Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          NFfsUzaObWZPdzWSGciiJNbLtMERSWAtN4zsjb+SRTg=
Subject key identifier:   0A:3C:FD:3F:7A:72:79:B8:B5:C9:88:68:CF:61:72:DB:1C:34:79:E1
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       0199228C861F7506BC4188C7A913B73F52FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          0AAA
Signing time:             Sun 07 Sep 2025 05:00:58 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:58 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:58 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: 8ZBeAz5yOos5gz1ou1bR+qt3r7MeYVf49/nHaZGYb2M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:86:1f:75:06:bc:41:88:c7:a9:13:b7:3f:52:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: Sep  7 05:00:58 2025 GMT
            Not After : Sep  8 05:00:58 2025 GMT
        Subject: CN=0a3cfd3f7a7279b8b5c98868cf6172db1c3479e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:44:0b:82:37:11:3c:a1:e4:5e:c3:ca:56:ae:
                    90:f1:89:ac:60:17:a2:53:c7:30:07:1b:2e:71:6e:
                    be:05:30:fc:0c:10:82:1d:80:46:3f:4b:4e:bb:4e:
                    09:a4:69:7a:e2:3b:da:4d:cf:15:6c:04:24:eb:4f:
                    5d:77:0a:fd:cf:1e:cb:a9:7e:b7:ae:f0:9a:c4:01:
                    1c:49:00:89:1c:6a:ba:7e:2f:84:23:72:d0:90:41:
                    52:bd:cd:7c:52:b0:70:a0:19:bf:d3:d8:e3:b4:41:
                    cd:c5:6e:ee:7d:3b:15:a6:12:d2:99:ef:12:94:dd:
                    06:46:b1:72:68:a0:a7:69:14:46:e4:bc:55:c7:15:
                    e3:71:bf:54:18:91:fa:13:83:32:d1:9f:f0:12:62:
                    13:6a:97:61:fd:ad:37:69:92:63:02:e0:cd:fc:6e:
                    f5:c0:0a:2b:11:7a:ca:01:00:f8:d2:e3:4e:b7:e5:
                    ed:1d:48:40:5e:b4:42:d1:3b:59:7e:f2:b5:ce:e4:
                    3c:92:a9:62:a8:d3:86:52:9d:06:0e:2c:6f:84:5b:
                    c9:46:7f:71:f3:97:5b:ea:93:9f:73:3a:c2:3d:d7:
                    26:98:83:5b:10:74:6f:a0:2d:20:eb:bb:08:d7:d9:
                    9c:36:bd:bb:0f:68:46:86:d2:68:3a:65:30:59:b7:
                    1f:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:3C:FD:3F:7A:72:79:B8:B5:C9:88:68:CF:61:72:DB:1C:34:79:E1
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:9b:ec:e2:7b:60:28:e7:e5:d8:a3:65:17:ca:8d:81:74:c2:
         36:4e:b3:dd:f8:14:dc:3c:8a:a6:ee:bf:d8:fe:c0:e8:ed:53:
         61:63:d0:f7:83:24:0d:b1:fc:22:b3:73:be:cd:48:fe:be:8b:
         6d:72:c0:e3:14:2a:cc:a0:58:74:03:5b:76:67:c4:a5:ac:b5:
         bc:f6:76:7f:d7:72:dd:34:32:ca:57:f0:98:ec:4d:e9:76:1f:
         f0:79:e8:82:ac:8d:41:78:ce:b6:91:03:cb:2f:fb:d6:65:4d:
         3b:1f:c5:3f:8b:c7:b3:06:0a:38:8b:09:6f:46:9c:24:f8:08:
         5a:8e:e7:2d:3f:fd:9a:94:2d:c0:ad:d9:99:65:85:5e:01:3a:
         db:fe:58:21:4d:93:f2:f3:85:0f:c4:e1:e1:36:bb:52:2c:ef:
         3d:f0:0a:6f:a7:b2:d0:2f:2d:0d:67:1e:04:79:6b:85:16:63:
         d1:60:f8:e1:f5:1a:d4:cc:09:57:62:ca:d3:de:8a:f8:72:30:
         a6:5b:3e:4b:8a:56:0e:22:25:bc:aa:61:03:9b:79:1b:fa:9c:
         fa:87:cb:27:b3:38:3c:de:d1:76:7e:61:da:08:e5:a4:f1:15:
         a4:14:bc:ab:93:ae:b6:21:71:2f:57:0e:da:4b:7e:9a:a3:ab:
         34:0c:cb:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijIYfdQa8QYjHqRO3P1L+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjUwOTA3MDUwMDU4WhcNMjUwOTA4MDUwMDU4WjAzMTEwLwYDVQQD
EygwYTNjZmQzZjdhNzI3OWI4YjVjOTg4NjhjZjYxNzJkYjFjMzQ3OWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEQLgjcRPKHkXsPKVq6Q8YmsYBei
U8cwBxsucW6+BTD8DBCCHYBGP0tOu04JpGl64jvaTc8VbAQk609ddwr9zx7LqX63
rvCaxAEcSQCJHGq6fi+EI3LQkEFSvc18UrBwoBm/09jjtEHNxW7ufTsVphLSme8S
lN0GRrFyaKCnaRRG5LxVxxXjcb9UGJH6E4My0Z/wEmITapdh/a03aZJjAuDN/G71
wAorEXrKAQD40uNOt+XtHUhAXrRC0TtZfvK1zuQ8kqliqNOGUp0GDixvhFvJRn9x
85db6pOfczrCPdcmmINbEHRvoC0g67sI19mcNr27D2hGhtJoOmUwWbcf1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAo8/T96cnm4tcmIaM9hctscNHnhMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcZvs4ntg
KOfl2KNlF8qNgXTCNk6z3fgU3DyKpu6/2P7A6O1TYWPQ94MkDbH8IrNzvs1I/r6L
bXLA4xQqzKBYdANbdmfEpay1vPZ2f9dy3TQyylfwmOxN6XYf8HnogqyNQXjOtpED
yy/71mVNOx/FP4vHswYKOIsJb0acJPgIWo7nLT/9mpQtwK3ZmWWFXgE62/5YIU2T
8vOFD8Th4Ta7UizvPfAKb6ey0C8tDWceBHlrhRZj0WD44fUa1MwJV2LK096K+HIw
pls+S4pWDiIlvKphA5t5G/qc+ofLJ7M4PN7Rdn5h2gjlpPEVpBS8q5OutiFxL1cO
2kt+mqOrNAzLFA==
-----END CERTIFICATE-----