Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
File:                     z32kMRhYgiWjduwhScczbEYzZEA.mft (raw, json)
Hash identifier:          51a4hNXiFE8zjFSMlVq2zmKSBUztGOHiYsKYhFz8hQY=
Subject key identifier:   25:1C:6B:C4:53:6A:6D:C9:36:56:A8:92:46:CF:CA:93:27:71:00:B1
Authority key identifier: CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40
Certificate issuer:       /CN=cf7da43118588225a376ec2149c7336c46336440
Certificate serial:       019A4EF4A0AE0727729AE5AF0A2FD65F23AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
Manifest number:          0F2B
Signing time:             Tue 04 Nov 2025 13:00:46 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:46 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:46 +0000
Files and hashes:         1: z32kMRhYgiWjduwhScczbEYzZEA.crl (hash: CwOc4LbBaxRIOU/VDOc2gukxIafPDO79wOpeTr4QYvU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:a0:ae:07:27:72:9a:e5:af:0a:2f:d6:5f:23:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7da43118588225a376ec2149c7336c46336440
        Validity
            Not Before: Nov  4 13:00:46 2025 GMT
            Not After : Nov  5 13:00:46 2025 GMT
        Subject: CN=251c6bc4536a6dc93656a89246cfca93277100b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:14:48:31:52:2e:36:c7:e2:a1:ae:09:72:89:
                    66:d9:2c:fc:7c:05:23:6a:82:6d:e6:bc:9d:68:de:
                    a0:b3:dd:d9:d6:5b:7d:5c:43:ee:05:de:66:61:24:
                    fb:2e:ac:13:ad:3e:24:e7:d7:58:c9:34:dd:68:c2:
                    85:c4:34:bc:96:96:51:ad:83:43:5e:c3:e8:21:0e:
                    73:32:c3:c1:62:84:13:cd:e2:22:91:4b:84:a0:24:
                    c2:eb:91:5c:a1:4a:3e:d1:b9:07:82:2c:3d:16:af:
                    14:54:be:76:0e:da:9c:b2:fb:d3:07:17:53:63:91:
                    f9:0c:90:a3:ad:b6:d8:f2:dc:b6:2d:54:a3:ea:63:
                    53:82:aa:89:2b:0f:07:0e:db:53:bc:aa:53:f2:48:
                    9d:0e:3f:d7:49:d7:c1:e7:3d:61:65:d2:82:71:17:
                    42:22:b8:d6:23:5d:89:c3:c7:91:a9:58:02:55:50:
                    e6:49:ea:1c:e2:00:05:c7:b6:d1:fc:4b:07:73:2b:
                    81:d0:d0:46:2f:61:98:b1:f0:da:75:b1:48:43:63:
                    89:e4:99:a8:b3:fe:6c:41:78:63:f8:2d:02:a5:36:
                    5b:98:66:f8:bc:e4:3f:78:69:ec:38:09:30:13:8f:
                    50:c6:a5:41:58:52:f0:fa:a2:78:2d:49:02:51:37:
                    a1:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:1C:6B:C4:53:6A:6D:C9:36:56:A8:92:46:CF:CA:93:27:71:00:B1
            X509v3 Authority Key Identifier:
