Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
File:                     Z3NwPrTqs2ernekaKsQe4yAUAw8.mft (raw, json)
Hash identifier:          ymb2oEV4qmVhO+UM8OiR8Bs5JbsdWFF+kXWjgIXuENI=
Subject key identifier:   60:EF:60:85:45:6A:B7:CA:35:4E:05:75:7C:6C:EC:4F:2A:35:BC:E6
Authority key identifier: 67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F
Certificate issuer:       /CN=6773703eb4eab367ab9de91a2ac41ee32014030f
Certificate serial:       019A54BF2144732808ABBC1FE772BB9FAACB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
Manifest number:          09D8
Signing time:             Wed 05 Nov 2025 16:00:03 +0000
Manifest this update:     Wed 05 Nov 2025 16:00:03 +0000
Manifest next update:     Thu 06 Nov 2025 16:00:03 +0000
Files and hashes:         1: Z3NwPrTqs2ernekaKsQe4yAUAw8.crl (hash: q1koWFDnMd1w1mus3M0vsCZm/jujPu+S9eKqv+O/Jfc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 16:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:bf:21:44:73:28:08:ab:bc:1f:e7:72:bb:9f:aa:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6773703eb4eab367ab9de91a2ac41ee32014030f
        Validity
            Not Before: Nov  5 16:00:03 2025 GMT
            Not After : Nov  6 16:00:03 2025 GMT
        Subject: CN=60ef6085456ab7ca354e05757c6cec4f2a35bce6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:4f:85:76:83:a7:8d:c8:04:db:ab:53:2e:73:
                    19:ee:7a:4d:19:e1:e5:75:cf:ab:3a:43:70:13:c1:
                    5b:72:41:34:79:60:43:5a:42:f4:d8:90:fc:0a:6e:
                    cb:07:7b:82:02:1c:51:38:76:d2:a3:d0:a8:47:7a:
                    db:9e:52:04:9a:22:09:40:7f:c0:7a:6f:7c:c7:ca:
                    69:fa:b4:19:70:62:7f:9d:8c:92:4b:c9:68:bc:a4:
                    93:05:00:e4:62:71:fa:ae:9e:60:03:5f:2d:2b:9a:
                    c4:0f:33:23:a2:13:fa:aa:42:c4:1e:b7:1a:3d:e0:
                    5b:d2:11:d6:44:bc:8d:57:b6:6f:b4:58:9e:69:e9:
                    93:a8:02:00:4a:58:15:ae:e0:d6:c1:4d:af:df:72:
                    8a:12:37:38:49:47:22:58:53:9d:bf:65:04:86:2e:
                    b5:43:a7:fa:e0:25:63:f6:09:b4:f4:93:a3:b0:4b:
                    db:5d:fd:21:df:41:aa:3f:49:b0:6a:f5:8d:60:e3:
                    2e:aa:25:51:0e:6f:6b:fd:80:e7:a3:62:06:f9:44:
                    ca:76:3c:bf:95:e2:43:d2:6a:bc:d3:0d:1d:15:5a:
                    24:0a:f4:45:19:98:4e:85:6c:26:5e:2b:14:24:05:
                    e8:82:0a:4c:fe:92:5c:18:cf:bf:c9:96:2c:a5:2e:
                    26:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:EF:60:85:45:6A:B7:CA:35:4E:05:75:7C:6C:EC:4F:2A:35:BC:E6
            X509v3 Authority Key Identifier:
                keyid:67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:f5:80:bd:d2:91:80:fe:7b:1c:47:c4:6f:68:e2:fc:31:47:
         be:db:a9:ef:e7:af:2f:d9:10:f1:b5:7e:4a:8f:1c:c1:9b:95:
         52:e2:7b:bd:21:1a:27:aa:8b:2e:be:e6:bf:6a:42:40:49:93:
         48:74:09:be:62:77:b3:5c:5e:06:a0:17:4a:2c:4c:5f:c9:b2:
         75:44:f1:58:72:35:42:de:88:11:96:b8:ce:03:6c:4f:1c:20:
         30:5c:11:26:85:c2:b4:0e:e0:a0:12:56:8b:c7:38:6f:b0:bd:
         9b:d1:27:bf:f0:f9:f5:05:4b:99:ae:6b:69:6a:d6:9e:ef:e3:
         3a:4a:d0:e3:c4:63:c9:f5:2c:21:db:15:8a:7d:af:8c:da:df:
         a5:66:79:df:b4:b6:33:34:2a:17:44:bb:5d:01:7d:52:2e:91:
         6d:3d:e1:49:f3:69:f0:f7:ec:2f:3c:b9:5d:b5:e9:65:fe:01:
         f5:bd:ec:7a:f6:e6:1a:f0:f2:56:de:86:c7:9a:c3:e8:ae:b5:
         5a:48:6c:7f:0c:2c:f5:ea:de:0f:b7:2b:91:c6:39:00:6d:5d:
         3d:81:67:c1:97:83:f3:11:ea:5f:5d:55:f2:49:29:8c:b0:d1:
         0e:35:61:99:24:d4:b2:af:60:38:bf:19:f7:aa:f0:b9:f6:f8:
         db:e3:d6:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUvyFEcygIq7wf53K7n6rLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzM3MDNlYjRlYWIzNjdhYjlkZTkxYTJhYzQxZWUzMjAx
NDAzMGYwHhcNMjUxMTA1MTYwMDAzWhcNMjUxMTA2MTYwMDAzWjAzMTEwLwYDVQQD
Eyg2MGVmNjA4NTQ1NmFiN2NhMzU0ZTA1NzU3YzZjZWM0ZjJhMzViY2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk+FdoOnjcgE26tTLnMZ7npNGeHl
dc+rOkNwE8FbckE0eWBDWkL02JD8Cm7LB3uCAhxROHbSo9CoR3rbnlIEmiIJQH/A
em98x8pp+rQZcGJ/nYySS8lovKSTBQDkYnH6rp5gA18tK5rEDzMjohP6qkLEHrca
PeBb0hHWRLyNV7ZvtFieaemTqAIASlgVruDWwU2v33KKEjc4SUciWFOdv2UEhi61
Q6f64CVj9gm09JOjsEvbXf0h30GqP0mwavWNYOMuqiVRDm9r/YDno2IG+UTKdjy/
leJD0mq80w0dFVokCvRFGZhOhWwmXisUJAXoggpM/pJcGM+/yZYspS4mhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDvYIVFarfKNU4FdXxs7E8qNbzmMB8GA1UdIwQY
MBaAFGdzcD606rNnq53pGirEHuMgFAMPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYt
NDdmZWJiMGFjMjU5LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYtNDdmZWJiMGFjMjU5
LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGPWAvdKR
gP57HEfEb2ji/DFHvtup7+evL9kQ8bV+So8cwZuVUuJ7vSEaJ6qLLr7mv2pCQEmT
SHQJvmJ3s1xeBqAXSixMX8mydUTxWHI1Qt6IEZa4zgNsTxwgMFwRJoXCtA7goBJW
i8c4b7C9m9Env/D59QVLma5raWrWnu/jOkrQ48RjyfUsIdsVin2vjNrfpWZ537S2
MzQqF0S7XQF9Ui6RbT3hSfNp8PfsLzy5XbXpZf4B9b3sevbmGvDyVt6Gx5rD6K61
Wkhsfwws9ereD7crkcY5AG1dPYFnwZeD8xHqX11V8kkpjLDRDjVhmSTUsq9gOL8Z
96rwufb42+PWog==
-----END CERTIFICATE-----