Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft
File:                     z5dREMc5t0-E1BcDxIgoMnJ73cw.mft (raw, json)
Hash identifier:          3lyc8AAjPRn1XZJJ4mD/BhNQtP05My6JYcWy8Mmm9C4=
Subject key identifier:   87:90:96:07:09:3A:A6:DB:76:F0:1B:CC:77:DC:F9:04:38:30:F6:75
Authority key identifier: CF:97:51:10:C7:39:B7:4F:84:D4:17:03:C4:88:28:32:72:7B:DD:CC
Certificate issuer:       /CN=cf975110c739b74f84d41703c4882832727bddcc
Certificate serial:       019A4D06EE82C9DDA866E95E40DDD46503E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z5dREMc5t0-E1BcDxIgoMnJ73cw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft
Manifest number:          1699
Signing time:             Tue 04 Nov 2025 04:01:31 +0000
Manifest this update:     Tue 04 Nov 2025 04:01:31 +0000
Manifest next update:     Wed 05 Nov 2025 04:01:31 +0000
Files and hashes:         1: z5dREMc5t0-E1BcDxIgoMnJ73cw.crl (hash: NwVlG+SQG+FRcTYpkbO/ufRaHWcOyNvwfpUU8q0vPFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z5dREMc5t0-E1BcDxIgoMnJ73cw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:06:ee:82:c9:dd:a8:66:e9:5e:40:dd:d4:65:03:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf975110c739b74f84d41703c4882832727bddcc
        Validity
            Not Before: Nov  4 04:01:31 2025 GMT
            Not After : Nov  5 04:01:31 2025 GMT
        Subject: CN=87909607093aa6db76f01bcc77dcf9043830f675
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:42:e6:18:1e:b0:f0:68:cb:71:87:6c:ae:00:
                    72:f4:dd:f6:27:f1:24:e9:5d:25:db:19:8a:fd:96:
                    a1:db:42:91:b7:c8:a5:fd:71:26:83:48:5a:de:1c:
                    a7:95:63:0f:8a:52:e8:fd:ab:98:63:c2:47:aa:de:
                    c9:b8:af:be:15:00:19:ed:db:ef:3b:2a:43:a7:37:
                    9c:44:5c:17:e6:67:51:45:ca:ef:d4:11:c2:47:ed:
                    9f:2c:16:94:cc:23:37:d9:22:a6:5a:77:e7:38:90:
                    11:43:c5:60:44:2d:dc:b9:a3:7c:a4:c2:f9:7e:2e:
                    2c:94:d5:71:a1:47:19:15:08:a7:29:73:b7:81:ec:
                    74:c3:d5:09:d2:b1:f1:81:87:5a:cf:9e:79:a0:9c:
                    5b:a8:14:64:4a:b8:49:77:5e:3c:67:b8:4b:28:8d:
                    bf:91:97:2a:7c:2d:ef:63:82:93:09:2d:8b:5f:f8:
                    f2:47:ad:aa:0d:e2:22:88:d0:6d:12:41:01:8e:2f:
                    0d:f9:30:47:b4:d2:8d:f3:83:97:96:82:ba:a6:af:
                    3f:5c:3e:35:33:b7:17:39:5f:4b:c0:ed:96:9f:69:
                    aa:1b:e7:7c:65:3c:ee:38:9b:48:ee:87:22:1d:70:
                    f0:a8:a7:cc:63:93:9a:bf:19:52:b8:d8:ce:da:10:
                    73:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:90:96:07:09:3A:A6:DB:76:F0:1B:CC:77:DC:F9:04:38:30:F6:75
            X509v3 Authority Key Identifier:
