Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          o/eckIHkf2RRSDwIkAafb/MdE7nkvPgjTeL4lRRKdIU=
Subject key identifier:   C7:F8:96:8B:1C:7F:50:05:FE:53:79:DE:E4:B6:98:09:98:2B:84:4A
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       019884315E3C7587FDA7A35DD7EDD8C1643C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          161C
Signing time:             Thu 07 Aug 2025 11:01:24 +0000
Manifest this update:     Thu 07 Aug 2025 11:01:24 +0000
Manifest next update:     Fri 08 Aug 2025 11:01:24 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: 7nDeUvTNe9pOkcX3UpcORLnPqxfb9XK259JwteQF+Pc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 08:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:84:31:5e:3c:75:87:fd:a7:a3:5d:d7:ed:d8:c1:64:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: Aug  7 11:01:24 2025 GMT
            Not After : Aug  8 11:01:24 2025 GMT
        Subject: CN=c7f8968b1c7f5005fe5379dee4b69809982b844a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:53:0c:26:e0:09:59:f1:e1:85:c2:c5:0f:a4:
                    c4:0e:40:7f:4b:82:14:2e:a4:8a:49:fa:93:6a:37:
                    20:f9:49:1b:5f:3c:b5:3b:56:a0:47:c2:ff:b3:18:
                    4f:c5:b5:58:5a:94:9d:dd:a2:de:54:24:ee:51:d9:
                    6e:ca:bc:80:20:65:bf:d9:a1:81:bb:64:fe:0d:44:
                    50:0e:d5:3e:d6:dc:1f:b1:57:50:fe:12:05:b0:7a:
                    0a:fc:ef:b9:58:a4:67:c9:5c:41:2f:67:f3:b6:cf:
                    3b:6e:b4:55:6b:6a:14:52:73:40:2a:e2:b1:ce:97:
                    2b:2b:d0:14:2c:e1:bc:a6:16:0e:76:d9:99:4f:ca:
                    72:7a:7a:d2:b5:e7:16:b6:ea:5a:37:b9:c5:e4:6d:
                    ee:d6:ee:85:39:b0:31:11:e4:c9:93:6e:d8:88:ba:
                    ff:ea:87:09:38:d1:6c:8d:99:f2:42:ec:7a:5a:59:
                    ef:2e:6d:8b:76:1a:66:06:52:b9:57:40:3e:39:69:
                    15:64:ff:7b:7e:15:1c:db:c3:9d:a7:31:ce:2a:73:
                    12:3e:fc:d4:b4:7e:07:15:3f:60:2a:42:3c:ca:97:
                    f3:0f:f0:42:2d:21:96:2e:57:8d:fe:d2:32:48:14:
                    09:a6:75:28:29:6b:77:22:80:c3:a5:8f:2f:f4:3b:
                    68:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:F8:96:8B:1C:7F:50:05:FE:53:79:DE:E4:B6:98:09:98:2B:84:4A
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:de:74:b1:b4:82:f1:91:56:2a:bb:fc:0a:99:d6:ac:81:b5:
         3f:56:7b:88:ad:34:c1:e9:3a:56:93:b1:33:4a:8f:4c:83:79:
         7b:bd:f3:cd:e8:e2:62:22:ff:cd:40:24:5e:f0:80:07:fd:c7:
         be:45:ae:f1:b6:34:12:b4:e3:2e:55:6b:d8:52:ed:33:07:66:
         22:9f:6d:da:5b:dd:b1:ab:f4:39:c0:ad:b8:38:cd:ce:02:ae:
         48:4e:74:df:92:7e:8d:11:f9:af:76:9d:45:d5:9e:d0:4f:af:
         ef:90:ba:bb:76:82:63:6a:09:3d:8b:c8:a2:57:0a:bc:a5:bb:
         c2:ff:2e:0a:7f:e3:82:44:4f:f0:6d:b5:95:b6:9e:cf:21:d0:
         91:10:19:ce:2d:cc:e8:67:dc:c1:cd:a2:14:28:d8:58:59:2f:
         41:b2:51:0a:a4:c1:22:2d:08:3e:c0:07:31:38:ab:3d:e3:6d:
         cd:a2:f9:96:f2:6c:65:0f:29:22:72:27:a1:e3:7b:03:15:c4:
         24:7d:e6:1b:b3:b5:4d:47:f2:2c:df:94:f4:3d:a4:a6:94:ee:
         55:36:da:1d:34:ae:fc:61:29:5e:18:72:34:71:ca:f9:bc:46:
         38:c0:2e:52:f9:a5:90:d2:49:67:2d:07:09:73:d5:a0:4f:a8:
         ea:d9:6a:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiEMV48dYf9p6Nd1+3YwWQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjUwODA3MTEwMTI0WhcNMjUwODA4MTEwMTI0WjAzMTEwLwYDVQQD
EyhjN2Y4OTY4YjFjN2Y1MDA1ZmU1Mzc5ZGVlNGI2OTgwOTk4MmI4NDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1MMJuAJWfHhhcLFD6TEDkB/S4IU
LqSKSfqTajcg+UkbXzy1O1agR8L/sxhPxbVYWpSd3aLeVCTuUdluyryAIGW/2aGB
u2T+DURQDtU+1twfsVdQ/hIFsHoK/O+5WKRnyVxBL2fzts87brRVa2oUUnNAKuKx
zpcrK9AULOG8phYOdtmZT8pyenrStecWtupaN7nF5G3u1u6FObAxEeTJk27YiLr/
6ocJONFsjZnyQux6WlnvLm2LdhpmBlK5V0A+OWkVZP97fhUc28OdpzHOKnMSPvzU
tH4HFT9gKkI8ypfzD/BCLSGWLleN/tIySBQJpnUoKWt3IoDDpY8v9DtoIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMf4loscf1AF/lN53uS2mAmYK4RKMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAut50sbSC
8ZFWKrv8CpnWrIG1P1Z7iK00wek6VpOxM0qPTIN5e73zzejiYiL/zUAkXvCAB/3H
vkWu8bY0ErTjLlVr2FLtMwdmIp9t2lvdsav0OcCtuDjNzgKuSE5035J+jRH5r3ad
RdWe0E+v75C6u3aCY2oJPYvIolcKvKW7wv8uCn/jgkRP8G21lbaezyHQkRAZzi3M
6Gfcwc2iFCjYWFkvQbJRCqTBIi0IPsAHMTirPeNtzaL5lvJsZQ8pInInoeN7AxXE
JH3mG7O1TUfyLN+U9D2kppTuVTbaHTSu/GEpXhhyNHHK+bxGOMAuUvmlkNJJZy0H
CXPVoE+o6tlq6A==
-----END CERTIFICATE-----