Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
File:                     ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json)
Hash identifier:          lLdadXpav7gS400iu1fDPNln0BAKf7ixRCd7F5twYKs=
Subject key identifier:   36:2F:FE:37:8A:22:81:1E:0E:D0:AE:C8:44:FE:D7:34:BC:74:99:46
Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16
Certificate issuer:       /CN=654d692160dd4627038799297d47751480d07f16
Certificate serial:       019A4F98E4ACDB09173E2D160D7F66CF3AB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
Manifest number:          157A
Signing time:             Tue 04 Nov 2025 16:00:11 +0000
Manifest this update:     Tue 04 Nov 2025 16:00:11 +0000
Manifest next update:     Wed 05 Nov 2025 16:00:11 +0000
Files and hashes:         1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: IBXwwqFa1/AtAtF2XCiCCaY3GP/C9UTNSMYmpKbqHvE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:98:e4:ac:db:09:17:3e:2d:16:0d:7f:66:cf:3a:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=654d692160dd4627038799297d47751480d07f16
        Validity
            Not Before: Nov  4 16:00:11 2025 GMT
            Not After : Nov  5 16:00:11 2025 GMT
        Subject: CN=362ffe378a22811e0ed0aec844fed734bc749946
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:7a:ee:06:4f:b6:81:f4:df:7c:be:8f:6d:26:
                    ac:3f:5b:68:8d:f8:94:ca:89:de:ef:40:5d:ee:be:
                    47:e1:94:1b:73:bd:c2:af:69:e4:19:c9:1f:a2:19:
                    a7:bd:72:0a:54:d6:0f:35:3a:61:e4:63:7f:6e:74:
                    dd:c2:e4:c3:71:15:60:65:72:3b:df:d4:31:50:40:
                    db:8c:b8:d6:58:08:a8:00:0e:70:b4:c8:f0:61:87:
                    f5:43:fc:28:4d:ec:5b:33:7f:6f:63:aa:87:e3:3d:
                    c3:64:2e:10:60:ee:2b:e1:06:f8:cb:6c:35:73:1c:
                    6e:2b:cd:d8:19:23:a5:20:98:d3:2f:f9:9b:15:1c:
                    37:11:c5:df:b1:23:1d:b1:a8:2f:d4:05:ea:38:7c:
                    ec:4e:d2:30:f9:d4:16:ca:bd:7b:f0:c7:1c:5a:45:
                    75:b4:95:71:f7:b9:bd:a8:b5:45:ff:e0:67:6e:f7:
                    fa:90:ac:5b:16:84:86:71:50:fa:28:22:4e:1c:6e:
                    50:22:2b:2a:73:08:f9:05:2b:45:84:36:dd:d7:12:
                    15:a4:c4:f1:40:a2:b9:05:1d:07:bd:00:fd:6c:b8:
                    b8:6b:e5:ce:cd:ec:bc:a6:47:02:61:c2:94:f9:29:
                    8d:20:ed:f0:d8:0c:a6:e3:09:d0:6e:83:c8:ec:bf:
                    86:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:2F:FE:37:8A:22:81:1E:0E:D0:AE:C8:44:FE:D7:34:BC:74:99:46
            X509v3 Authority Key Identifier:
                keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:c6:b8:fe:6d:17:df:8e:16:82:5d:cc:b4:85:07:2f:71:70:
         b3:d2:9d:95:17:03:7d:39:6a:bb:ec:88:1e:dc:63:60:b7:d8:
         6f:ae:40:aa:3e:54:12:b4:4c:98:cb:e9:54:fc:be:c5:88:a9:
         0e:26:e0:90:a8:39:dc:3a:1c:14:f8:5a:7f:d3:45:33:21:fa:
         dd:86:b6:eb:18:ac:11:11:b8:62:e5:41:84:ec:7b:88:1d:57:
         a5:dd:bd:f3:43:bd:d3:ef:9d:07:09:ab:e1:9c:1e:cb:2c:53:
         fd:bf:c4:71:62:46:c8:4c:82:3c:d1:32:bb:00:a4:0b:ba:b3:
         59:61:1f:b1:11:b7:b7:48:b3:e9:29:f6:aa:16:d2:92:84:50:
         a2:7d:9f:07:11:9d:01:22:0f:15:97:0a:92:5f:99:ed:b9:d8:
         f3:fa:60:29:d4:5a:91:6a:88:2a:db:96:0f:83:12:bd:e2:b0:
         a1:b3:68:9f:e8:21:83:9a:cf:11:33:30:bc:bc:62:32:04:41:
         d0:ae:2a:a4:35:cf:99:41:d0:cd:e6:90:7d:a4:7d:9f:35:47:
         c1:66:f7:91:42:4b:52:78:25:94:51:99:75:76:58:4c:7a:83:
         d3:4a:a8:41:33:0b:b3:dd:8a:36:12:50:bc:3e:79:92:6e:21:
         ee:e8:b5:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmOSs2wkXPi0WDX9mzzqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk
MDdmMTYwHhcNMjUxMTA0MTYwMDExWhcNMjUxMTA1MTYwMDExWjAzMTEwLwYDVQQD
EygzNjJmZmUzNzhhMjI4MTFlMGVkMGFlYzg0NGZlZDczNGJjNzQ5OTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXruBk+2gfTffL6PbSasP1tojfiU
yone70Bd7r5H4ZQbc73Cr2nkGckfohmnvXIKVNYPNTph5GN/bnTdwuTDcRVgZXI7
39QxUEDbjLjWWAioAA5wtMjwYYf1Q/woTexbM39vY6qH4z3DZC4QYO4r4Qb4y2w1
cxxuK83YGSOlIJjTL/mbFRw3EcXfsSMdsagv1AXqOHzsTtIw+dQWyr178MccWkV1
tJVx97m9qLVF/+Bnbvf6kKxbFoSGcVD6KCJOHG5QIisqcwj5BStFhDbd1xIVpMTx
QKK5BR0HvQD9bLi4a+XOzey8pkcCYcKU+SmNIO3w2Aym4wnQboPI7L+GyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYv/jeKIoEeDtCuyET+1zS8dJlGMB8GA1UdIwQY
MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt
NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk
LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg8a4/m0X
344Wgl3MtIUHL3Fws9KdlRcDfTlqu+yIHtxjYLfYb65Aqj5UErRMmMvpVPy+xYip
DibgkKg53DocFPhaf9NFMyH63Ya26xisERG4YuVBhOx7iB1Xpd2980O90++dBwmr
4ZweyyxT/b/EcWJGyEyCPNEyuwCkC7qzWWEfsRG3t0iz6Sn2qhbSkoRQon2fBxGd
ASIPFZcKkl+Z7bnY8/pgKdRakWqIKtuWD4MSveKwobNon+ghg5rPETMwvLxiMgRB
0K4qpDXPmUHQzeaQfaR9nzVHwWb3kUJLUngllFGZdXZYTHqD00qoQTMLs92KNhJQ
vD55km4h7ui1aQ==
-----END CERTIFICATE-----