Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
File:                     ZQXsmbwMbKl7--a9UkTeywKGbis.mft (raw, json)
Hash identifier:          Kk6YraNYrJIgdg74VXKXPJQdHp3QViLNx2gsmEJdznU=
Subject key identifier:   9A:11:E4:23:B8:EB:55:AE:42:D6:8E:50:11:11:E6:89:AD:29:02:4C
Authority key identifier: 65:05:EC:99:BC:0C:6C:A9:7B:FB:E6:BD:52:44:DE:CB:02:86:6E:2B
Certificate issuer:       /CN=6505ec99bc0c6ca97bfbe6bd5244decb02866e2b
Certificate serial:       019A50E2BC00D093E7B59F7B25FF7F417045
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
Manifest number:          0C02
Signing time:             Tue 04 Nov 2025 22:00:27 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:27 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:27 +0000
Files and hashes:         1: ZQXsmbwMbKl7--a9UkTeywKGbis.crl (hash: yKbmUkZJxFpFBnY3LSLoqZGQI8PuPc1Zvdg4Le2LYnM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:bc:00:d0:93:e7:b5:9f:7b:25:ff:7f:41:70:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6505ec99bc0c6ca97bfbe6bd5244decb02866e2b
        Validity
            Not Before: Nov  4 22:00:27 2025 GMT
            Not After : Nov  5 22:00:27 2025 GMT
        Subject: CN=9a11e423b8eb55ae42d68e501111e689ad29024c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:50:d8:96:05:c6:33:2f:89:7a:f4:66:ed:f1:
                    6a:f5:b5:db:28:7f:ac:18:f0:fe:46:c9:10:25:a8:
                    c9:4b:48:7c:e3:2c:81:ee:7b:65:69:0b:47:6e:52:
                    01:de:cc:f4:77:81:bd:4c:3d:ec:84:e6:6e:90:a3:
                    a8:0b:b0:da:a2:18:0d:cb:e8:37:2f:ee:75:ca:30:
                    9f:c0:64:f2:40:72:8b:e0:3b:d2:a8:56:19:5e:b7:
                    ee:84:c7:fa:d7:ee:0d:8e:d7:8d:01:05:18:83:f7:
                    a6:e2:0d:ca:a9:d7:f2:4c:81:c0:7b:01:95:f4:ad:
                    df:93:9a:34:6e:b5:97:20:42:a2:e9:89:76:ae:a7:
                    80:31:a4:d7:30:3f:10:eb:ed:4f:14:bb:e4:68:b6:
                    f7:60:1e:ea:04:81:70:c5:7e:43:aa:cd:2c:c4:45:
                    62:d7:6a:af:f2:6f:3a:97:51:a7:db:ae:56:77:b0:
                    fd:00:0a:ed:0b:d9:4d:bd:c7:b0:fe:0a:66:b6:46:
                    f4:c9:95:dc:2d:9b:ce:0f:36:49:e5:3e:34:d1:40:
                    58:01:b7:db:60:fa:42:18:83:26:f0:69:78:f1:a8:
                    d0:2a:01:81:24:5f:ca:c3:cb:d0:4f:43:af:b7:4d:
                    3a:1e:e2:c9:29:e4:a2:38:03:cb:1d:42:af:74:2d:
                    dc:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:11:E4:23:B8:EB:55:AE:42:D6:8E:50:11:11:E6:89:AD:29:02:4C
            X509v3 Authority Key Identifier:
                keyid:65:05:EC:99:BC:0C:6C:A9:7B:FB:E6:BD:52:44:DE:CB:02:86:6E:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQXsmbwMbKl7--a9UkTeywKGbis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/58314c-d2cf-48b8-b95a-fda5dd590f16/1/ZQXsmbwMbKl7--a9UkTeywKGbis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:06:57:42:4d:49:7f:d8:b1:19:9b:a5:65:a8:01:1b:15:75:
         94:0c:02:51:d4:84:cf:5a:90:0b:16:3e:32:26:84:8d:1f:c4:
         d5:43:d6:e4:9e:e6:9c:22:e8:c8:69:21:12:a1:c4:e9:fb:7c:
         d0:7a:45:27:8f:33:74:88:56:ef:a0:c3:62:2f:30:2c:7e:9a:
         16:11:29:d5:d8:5c:c0:ce:8a:e1:a7:63:16:de:21:2b:2c:dd:
         62:af:e7:c6:89:75:72:d8:f1:16:d0:21:05:b7:de:b0:0f:6e:
         58:df:9e:77:30:5d:72:7d:59:af:16:db:ed:41:d8:68:77:a5:
         a9:f7:dc:11:4a:a0:9e:c8:ad:56:b0:12:7a:4b:a5:50:e8:d7:
         e5:08:c3:0c:2b:00:a9:83:6c:e9:b4:be:c6:ae:db:c5:c9:4c:
         17:47:10:62:e4:dc:33:9a:da:56:59:46:84:62:8d:94:cb:b0:
         e9:25:a1:6b:a2:f2:d9:9b:3e:f9:e7:6e:c3:4e:c9:c6:86:5d:
         ea:19:4c:f5:00:3f:b8:92:0f:fb:a2:5b:bb:4c:99:2f:b1:49:
         54:ec:33:28:b8:c9:46:8e:88:b1:31:6e:cb:d5:49:94:fe:17:
         44:9b:c2:cf:bc:4f:cf:01:b9:66:db:5b:d7:33:19:35:30:ad:
         09:f4:92:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4rwA0JPntZ97Jf9/QXBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDVlYzk5YmMwYzZjYTk3YmZiZTZiZDUyNDRkZWNiMDI4
NjZlMmIwHhcNMjUxMTA0MjIwMDI3WhcNMjUxMTA1MjIwMDI3WjAzMTEwLwYDVQQD
Eyg5YTExZTQyM2I4ZWI1NWFlNDJkNjhlNTAxMTExZTY4OWFkMjkwMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1DYlgXGMy+JevRm7fFq9bXbKH+s
GPD+RskQJajJS0h84yyB7ntlaQtHblIB3sz0d4G9TD3shOZukKOoC7DaohgNy+g3
L+51yjCfwGTyQHKL4DvSqFYZXrfuhMf61+4NjteNAQUYg/em4g3KqdfyTIHAewGV
9K3fk5o0brWXIEKi6Yl2rqeAMaTXMD8Q6+1PFLvkaLb3YB7qBIFwxX5Dqs0sxEVi
12qv8m86l1Gn265Wd7D9AArtC9lNvcew/gpmtkb0yZXcLZvODzZJ5T400UBYAbfb
YPpCGIMm8Gl48ajQKgGBJF/Kw8vQT0Ovt006HuLJKeSiOAPLHUKvdC3cuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJoR5CO461WuQtaOUBER5omtKQJMMB8GA1UdIwQY
MBaAFGUF7Jm8DGype/vmvVJE3ssChm4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ODMxNGMtZDJjZi00OGI4LWI5NWEt
ZmRhNWRkNTkwZjE2LzEvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ODMxNGMtZDJjZi00OGI4LWI5NWEtZmRhNWRkNTkwZjE2
LzEvWlFYc21id01iS2w3LS1hOVVrVGV5d0tHYmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmQZXQk1J
f9ixGZulZagBGxV1lAwCUdSEz1qQCxY+MiaEjR/E1UPW5J7mnCLoyGkhEqHE6ft8
0HpFJ48zdIhW76DDYi8wLH6aFhEp1dhcwM6K4adjFt4hKyzdYq/nxol1ctjxFtAh
BbfesA9uWN+edzBdcn1Zrxbb7UHYaHelqffcEUqgnsitVrASekulUOjX5QjDDCsA
qYNs6bS+xq7bxclMF0cQYuTcM5raVllGhGKNlMuw6SWha6Ly2Zs++eduw07JxoZd
6hlM9QA/uJIP+6Jbu0yZL7FJVOwzKLjJRo6IsTFuy9VJlP4XRJvCz7xPzwG5Zttb
1zMZNTCtCfSSRg==
-----END CERTIFICATE-----