Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft
File:                     ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft (raw, json)
Hash identifier:          3Y5YudvK/hTvLNz1dniCdOQHKp0qDVkTV5obKmryziI=
Subject key identifier:   F1:2A:2C:C1:7F:85:61:57:29:CE:F6:1B:BF:D3:98:B4:0C:5D:57:BD
Authority key identifier: 65:A0:7D:49:24:68:22:8A:A3:06:A6:6B:05:6A:02:28:C5:52:EC:5C
Certificate issuer:       /CN=65a07d492468228aa306a66b056a0228c552ec5c
Certificate serial:       019A4EF43A02C119F3A904F5745346BA6612
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft
Manifest number:          0E22
Signing time:             Tue 04 Nov 2025 13:00:19 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:19 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:19 +0000
Files and hashes:         1: ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.crl (hash: SaipEbEzg+pqzRX9fWzLHnbWA6t+49ShHrB+h9eBsng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:3a:02:c1:19:f3:a9:04:f5:74:53:46:ba:66:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65a07d492468228aa306a66b056a0228c552ec5c
        Validity
            Not Before: Nov  4 13:00:19 2025 GMT
            Not After : Nov  5 13:00:19 2025 GMT
        Subject: CN=f12a2cc17f85615729cef61bbfd398b40c5d57bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:61:8a:41:a7:36:bf:52:5e:e7:34:a7:a8:87:
                    f9:5c:e7:31:c6:14:8e:13:b3:8e:b3:39:ef:44:f5:
                    b8:9a:f9:eb:d1:23:78:38:9f:be:1d:d3:77:a3:5c:
                    15:63:38:28:ad:09:1c:94:c7:ea:f6:83:cb:1c:6d:
                    c6:94:44:cb:9a:d4:f1:cc:1e:97:66:e5:64:6f:9b:
                    9b:cf:ad:f1:b9:3e:67:b3:0c:86:61:d8:b5:78:1f:
                    b1:50:48:0a:82:a8:07:c4:ca:a9:97:ea:09:4d:e6:
                    32:d8:79:38:77:4d:73:a2:33:6c:9a:d8:ff:21:f5:
                    3e:59:fe:da:9e:23:89:4f:8c:e0:09:cf:67:96:58:
                    e9:4f:99:11:1f:ed:35:ec:72:5b:ca:06:f2:42:d7:
                    10:8e:54:25:b5:8b:83:47:c3:95:e8:56:00:50:6c:
                    de:6b:36:c5:99:a1:78:ba:62:c3:13:db:fb:35:f8:
                    46:6d:08:ac:5b:91:72:48:e2:5d:17:df:fe:87:5c:
                    05:72:a9:9a:d8:a5:d8:89:a8:b0:c7:be:f3:8f:d6:
                    e2:0c:1e:ca:35:cc:36:d1:74:96:89:19:ee:db:8b:
                    73:9f:20:90:95:16:6d:95:75:89:dd:c8:ad:7d:cd:
                    c2:73:f7:4d:6f:64:4a:74:97:c3:b4:1e:08:44:9f:
                    ab:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:2A:2C:C1:7F:85:61:57:29:CE:F6:1B:BF:D3:98:B4:0C:5D:57:BD
            X509v3 Authority Key Identifier:
