Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
File:                     zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft (raw, json)
Hash identifier:          OHI6WggiMv3WD5H8V7BC5OV1yLNlAr6oWhI/AfUHpmQ=
Subject key identifier:   EA:14:E1:E9:A3:F1:CE:70:2D:58:96:71:63:4B:49:F3:13:D6:EB:03
Authority key identifier: CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A
Certificate issuer:       /CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
Certificate serial:       019A72260AA52FD1700B85BFC9F729220F07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
Manifest number:          032E
Signing time:             Tue 11 Nov 2025 09:01:26 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:26 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:26 +0000
Files and hashes:         1: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl (hash: Uut9puINEELgBtVB42FRbfjSJ8fIW8NVQd5W34WZwfc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:0a:a5:2f:d1:70:0b:85:bf:c9:f7:29:22:0f:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a
        Validity
            Not Before: Nov 11 09:01:26 2025 GMT
            Not After : Nov 12 09:01:26 2025 GMT
        Subject: CN=ea14e1e9a3f1ce702d589671634b49f313d6eb03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:75:fa:7d:6f:83:9a:d7:47:ef:16:46:55:80:
                    8d:cc:8d:17:78:d1:8c:e7:92:65:01:cb:a5:c6:f5:
                    89:f3:0b:58:37:db:9e:ff:66:44:1e:19:7e:ad:0b:
                    f5:5b:04:2c:9f:e5:52:16:8b:57:51:fe:99:d7:fb:
                    36:6a:f9:5d:a1:e9:64:49:2f:c3:be:1c:6b:bf:96:
                    dc:b3:af:52:58:77:1f:cb:38:aa:34:47:7b:48:01:
                    8b:d8:f2:fe:bf:3a:01:a4:ce:e8:0f:84:c1:93:20:
                    fb:62:80:1a:77:5a:91:11:51:eb:c9:75:b2:0b:1e:
                    ef:b7:d1:51:9c:6c:a2:9a:f1:34:1e:b8:a7:ff:b5:
                    62:4f:24:30:16:6e:18:ad:49:85:67:12:d4:63:95:
                    74:56:63:ba:67:43:c6:12:b0:01:da:02:6b:e6:bc:
                    3d:be:ed:33:b0:e1:71:bd:3f:d1:14:5c:20:4c:6a:
                    f7:9a:c7:5d:3e:52:f2:f1:01:8e:69:4d:0a:3d:b1:
                    5b:2f:9b:ec:b1:09:6a:55:bd:4b:21:2a:1a:3e:fc:
                    1c:bd:85:c9:66:e6:51:c0:d8:d5:48:5a:35:a7:86:
                    65:0a:df:70:cd:08:6f:5d:e7:cd:1c:38:96:b1:91:
                    ce:1b:76:ce:b0:77:d6:67:34:70:8a:3c:92:9c:2c:
                    c7:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:14:E1:E9:A3:F1:CE:70:2D:58:96:71:63:4B:49:F3:13:D6:EB:03
            X509v3 Authority Key Identifier:
                keyid:CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:49:24:3a:91:09:cd:e2:59:7c:b9:da:e3:d2:df:58:71:e3:
         b6:94:67:f5:35:9e:8c:ab:f7:b1:8c:cf:ef:49:ce:6a:17:ac:
         6f:8b:85:1c:be:25:b6:a5:1a:ef:2d:99:e6:05:66:aa:0c:79:
         dc:aa:94:e2:2d:d4:df:36:93:11:93:ca:99:17:eb:d9:b7:9b:
         ff:4f:f8:1a:76:ad:e1:84:c2:53:ce:9e:3b:1f:86:89:f3:d0:
         8c:f8:ad:ff:63:d3:bb:a7:71:81:e2:90:e8:0c:67:79:d5:48:
         98:00:74:6e:b2:6d:99:9c:9f:2b:32:ad:71:96:14:f5:18:25:
         3d:ea:77:33:45:5e:91:30:08:03:c3:a5:f2:19:47:72:bf:44:
         29:cb:e3:3a:6b:d5:d1:85:77:e3:c5:2d:8a:f0:92:00:6e:8e:
         07:8a:6f:97:ad:de:29:02:40:6f:1b:e7:72:ba:ab:33:5d:22:
         96:5c:b0:8b:39:ef:5e:a5:68:80:bc:ef:3a:40:44:e2:85:d0:
         11:c7:8b:eb:34:54:55:33:54:8d:f5:77:b8:a1:75:9e:f6:1f:
         05:0a:18:55:64:ed:f2:5a:c8:3f:bd:b4:30:b0:45:bd:bb:67:
         32:9d:8e:fe:2d:69:67:8b:5b:96:99:bd:bc:81:10:19:d3:b8:
         ba:6c:85:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJgqlL9FwC4W/yfcpIg8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlODFlMmQ1NmZkOWYxOTMyZGJjMGYyMTYzMjk5NDJmZTIz
Zjc1NWEwHhcNMjUxMTExMDkwMTI2WhcNMjUxMTEyMDkwMTI2WjAzMTEwLwYDVQQD
EyhlYTE0ZTFlOWEzZjFjZTcwMmQ1ODk2NzE2MzRiNDlmMzEzZDZlYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3X6fW+DmtdH7xZGVYCNzI0XeNGM
55JlAculxvWJ8wtYN9ue/2ZEHhl+rQv1WwQsn+VSFotXUf6Z1/s2avldoelkSS/D
vhxrv5bcs69SWHcfyziqNEd7SAGL2PL+vzoBpM7oD4TBkyD7YoAad1qREVHryXWy
Cx7vt9FRnGyimvE0Hrin/7ViTyQwFm4YrUmFZxLUY5V0VmO6Z0PGErAB2gJr5rw9
vu0zsOFxvT/RFFwgTGr3msddPlLy8QGOaU0KPbFbL5vssQlqVb1LISoaPvwcvYXJ
ZuZRwNjVSFo1p4ZlCt9wzQhvXefNHDiWsZHOG3bOsHfWZzRwijySnCzHjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOoU4emj8c5wLViWcWNLSfMT1usDMB8GA1UdIwQY
MBaAFM6B4tVv2fGTLbwPIWMplC/iP3VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2Mt
OTQ5M2E3NGI1Zjc1LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2MtOTQ5M2E3NGI1Zjc1
LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASkkkOpEJ
zeJZfLna49LfWHHjtpRn9TWejKv3sYzP70nOahesb4uFHL4ltqUa7y2Z5gVmqgx5
3KqU4i3U3zaTEZPKmRfr2beb/0/4Gnat4YTCU86eOx+GifPQjPit/2PTu6dxgeKQ
6AxnedVImAB0brJtmZyfKzKtcZYU9RglPep3M0VekTAIA8Ol8hlHcr9EKcvjOmvV
0YV348UtivCSAG6OB4pvl63eKQJAbxvncrqrM10illywiznvXqVogLzvOkBE4oXQ
EceL6zRUVTNUjfV3uKF1nvYfBQoYVWTt8lrIP720MLBFvbtnMp2O/i1pZ4tblpm9
vIEQGdO4umyFcw==
-----END CERTIFICATE-----