Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          1FxsR+mQL1woDCuq13PK8BdGxqU4kn5wi7D8pFLsc+g=
Subject key identifier:   B7:EA:5D:39:F7:8E:D2:62:9F:69:79:9D:F1:9F:96:74:66:6A:95:8C
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       019A7293A5762C5085A6F38BA922471328C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0B58
Signing time:             Tue 11 Nov 2025 11:01:09 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:09 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:09 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: G1Hv0YV1sFlnsW1gj3ceG5ISHOfDXbk5UNC/wp/JL4w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:a5:76:2c:50:85:a6:f3:8b:a9:22:47:13:28:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Nov 11 11:01:09 2025 GMT
            Not After : Nov 12 11:01:09 2025 GMT
        Subject: CN=b7ea5d39f78ed2629f69799df19f9674666a958c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:17:05:21:db:7a:b0:30:56:24:38:61:74:73:
                    21:30:53:24:05:2b:34:38:02:b1:56:78:35:9a:e0:
                    95:10:67:1a:52:57:06:47:13:49:73:2f:23:db:da:
                    3d:d7:8b:be:8b:d5:c2:c1:da:48:8d:96:4e:55:e1:
                    64:32:79:68:e4:0c:6c:a9:c7:1e:f7:d8:9a:e8:c4:
                    a9:81:3d:c9:c8:12:4d:18:e6:06:5c:21:8f:93:58:
                    94:21:0d:5c:c7:51:e0:e2:28:78:fd:27:11:f7:b9:
                    ec:6f:00:a4:79:3e:e2:8a:61:d5:43:c7:af:46:34:
                    61:ad:0d:2f:4b:64:c0:93:29:b0:5e:f5:90:67:37:
                    80:b8:f8:3e:5d:d1:a9:6d:81:f8:bf:a8:d4:e4:17:
                    60:5b:4c:fa:94:69:88:09:68:69:84:ef:8f:e9:df:
                    e2:11:d6:01:70:7d:46:c2:ba:34:72:ab:6f:4e:68:
                    76:68:34:6a:13:9d:c3:f3:0d:8e:31:70:bb:2a:cb:
                    0c:59:35:67:fb:48:30:44:f8:85:28:3a:32:dc:fc:
                    67:5f:be:e5:5e:01:bc:77:97:e9:98:cd:dc:b8:f7:
                    7d:f2:35:b0:0d:99:81:1c:37:a9:5e:eb:d0:49:6b:
                    ff:00:1c:57:31:a9:fd:ab:f5:a7:ef:6e:c5:5c:a3:
                    31:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:EA:5D:39:F7:8E:D2:62:9F:69:79:9D:F1:9F:96:74:66:6A:95:8C
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:39:32:b3:9a:26:87:10:fc:d9:26:54:2b:0c:2e:fe:e4:a8:
         75:ea:ed:4d:9c:c4:f0:90:9e:34:e8:0d:75:28:db:c6:04:e0:
         ac:b2:8d:08:99:cf:39:17:a3:35:02:b4:3d:a2:e8:09:0f:92:
         9f:5e:5f:20:80:4c:dc:2b:89:d6:10:3e:d9:33:8f:ec:75:ef:
         f1:4f:13:1c:e9:34:10:96:31:5f:c7:27:7b:d6:7c:c9:99:78:
         54:6a:a4:59:81:b4:e2:71:d2:00:1e:91:82:24:ef:fb:f9:a8:
         ca:b6:7f:05:07:5b:d8:31:50:0d:6c:25:53:89:de:74:af:99:
         84:55:31:e6:fa:8b:0f:3a:95:dc:a8:95:76:b2:10:f3:6d:5e:
         19:7e:34:16:cb:48:74:13:f2:de:99:50:87:4d:ee:1c:84:ed:
         5c:a0:01:a9:2b:50:a7:5e:8c:04:20:53:53:2b:27:ad:a9:dd:
         80:f3:83:3c:da:6b:ba:e8:3d:f6:48:58:6b:24:b1:f2:b4:b3:
         c0:09:75:09:1f:3e:ef:da:8a:ef:c2:83:82:67:2e:11:8d:9b:
         3f:c8:b0:1f:b1:4b:3d:02:27:21:5f:4f:cc:0f:5a:58:cf:9b:
         b7:c3:50:74:a1:79:0b:6a:03:f3:bf:7f:0a:b1:9b:c1:d1:09:
         f3:30:15:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk6V2LFCFpvOLqSJHEyjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjUxMTExMTEwMTA5WhcNMjUxMTEyMTEwMTA5WjAzMTEwLwYDVQQD
EyhiN2VhNWQzOWY3OGVkMjYyOWY2OTc5OWRmMTlmOTY3NDY2NmE5NThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRcFIdt6sDBWJDhhdHMhMFMkBSs0
OAKxVng1muCVEGcaUlcGRxNJcy8j29o914u+i9XCwdpIjZZOVeFkMnlo5Axsqcce
99ia6MSpgT3JyBJNGOYGXCGPk1iUIQ1cx1Hg4ih4/ScR97nsbwCkeT7iimHVQ8ev
RjRhrQ0vS2TAkymwXvWQZzeAuPg+XdGpbYH4v6jU5BdgW0z6lGmICWhphO+P6d/i
EdYBcH1Gwro0cqtvTmh2aDRqE53D8w2OMXC7KssMWTVn+0gwRPiFKDoy3PxnX77l
XgG8d5fpmM3cuPd98jWwDZmBHDepXuvQSWv/ABxXMan9q/Wn727FXKMxHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfqXTn3jtJin2l5nfGflnRmapWMMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABzkys5om
hxD82SZUKwwu/uSodertTZzE8JCeNOgNdSjbxgTgrLKNCJnPORejNQK0PaLoCQ+S
n15fIIBM3CuJ1hA+2TOP7HXv8U8THOk0EJYxX8cne9Z8yZl4VGqkWYG04nHSAB6R
giTv+/moyrZ/BQdb2DFQDWwlU4nedK+ZhFUx5vqLDzqV3KiVdrIQ821eGX40FstI
dBPy3plQh03uHITtXKABqStQp16MBCBTUysnrandgPODPNpruug99khYaySx8rSz
wAl1CR8+79qK78KDgmcuEY2bP8iwH7FLPQInIV9PzA9aWM+bt8NQdKF5C2oD879/
CrGbwdEJ8zAVVg==
-----END CERTIFICATE-----