Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          C30N6OOukqm696YFMcLpI6/TgSjP0LYcYrMulLO/RJ4=
Subject key identifier:   70:47:46:64:7D:D3:8A:01:69:4C:40:B8:67:45:26:23:E7:E0:4E:F9
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       0198820C1836394722AF4ED5A00F3EE783E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          148B
Signing time:             Thu 07 Aug 2025 01:01:27 +0000
Manifest this update:     Thu 07 Aug 2025 01:01:27 +0000
Manifest next update:     Fri 08 Aug 2025 01:01:27 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: 0ghqpevOohmM2/sOYu7vvrutU+CWLTOFaVn4HIA6sLg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:82:0c:18:36:39:47:22:af:4e:d5:a0:0f:3e:e7:83:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Aug  7 01:01:27 2025 GMT
            Not After : Aug  8 01:01:27 2025 GMT
        Subject: CN=704746647dd38a01694c40b867452623e7e04ef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ed:b1:e5:98:07:0b:80:36:ec:00:e0:a7:76:
                    97:b0:79:ea:88:bc:d6:f2:f2:ea:b2:05:68:5a:21:
                    f6:76:ba:84:4d:ab:ba:4e:16:8c:47:e5:d4:60:4b:
                    60:de:a9:53:96:9f:c6:2d:96:0d:36:76:f4:50:cf:
                    86:9b:9f:14:bf:e4:8e:60:79:8e:26:a1:62:72:3c:
                    e6:23:7b:c6:37:88:f4:76:08:99:40:1f:22:0a:36:
                    f6:7c:51:3d:b6:7f:cc:3e:52:82:2a:04:01:26:de:
                    e3:d0:3a:72:2c:05:fb:00:9c:13:7a:91:c0:53:83:
                    76:db:37:07:b0:49:ef:22:74:be:67:c9:0c:3b:33:
                    60:b0:36:01:76:18:c0:17:c3:5f:9c:b8:17:88:0e:
                    f8:2d:97:a1:aa:92:2a:ac:4b:0d:98:64:23:29:49:
                    58:92:72:7b:ec:1f:57:de:ee:05:d9:a2:d7:93:82:
                    a2:7c:c8:bd:04:82:7d:e1:aa:e9:03:52:f3:88:3c:
                    88:fc:7a:58:97:ad:f9:f1:fe:13:ca:b3:b6:82:a1:
                    31:72:d1:1f:2a:1b:8d:16:72:f1:89:49:10:64:d5:
                    23:38:c2:d9:37:0b:87:43:34:bd:ff:20:33:56:ed:
                    1d:ea:0f:be:f9:23:e7:c3:43:6b:43:ad:73:6b:38:
                    5e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:47:46:64:7D:D3:8A:01:69:4C:40:B8:67:45:26:23:E7:E0:4E:F9
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:12:ec:13:fd:d4:24:e2:6e:ba:af:27:a6:2d:43:02:ed:3d:
         38:34:55:1a:63:95:6f:e1:81:57:52:61:f3:bd:7c:cb:43:88:
         ae:4c:f4:b5:2e:6c:cd:c0:f8:34:7b:56:39:77:63:18:f3:36:
         c5:5b:45:88:e6:3e:c6:78:fa:0b:85:cf:88:1f:f3:e7:fc:1d:
         0f:b0:6f:ea:87:6a:69:e5:8e:50:6c:04:9e:90:3c:a6:1c:03:
         75:40:b5:c6:9e:46:85:55:db:0b:53:bb:bc:b6:eb:7a:a2:ca:
         88:b8:f5:40:ba:f8:82:3c:c4:e3:ca:29:e2:6c:10:7c:ba:28:
         64:1e:c9:42:88:9b:b3:22:06:90:0e:ea:3e:89:52:af:55:b5:
         83:60:9e:6c:a3:a2:29:83:b4:97:aa:3f:f2:2b:26:17:55:55:
         30:97:78:73:54:64:f6:f9:86:8c:d0:ca:c4:66:d9:eb:93:f6:
         d3:51:3e:8a:06:84:00:c6:71:b5:37:33:5e:4a:38:b8:3c:b7:
         6a:57:76:df:c4:9f:96:ad:11:9b:40:8d:16:e9:58:2a:c8:ce:
         b9:d0:db:02:6d:08:d5:5b:e1:6e:2f:c1:ca:41:cb:b4:92:16:
         de:b9:a1:ac:3a:b4:1b:64:31:71:d4:41:55:f2:cc:cc:01:25:
         16:d1:4b:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiCDBg2OUcir07VoA8+54PgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUwODA3MDEwMTI3WhcNMjUwODA4MDEwMTI3WjAzMTEwLwYDVQQD
Eyg3MDQ3NDY2NDdkZDM4YTAxNjk0YzQwYjg2NzQ1MjYyM2U3ZTA0ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe2x5ZgHC4A27ADgp3aXsHnqiLzW
8vLqsgVoWiH2drqETau6ThaMR+XUYEtg3qlTlp/GLZYNNnb0UM+Gm58Uv+SOYHmO
JqFicjzmI3vGN4j0dgiZQB8iCjb2fFE9tn/MPlKCKgQBJt7j0DpyLAX7AJwTepHA
U4N22zcHsEnvInS+Z8kMOzNgsDYBdhjAF8NfnLgXiA74LZehqpIqrEsNmGQjKUlY
knJ77B9X3u4F2aLXk4KifMi9BIJ94arpA1LziDyI/HpYl6358f4TyrO2gqExctEf
KhuNFnLxiUkQZNUjOMLZNwuHQzS9/yAzVu0d6g+++SPnw0NrQ61zazhegwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBHRmR904oBaUxAuGdFJiPn4E75MB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMBLsE/3U
JOJuuq8npi1DAu09ODRVGmOVb+GBV1Jh8718y0OIrkz0tS5szcD4NHtWOXdjGPM2
xVtFiOY+xnj6C4XPiB/z5/wdD7Bv6odqaeWOUGwEnpA8phwDdUC1xp5GhVXbC1O7
vLbreqLKiLj1QLr4gjzE48op4mwQfLooZB7JQoibsyIGkA7qPolSr1W1g2CebKOi
KYO0l6o/8ismF1VVMJd4c1Rk9vmGjNDKxGbZ65P201E+igaEAMZxtTczXko4uDy3
ald238Sflq0Rm0CNFulYKsjOudDbAm0I1Vvhbi/BykHLtJIW3rmhrDq0G2QxcdRB
VfLMzAElFtFLDA==
-----END CERTIFICATE-----