                keyid:CF:7D:A4:31:18:58:82:25:A3:76:EC:21:49:C7:33:6C:46:33:64:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z32kMRhYgiWjduwhScczbEYzZEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e4a75-cb58-44aa-9dd5-c5f17eab41d5/1/z32kMRhYgiWjduwhScczbEYzZEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:72:4e:37:5b:ce:99:7f:f1:dd:7a:ca:12:d7:31:fd:52:e4:
         03:4b:08:34:6a:cb:3c:42:1b:62:4c:f3:56:6a:b8:0f:f1:6d:
         c3:2c:85:7c:5a:96:0d:43:ef:8d:16:a3:80:64:66:fa:80:f2:
         27:42:18:fe:80:e2:7e:d6:76:01:bf:63:ef:0a:c7:57:78:b8:
         6c:dd:04:34:43:53:3a:f6:41:f8:af:03:a1:4e:c4:26:d3:d1:
         4e:16:a4:ef:84:db:e6:98:a7:56:49:27:b9:80:6b:82:bd:2a:
         4c:0d:99:7a:37:b8:0f:f0:07:2f:7c:4a:dc:37:70:bf:60:fc:
         37:5f:a9:1a:94:8f:4a:3a:46:5b:d8:d9:8f:f9:4d:2e:44:3e:
         e8:ef:7e:5d:0e:7a:0f:bf:fe:63:1f:4c:27:b2:2d:7b:21:fd:
         d5:cb:a3:d8:66:a2:8f:ac:b6:36:66:f9:f1:61:f8:f7:b0:9c:
         27:68:65:5c:8f:90:2e:21:0d:68:29:d2:9d:b4:ea:85:4c:c3:
         83:3f:f8:11:9b:1b:5d:0a:71:e2:f1:38:10:cc:8c:a0:12:8b:
         ea:ea:92:30:62:bc:a6:7c:90:89:46:41:5f:1c:70:39:0f:e5:
         6f:8f:69:a0:11:97:dc:3a:56:f7:74:fc:5c:60:9d:31:db:da:
         43:fc:73:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9KCuBydymuWvCi/WXyOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2RhNDMxMTg1ODgyMjVhMzc2ZWMyMTQ5YzczMzZjNDYz
MzY0NDAwHhcNMjUxMTA0MTMwMDQ2WhcNMjUxMTA1MTMwMDQ2WjAzMTEwLwYDVQQD
EygyNTFjNmJjNDUzNmE2ZGM5MzY1NmE4OTI0NmNmY2E5MzI3NzEwMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRRIMVIuNsfioa4Jcolm2Sz8fAUj
aoJt5rydaN6gs93Z1lt9XEPuBd5mYST7LqwTrT4k59dYyTTdaMKFxDS8lpZRrYND
XsPoIQ5zMsPBYoQTzeIikUuEoCTC65FcoUo+0bkHgiw9Fq8UVL52DtqcsvvTBxdT
Y5H5DJCjrbbY8ty2LVSj6mNTgqqJKw8HDttTvKpT8kidDj/XSdfB5z1hZdKCcRdC
IrjWI12Jw8eRqVgCVVDmSeoc4gAFx7bR/EsHcyuB0NBGL2GYsfDadbFIQ2OJ5Jmo
s/5sQXhj+C0CpTZbmGb4vOQ/eGnsOAkwE49QxqVBWFLw+qJ4LUkCUTehJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUca8RTam3JNlaokkbPypMncQCxMB8GA1UdIwQY
MBaAFM99pDEYWIIlo3bsIUnHM2xGM2RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUt
YzVmMTdlYWI0MWQ1LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wZTRhNzUtY2I1OC00NGFhLTlkZDUtYzVmMTdlYWI0MWQ1
LzEvejMya01SaFlnaVdqZHV3aFNjY3piRVl6WkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmnJON1vO
mX/x3XrKEtcx/VLkA0sINGrLPEIbYkzzVmq4D/FtwyyFfFqWDUPvjRajgGRm+oDy
J0IY/oDiftZ2Ab9j7wrHV3i4bN0ENENTOvZB+K8DoU7EJtPRThak74Tb5pinVkkn
uYBrgr0qTA2Zeje4D/AHL3xK3Ddwv2D8N1+pGpSPSjpGW9jZj/lNLkQ+6O9+XQ56
D7/+Yx9MJ7IteyH91cuj2Gaij6y2Nmb58WH497CcJ2hlXI+QLiENaCnSnbTqhUzD
gz/4EZsbXQpx4vE4EMyMoBKL6uqSMGK8pnyQiUZBXxxwOQ/lb49poBGX3DpW93T8
XGCdMdvaQ/xzdQ==
-----END CERTIFICATE-----