Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
File:                     RZzMG7ARYGhoBts1qTNRshs-YNw.mft (raw, json)
Hash identifier:          axAsgEUnhCnu1mKf47GoeRZ6rOhXm370+S/hc0ThDtI=
Subject key identifier:   E5:7A:0B:55:B7:99:DD:83:26:15:44:8E:C2:57:15:3B:5F:66:90:C6
Authority key identifier: 45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC
Certificate issuer:       /CN=459ccc1bb01160686806db35a93351b21b3e60dc
Certificate serial:       019A4E4FCEC23AC2D1751B9A6304A4766D72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
Manifest number:          1482
Signing time:             Tue 04 Nov 2025 10:00:44 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:44 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:44 +0000
Files and hashes:         1: RZzMG7ARYGhoBts1qTNRshs-YNw.crl (hash: Qtust3WTXBGeTDsYv8bTNuT1GS0xe1ui/pMNEvt05G8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:ce:c2:3a:c2:d1:75:1b:9a:63:04:a4:76:6d:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=459ccc1bb01160686806db35a93351b21b3e60dc
        Validity
            Not Before: Nov  4 10:00:44 2025 GMT
            Not After : Nov  5 10:00:44 2025 GMT
        Subject: CN=e57a0b55b799dd832615448ec257153b5f6690c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:2d:66:55:b8:33:ad:e1:7a:28:2b:25:74:30:
                    d8:40:1d:b7:97:e5:b6:03:95:7c:2f:07:b2:fe:72:
                    43:5f:c9:36:c5:3c:9b:be:94:25:04:c6:41:37:72:
                    7c:f9:ac:f9:f2:83:4c:dc:d2:b0:db:dd:6e:c8:5f:
                    1e:9c:dc:da:8d:46:8d:8a:89:9d:a6:47:b3:f3:56:
                    66:7f:3f:b6:c4:34:f3:94:1a:83:48:f4:26:4e:f4:
                    74:09:57:07:6e:2c:eb:39:16:8a:4b:a0:cd:d5:e5:
                    30:1f:e7:55:e0:a2:3c:a2:92:33:4d:34:4c:04:37:
                    d7:12:e8:e3:40:e3:3d:af:30:60:e3:d8:6d:bc:b1:
                    b6:d9:60:e6:0d:83:e3:03:dd:fe:34:ea:62:6a:44:
                    9b:fc:c1:07:1b:0f:57:b7:61:1b:a0:59:67:3f:f0:
                    4a:b6:34:2d:ba:38:24:b4:5b:72:c9:c7:b8:47:18:
                    15:c7:41:49:fe:ec:8b:74:8e:8d:c1:59:51:f1:aa:
                    b5:5c:89:f5:08:c2:db:a3:a6:f3:a9:ef:45:6f:4c:
                    9a:89:ac:f8:fe:a1:2e:47:cb:6b:4e:d9:27:82:b9:
                    f6:93:c1:b8:9e:59:ea:dc:b1:50:f5:c5:02:41:c4:
                    ad:62:fe:41:ab:c1:5a:6b:25:40:e3:37:37:fe:c1:
                    d1:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:7A:0B:55:B7:99:DD:83:26:15:44:8E:C2:57:15:3B:5F:66:90:C6
            X509v3 Authority Key Identifier:
                keyid:45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:91:30:d2:e1:40:19:3c:ba:74:0a:36:2d:70:ba:1f:e8:62:
         e6:d9:c1:c6:b6:4d:c6:e0:10:0a:93:1b:26:d6:bc:6f:51:8e:
         a9:dd:94:32:dd:61:44:a0:69:ea:b9:be:e9:e9:53:72:79:e3:
         db:71:b3:35:13:7e:20:28:c0:c2:9f:32:ca:9c:4c:5c:a7:de:
         32:16:db:88:d7:6e:dd:82:54:29:47:f0:db:60:4b:92:86:a3:
         3c:e5:6d:75:70:e9:b2:c3:d7:f2:6e:26:8e:16:1d:21:2e:ee:
         05:ef:72:ec:70:3f:cd:61:8d:20:2d:13:9b:66:9b:c3:9b:e7:
         66:5c:ce:f4:1f:84:75:0f:a2:af:87:be:8f:11:ec:b7:a4:ba:
         8e:60:9f:2d:b9:de:2b:8b:ac:7e:85:0d:69:e0:2e:18:01:b5:
         21:eb:c1:75:77:c3:38:10:fc:1c:27:1f:1e:96:f3:13:d8:cd:
         fd:9c:1b:b9:96:b5:cf:6c:93:5a:de:30:fd:91:b7:1c:92:7e:
         8b:8b:c6:61:78:19:92:02:f3:dd:3b:d7:75:d1:f8:36:5b:03:
         40:7a:19:92:c0:4a:93:ce:3b:9a:17:23:4c:67:c2:07:8d:45:
         a1:f7:1d:05:49:f0:00:d8:0d:b5:41:ad:64:59:58:ae:f5:25:
         aa:96:d5:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT87COsLRdRuaYwSkdm1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWNjYzFiYjAxMTYwNjg2ODA2ZGIzNWE5MzM1MWIyMWIz
ZTYwZGMwHhcNMjUxMTA0MTAwMDQ0WhcNMjUxMTA1MTAwMDQ0WjAzMTEwLwYDVQQD
EyhlNTdhMGI1NWI3OTlkZDgzMjYxNTQ0OGVjMjU3MTUzYjVmNjY5MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4i1mVbgzreF6KCsldDDYQB23l+W2
A5V8Lwey/nJDX8k2xTybvpQlBMZBN3J8+az58oNM3NKw291uyF8enNzajUaNiomd
pkez81Zmfz+2xDTzlBqDSPQmTvR0CVcHbizrORaKS6DN1eUwH+dV4KI8opIzTTRM
BDfXEujjQOM9rzBg49htvLG22WDmDYPjA93+NOpiakSb/MEHGw9Xt2EboFlnP/BK
tjQtujgktFtyyce4RxgVx0FJ/uyLdI6NwVlR8aq1XIn1CMLbo6bzqe9Fb0yaiaz4
/qEuR8trTtkngrn2k8G4nlnq3LFQ9cUCQcStYv5Bq8FaayVA4zc3/sHR3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOV6C1W3md2DJhVEjsJXFTtfZpDGMB8GA1UdIwQY
MBaAFEWczBuwEWBoaAbbNakzUbIbPmDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMt
NjQ3M2IwOTJhYWRkLzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMtNjQ3M2IwOTJhYWRk
LzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKJEw0uFA
GTy6dAo2LXC6H+hi5tnBxrZNxuAQCpMbJta8b1GOqd2UMt1hRKBp6rm+6elTcnnj
23GzNRN+ICjAwp8yypxMXKfeMhbbiNdu3YJUKUfw22BLkoajPOVtdXDpssPX8m4m
jhYdIS7uBe9y7HA/zWGNIC0Tm2abw5vnZlzO9B+EdQ+ir4e+jxHst6S6jmCfLbne
K4usfoUNaeAuGAG1IevBdXfDOBD8HCcfHpbzE9jN/ZwbuZa1z2yTWt4w/ZG3HJJ+
i4vGYXgZkgLz3TvXddH4NlsDQHoZksBKk847mhcjTGfCB41FofcdBUnwANgNtUGt
ZFlYrvUlqpbVZA==
-----END CERTIFICATE-----