                keyid:CF:97:51:10:C7:39:B7:4F:84:D4:17:03:C4:88:28:32:72:7B:DD:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z5dREMc5t0-E1BcDxIgoMnJ73cw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/78764b-95eb-40c0-ad04-dab68fd8786b/1/z5dREMc5t0-E1BcDxIgoMnJ73cw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:bb:f3:14:d6:81:75:b8:6c:5f:5b:63:f1:54:9d:16:ee:c8:
         0c:19:e9:25:66:66:22:a6:e9:dc:aa:71:05:28:ae:7a:9d:cf:
         19:38:99:73:aa:16:1a:09:72:f7:7f:75:3e:ca:d1:e1:24:de:
         af:b1:ec:f8:10:02:d2:05:1d:e2:cd:98:72:7c:f3:97:88:fe:
         6b:99:07:d1:8f:8b:47:95:65:b0:59:a8:56:a5:6c:b8:62:5f:
         80:35:a2:83:cd:04:a4:e6:e0:fb:a2:bd:6d:18:7d:c5:83:b8:
         c5:a9:03:12:6e:9b:40:18:e4:d9:39:c9:1f:c6:0e:c4:3b:ce:
         e5:4d:9a:fa:5c:1e:54:e5:c0:e8:21:bd:fe:ef:19:0c:07:56:
         42:f3:c3:78:31:7a:89:f6:8d:f9:11:c9:68:fa:85:2a:04:a9:
         a0:13:d4:79:7e:04:bc:ee:e7:31:13:b6:8f:57:13:30:f1:fa:
         e7:54:40:a6:bf:89:07:4f:7b:b7:d5:7d:45:d5:b3:ea:95:4b:
         aa:82:18:46:f1:3f:c2:e1:1c:a0:ab:87:46:ef:8b:5e:86:59:
         88:07:aa:dc:e9:17:37:e3:7a:91:34:a4:13:9f:7d:40:59:c7:
         92:8d:7d:c8:ae:aa:82:65:d8:60:1f:89:9a:3e:dc:df:8b:5e:
         25:89:1e:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBu6Cyd2oZuleQN3UZQPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOTc1MTEwYzczOWI3NGY4NGQ0MTcwM2M0ODgyODMyNzI3
YmRkY2MwHhcNMjUxMTA0MDQwMTMxWhcNMjUxMTA1MDQwMTMxWjAzMTEwLwYDVQQD
Eyg4NzkwOTYwNzA5M2FhNmRiNzZmMDFiY2M3N2RjZjkwNDM4MzBmNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0LmGB6w8GjLcYdsrgBy9N32J/Ek
6V0l2xmK/Zah20KRt8il/XEmg0ha3hynlWMPilLo/auYY8JHqt7JuK++FQAZ7dvv
OypDpzecRFwX5mdRRcrv1BHCR+2fLBaUzCM32SKmWnfnOJARQ8VgRC3cuaN8pML5
fi4slNVxoUcZFQinKXO3gex0w9UJ0rHxgYdaz555oJxbqBRkSrhJd148Z7hLKI2/
kZcqfC3vY4KTCS2LX/jyR62qDeIiiNBtEkEBji8N+TBHtNKN84OXloK6pq8/XD41
M7cXOV9LwO2Wn2mqG+d8ZTzuOJtI7ociHXDwqKfMY5OavxlSuNjO2hBz4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIeQlgcJOqbbdvAbzHfc+QQ4MPZ1MB8GA1UdIwQY
MBaAFM+XURDHObdPhNQXA8SIKDJye93MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejVkUkVNYzV0MC1FMUJjRHhJZ29Nbko3M2N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy83ODc2NGItOTVlYi00MGMwLWFkMDQt
ZGFiNjhmZDg3ODZiLzEvejVkUkVNYzV0MC1FMUJjRHhJZ29Nbko3M2N3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy83ODc2NGItOTVlYi00MGMwLWFkMDQtZGFiNjhmZDg3ODZi
LzEvejVkUkVNYzV0MC1FMUJjRHhJZ29Nbko3M2N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPbvzFNaB
dbhsX1tj8VSdFu7IDBnpJWZmIqbp3KpxBSiuep3PGTiZc6oWGgly9391PsrR4STe
r7Hs+BAC0gUd4s2Ycnzzl4j+a5kH0Y+LR5VlsFmoVqVsuGJfgDWig80EpObg+6K9
bRh9xYO4xakDEm6bQBjk2TnJH8YOxDvO5U2a+lweVOXA6CG9/u8ZDAdWQvPDeDF6
ifaN+RHJaPqFKgSpoBPUeX4EvO7nMRO2j1cTMPH651RApr+JB097t9V9RdWz6pVL
qoIYRvE/wuEcoKuHRu+LXoZZiAeq3OkXN+N6kTSkE599QFnHko19yK6qgmXYYB+J
mj7c34teJYkeJw==
-----END CERTIFICATE-----