                keyid:65:A0:7D:49:24:68:22:8A:A3:06:A6:6B:05:6A:02:28:C5:52:EC:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:a1:e9:fe:c2:71:a9:8f:bc:58:dc:44:ce:a3:d4:6b:1e:63:
         87:23:cb:28:10:72:86:15:bd:be:ae:0d:85:13:2d:81:5a:79:
         44:47:8e:68:fb:02:89:d5:d7:06:f1:4b:45:93:5f:39:1c:26:
         74:aa:9a:bc:be:77:64:fa:04:c9:64:63:a4:f4:87:9f:a2:df:
         d9:40:e9:57:b5:2c:93:90:f3:97:0d:9d:49:17:ac:74:95:7e:
         6c:71:00:f4:0f:46:dc:bf:8c:57:63:9e:30:6f:db:fa:be:a5:
         65:f0:3e:a7:35:18:a7:fa:c2:9f:66:6e:b3:a8:d0:e6:59:93:
         be:23:1a:73:f0:ea:b6:3e:6d:a0:fb:d4:f9:cf:73:58:d0:8a:
         de:74:70:4b:79:13:52:89:a8:67:d1:fa:bf:9e:6a:e1:8c:85:
         a7:12:e8:37:6e:cb:62:ad:ae:8d:8e:69:27:d3:38:f7:da:d0:
         22:9e:04:83:c3:ac:34:aa:79:5e:9f:69:e2:8e:2d:14:ad:e7:
         93:cb:79:84:b5:ea:a7:c8:d0:bb:91:48:ef:dd:e7:66:98:71:
         67:61:cb:a8:00:eb:82:00:11:c3:e7:2c:f9:ba:01:b0:4d:73:
         a9:44:aa:e1:09:74:78:5f:91:77:bf:29:fc:48:82:da:23:87:
         b8:fd:89:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9DoCwRnzqQT1dFNGumYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTA3ZDQ5MjQ2ODIyOGFhMzA2YTY2YjA1NmEwMjI4YzU1
MmVjNWMwHhcNMjUxMTA0MTMwMDE5WhcNMjUxMTA1MTMwMDE5WjAzMTEwLwYDVQQD
EyhmMTJhMmNjMTdmODU2MTU3MjljZWY2MWJiZmQzOThiNDBjNWQ1N2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2GKQac2v1Je5zSnqIf5XOcxxhSO
E7OOsznvRPW4mvnr0SN4OJ++HdN3o1wVYzgorQkclMfq9oPLHG3GlETLmtTxzB6X
ZuVkb5ubz63xuT5nswyGYdi1eB+xUEgKgqgHxMqpl+oJTeYy2Hk4d01zojNsmtj/
IfU+Wf7aniOJT4zgCc9nlljpT5kRH+017HJbygbyQtcQjlQltYuDR8OV6FYAUGze
azbFmaF4umLDE9v7NfhGbQisW5FySOJdF9/+h1wFcqma2KXYiaiwx77zj9biDB7K
Ncw20XSWiRnu24tznyCQlRZtlXWJ3citfc3Cc/dNb2RKdJfDtB4IRJ+r1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPEqLMF/hWFXKc72G7/TmLQMXVe9MB8GA1UdIwQY
MBaAFGWgfUkkaCKKowamawVqAijFUuxcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFCOVNTUm9Jb3FqQnFackJXb0NLTVZTN0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8xODMyOTgtZmI5OS00ZThmLTgyNjQt
ZWIwM2JiYTY1YTk2LzEvWmFCOVNTUm9Jb3FqQnFackJXb0NLTVZTN0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8xODMyOTgtZmI5OS00ZThmLTgyNjQtZWIwM2JiYTY1YTk2
LzEvWmFCOVNTUm9Jb3FqQnFackJXb0NLTVZTN0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV6Hp/sJx
qY+8WNxEzqPUax5jhyPLKBByhhW9vq4NhRMtgVp5REeOaPsCidXXBvFLRZNfORwm
dKqavL53ZPoEyWRjpPSHn6Lf2UDpV7Usk5Dzlw2dSResdJV+bHEA9A9G3L+MV2Oe
MG/b+r6lZfA+pzUYp/rCn2Zus6jQ5lmTviMac/Dqtj5toPvU+c9zWNCK3nRwS3kT
UomoZ9H6v55q4YyFpxLoN27LYq2ujY5pJ9M499rQIp4Eg8OsNKp5Xp9p4o4tFK3n
k8t5hLXqp8jQu5FI793nZphxZ2HLqADrggARw+cs+boBsE1zqUSq4Ql0eF+Rd78p
/EiC2iOHuP2JUA==
-----END CERTIFICATE-----