5WhcNMjUwOTA4MTAwMDM5WjAzMTEwLwYDVQQD
EyhjMGI3MjhkODMyMWZjZDk0NmY5ODE2MDdhMTA4Y2IwNDUwNTYyNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxdtf6MtqH1aAoYcHFUkK0yqmCpQ
rQhMahkhOQcZ9RZwdRN97goHZ1qRZMzmrynrbm9tCcjiEl/UYxMeaRkJFr4dYZLy
UbAjpTXQnr/rw1ELJhVdLedneheceSxaXZpx9XvEaZvszNwgEal7yawvk1Kulgmq
jXEsGXkIUE+HJKr16QwnRcDYuIHVgADzdtRI0I5F6X4ARp+I0XsvHlEiTksjhKJ9
CkYMJiRn3vDbOKUVvBEtTkPvFxmWfOidpJaRm6c+vrvpA8hXORf95Hdmy7Sds23U
FYelFdmFeLgI5js01Sv7jifkt1opXAmioJUs0oUVNZb55801cDAclwhRIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMC3KNgyH82Ub5gWB6EIywRQViZmMB8GA1UdIwQY
MBaAFK80ZUN2ac5YYmGgZsxK0epGTrZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQt
NjBjZjY2MGFkNTMzLzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQtNjBjZjY2MGFkNTMz
LzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAIETvc8z
8TVfj87GVOfiloANe0EnUQXSJtEiRrg+HFRBRNMhs+FCZsSaP9cxpB7YA+NXqEAs
H5Qns3xDAMqplCKSdW3ovHABwzjprnUzzkqW52Widu+8jfvQHQGtcm3eea722hvR
caYyoN8Bd+Nx8UyNtMlY9bBgdAiqau5BW5DQn5GioGu96iFIEHtsLdtNPTEWmLEM
dBGppc5bn3hQJYmecNGgT/qTlZMKAX+k1xepnoFnn/xAk/xmu9SS+kKRIjQ+8g2h
2/LcYtEnvHRdkAJR0nDo3gS/Y6iQ0HOHbvnOwxIW2yOO87zK9QtBsRslME4w+IeZ
o0pHQfWC+2VNjQ==
-----END CERTIFICATE-----